The phishing email may also direct you to a spoofed website or pop-up window, which looks exactly like the real site. Phishing is an increasingly common type of scam in which personal data such as credit card numbers and online banking passwords are stolen for fraudulent use.
The fraudster sends "spoofed" emails that appear to come from a legitimate website that you have online dealings with such as a bank, credit card company or an ISP - any site which requires users to have a personal identity or account. The email may ask you to reply with your account details in order to "update security" or for some other reason.
site’s login page, but has been set up for the sole purpose of stealing personal information. Unsuspecting people are then often fooled into handing over credit card numbers, passwords or other personal details.
If you are using Internet banking or any other online account, you should be aware of these attacks and how to protect against them.
The following points may help you protect yourself:
1. Never respond to emails that request personal information
At IDBI, we would never ask for your personal details through an email. Nor would we ask for your password through any means, online or offline. If any of our bank personnel asks you for your password, do not disclose it and report him or her immediately to us.
2. Keep your password top secret and change them often
Changing passwords often helps in protecting your account even if inadvertently you may have disclosed it to someone.
3. Never use cyber cafes to access your online accounts
PCs at cyber cafes may be infested with viruses and Trojans that can capture and transmit your personal data to fraudsters. The easiest way to grab information is key logging softwares. Beware of typing passwords on unknown PCs.
4. Keep your computer secure
Some phishing emails or other spam may contain software that can record information on your internet activities (spyware) or open a 'backdoor' to allow hackers access to your computer (Trojans). Installing anti-virus software and keeping it up to date will help detect and disable malicious software, while using anti-spam software will stop phishing emails from reaching you. It is also important, particularly for users with a broadband connection, to install a firewall. This will help keep the information on your computer secure while blocking communication from unwanted sources. Make sure you keep up to date and download the latest security patches for your browser. If you don't have any patches installed, visit your browser's website, for example users of Internet Explorer should go to the Microsoft website.
5. Check the website you are visiting is secure
Before submitting your bank details or other sensitive information there are a couple of checks you can do to help ensure the site uses encryption to protect your personal data:
If the address bar is visible, the URL should start with ‘https://’ (‘s’ for secured) rather that the usual ‘http://’.
If the address bar is not visible as in our Internet Banking website, look for a lock icon on the browser's status bar. You can check the level of encryption, expressed in bits, by hovering over the icon with your cursor.
Note that the fact that the website is using encryption doesn't necessarily mean that the website is legitimate. It only tells you that data is being sent in encrypted form.
6. Validate the SSL Certificate
If you are in any doubt, click on the lock icon at the bottom of the secured page. This opens up a new window, displaying the SSL certificate information. Ensure that there is no red cross mark preceding the title ‘Certificate Information’. It should also be ‘Issues to: www.idbibank.co.in. You can get more information by clicking on the other tabs in the certificate window.
Following the above steps would help you in protect yourself. However, please remember, fraudsters are always trying to stay a step ahead. To ensure that you remain protected at all times.
Never let anyone know your PINS or passwords, do not write them down.
Do not use the same password for all your online accounts.
Avoid opening or replying to spam emails as this will give the sender confirmation they have reached a live address.
Above all, use common sense when reading emails. If something seems implausible or too good to be true, then it probably is.