Safety Security Tips

Be wary of unsolicited emails/phone calls/SMS/social media messages, to trick you into submitting your confidential information such as User ID, Password, Debit Card number or other related information. Fraudsters use convincing methods that mislead you into submitting your confidential information which then may be used by them to carry out fraudulent transactions or impersonate you.

Since email sender address can be spoofed easily, the “From” line may appear to be from someone that you know. The messages may appear to come from organizations such as bank, Income tax or RBI. Links on a Phishing email leads you to a bogus website and can either present you with a form for entering sensitive personal information or download viruses or other software to compromise your computer.

Example extracts from Phishing messages

• “From: customercare@xyzbank.com
  Dear Customer, We suspect an unauthorized usage of your card and have blocked it temporarily. To re-enable your card, please click on https://xyzbank.com/activate as soon as possible and input your card number and PIN.
  
  Regards
  Customer Care
  XYZ Bank”
• “Your account was used to purchase goods xyz. If you have done the purchase, ignore this mail. If you did not carry out this purchase, go to https://xyzbank.com , login with your account id and password and cancel the transaction within 24 hours.”

DCB Bank will never ask you to share your confidential data and so never reply to or click on links provided in such emails or give away details on phone. If you are unsure about such messages, notify on customercare@dcbbank.com.

Fraudsters may use skimming devices, key loggers and cameras on ATM’s and Point-of-Sale(POS) devices to capture information stored on the card and the PIN that you enter. These may then be used to create cloned cards for carrying out fraudulent purchases.

To protect yourself from card frauds,

• Scrutinize the ATM for any skimming devices and other alterations before inserting your card and entering the PIN.
• Do not let your card go out of your sight during a POS transaction.
• Never give your card number and PIN to anybody, even to personnel purportedly calling from bank.
• Avoid using your card at doubtful merchant sites and establishments.
• Report stolen or lost cards immediately to bank.
• Ask your bank for chip and pin cards, photo imprinted cards, virtual one-time-use cards.

There are many ways for spammers to find legitimate email addresses and once found and verified, they are permanently updated in their databases. Spammers then sell these email addresses to fraudsters who use it to carry out various scams.

Spam mails often make offers that seem too good to be true and because of this many unsuspecting people fall for it and get defrauded.

Examples of email scam:

Lottery scam:- You receive a message that claims you have won a lottery and needs you to do a wire transfer first to cover incidental expenses.
Imposter scam:- You get a message from someone claiming to be a family member or friend and needs you to transfer funds to get them out of the grave trouble they are in.
Money mule scam: You get a message to receive money in your bank account and forward it to a third-party account in exchange for a commission. Fraudsters use this scheme to route illegal funds.

To protect yourself from email scams,

• Limit spam from coming into your mailbox, use a junk/anti-spam filter
• Do not trust unsolicited email.
• Treat email attachments with caution.
• Safeguard your personal information such as mobile number, bank account number. Do not provide them to unknown entities.

Your mobile/smart-phone is now becoming an important part of your banking activity. Your mobile banking application runs on it. It is also a medium for receiving one-time passwords, alerts and other important messages.

A fraudster armed with your personal information sourced using various methods submits a request to the telecom operator to issue a duplicate SIM that shares the same number. In this way all your messages are sent to the fraudster also. A SIM swap fraud is in most cases carried out alongside a Phishing attack for the purposes completing an unauthorized fund transfer.

There are some of the steps you can take to detect and limit damages due to SIM swap fraud:

• If you are not having network connectivity, not receiving calls or SMS for long periods, or if you are receiving many unknown calls, enquire with your telecom operator. Inform bank as immediately.
• Never switch off your smart-phone otherwise the tampering of connection would go un-noticed.
• Check bank statements regularly to detect unauthorized transactions.
• Register for both SMS and email transactional alerts.

If your contacts get emails from your account and you are not aware of it or if your social media accounts have posts that you didn’t make or if you cannot login into your email account then it’s likely that your email account has been hacked or taken over by a fraudster. Inform your contacts and bank about the incident immediately.

Important communications sent to your email can be used by fraudster to steal your identity or send out emails to banks requesting for fund transfer.

To prevent your email account getting hacked,

• Use a strong password, install antivirus and keep all software on your computer updated.
• Use two-factor authentication if your email service provider supports it.
• Do not login into public computers or use open wi-fi networks to login to your email account.
• Do not click on links in email or open attachments unless you know who sent them.

Contact your email service provider to reclaim your email account. Once you are having your account back, recheck settings such as recovery email id and mobile number, password recovery hints and email forwarding settings.

Identity theft happens when fraudster uses your personal information to open banking accounts, make purchases online or commit other crimes with intent of not getting caught and redirect law enforcement towards you.

Check your account statements regularly. If you suddenly stop receiving your monthly bills or account statements, or getting statements/notifications for another person or get charged for something that you did not purchase, someone else might be using your identity.

To protect against Identity theft,

• Secure your personal information by restrict others from accessing them. In today’s connected world, it may be difficult to carry out transactional activities without sharing in some instances, your photo identification, address, mobile number, date of birth and in some cases, bank account number and so, only deal with trusted and well known entities and before sharing data, enquire as to how these entities are maintaining privacy of your personal data.
• Do not post any personal details of yourself on social media sites such as Facebook or Linkedin.
• If you are a victim of identity theft, report to your bank, credit bureaus and your other service providers immediately and also register a complaint with law enforcement.