What we are discussing here is related to vishing, also known as voice phishing. Several instances have occurred wherein people receive phone calls that appear to be from their bank. The caller usually pretends to be a bank representative or someone from the bank’s technical team. In most cases, the caller sounds professional and provides a convincing reason for calling the customer. After giving a false sense of security, the caller then tricks the victim into giving away their personal and confidential data such as:
• One-Time-Password (OTP)
• Credit/debit card number
• The card’s CVV number [Card Verification Value – 3 to 4 digit number printed on the flip side of the card]
• Expiry date
• Secure password
• ATM pin
• Internet Banking login ID and password and other personal information
With all such crucial information at hand, the fraudster can easily carry out illegal financial transactions using the victim’s name.
1. Banks or any of their representatives never send their customers email/SMS or call them over phone to ask for personal information, password or one time SMS (high security) password. Any such e-mail/SMS or phone call is an attempt to fraudulently withdraw money from the customer’s account through Internet Banking. Never respond to such email/SMS or phone call.
2. Never respond to emails/embedded links/calls asking you to update or verify User ID/Password/Debit Card Number/PIN/CVV, etc. Inform your bank about such email/SMS or phone call. Immediately change your passwords if you have accidentally revealed your credentials.
3. Do not provide any personal or confidential information on a page which might have come up as a pop-up window.
4. Always remember that information like password, PIN, TIN, etc., are strictly confidential and are not known even to employees/service personnel of the bank. You should therefore, never divulge such information even if asked for.
5. Never provide your identity proof to anyone without any genuine reason.
6. Never click on any links in any e-mail to access the bank’s site.
7. Access your bank website only by typing the URL in address bar of browser.
8. Do not provide your bank account details to emails offering a job or claiming that you have won a lottery. Avoid opening attachment of emails from unknown senders.
9. Avoid accessing Internet banking accounts from cyber cafes or shared PCs.
10. When on your bank website, look for the padlock symbol either in the address bar or the status bar (mostly in the address bar) but not within the web page display area. Verify the security certificate by clicking on the padlock.
11. Keep your system up to date
1. The credit/debit card/Net bnaking holder or account holder should lodge a complaint with the concerned bank and block the card or account immediately.
2. Information should be collected from the concerned bank regarding the mode /description of the transaction.
1. Collect Bank statement from the concerned bank of last six months.
2. Make a copy of SMSs received related to the alleged transactions.
3. Copy of your bank pass book.
4. Copy of your ID proof and address proof as shown in the bank records.
5. Lodge a complaint in your nearest Police Station explaining complete incident along with the above mentioned documents.