eScan Warns Online Banking Users on Email Phishing Scams
First of all, what is a Phishing attack or how a phishing attack on your Bank Account looks like? In simple words, an email phishing scam or attack on your bank account is one wherein you as the customer of a Bank, are asked to update your bank account details.
eScan one of the leading Anti-Virus and Content Security Solution provider, not only advises the IT users who use Online banking services about the email phishing scams wherein customers are asked to update their bank details; it also guides them how to prevent themselves from becoming a victim to such a phishing attack.
Why Bank Accounts attract such phishing attacks ?
Simple. As bank accounts are place where money and sensitive information is. The benefits of money theft are obvious. But in an information age, any information theft is even more dangerous as it compromises the entire online and sometimes real life existence of a person.
Phishing emails as a means to hack your Bank Account
Phishing emails are probably one of the most used methods in luring users into downloading malware (malicious software, aimed at harming the down loader). Often used to extract important information from unsuspecting users. Recently, these attacks are becoming more specific in nature. Extra care and attention by cyber criminals is making these attacks more realistic and harder to spot.
How a Phishing Scam or a Phishing email scam or attack lures a non-suspecting or unaware bank user ?
Online banking users may get email like the one shown below. This is called a Phishing and a Spam Honeypot. The characteristic of this email is: it looks legitimate and appears to be coming from the bank, when it really isn’t. The email will have one website page attached and it will ask for personal or corporate banking option. Then the web-page will ask the customer to fill their name, account number and other details. Once the details are provided, it’s a success for the cyber criminal who can then use this information to commit fraud.
For funds transfer scam, phishers can also send out SMSes to the users with the phishing URL. In some cases, the phishers may pose as a bank employee and call up the user with the intention to collect sensitive personal information. The user does not suspect the caller and shares the personal information, which is blatantly misused.
How to avoid being victim to a Phishing attack and save your Bank account ?
With the increasing number of phishing fraud cases on the rise, especially related to Internet Banking, users are advised to avoid phone calls from the stranger as well as restrict sharing their confidential information.When in doubt, customers are advised to get in touch with the banks. Moreover, Anti-Virus or Internet Security Suites should be deployed, so as to ensure safety and protection against such frauds.
Few tips that will help you recognize a phishing attempt targeting your Bank account and that of other bank customers like you :
- Grammatical errors in Phishing mails: 98% of the time there will be errors in the way a sentence is formed. Look into it.
- Banks Accounts never solicit Information on Phone Call, Through SMS or email : Banks will never ask for details such as the Password, Debit/Credit Card number, CVV, ATM Pin; unless you are carrying out a transaction and there is a need to log in. Whenever your bank account asks you to furnish some information or convey you some information, it will call you or SMS you from official number or you will get a call from a bank official, informing you to furnish that INFORMATION AT YOUR BANK BANK (Real Brick and Mortar Bank Branch ). It will not tell you to disclose that information through email, SMS or phone call. You think your bank is making you walk all the way to the Bank Branch; but be assured that’s their way of saving your bank account and their bank from any phishing attacks, email frauds, SMS frauds.
- This is one of Rule of Thumbs to Spot a Phishing scam email attempting to attack your bank account : Look for the sender of the email. In all likelihood, a phishing scam email will come from some some email account with some email service provider like gmail, hotmail, yahoo etc. In short, a phishing scam email may come from a sender with an email id like email@example.com etc. A real email from your bank will always have the domain name your Bank owns, such as firstname.lastname@example.org .
No bank will allow its employees to use their gmail emails at work. Hence you can never get an official bank mail from a domain (xyz.com) other than your bank owns. In addition, an authentic Bank email or BANK SMS or Call only summons you to your Bank branch or asks you to login to the official bank website to update information. It never volunteers to do that on your behalf.
- Do some memorizing : The URL of the bank website and the phishing website will be different. Always try to remember the URL of your bank website. For instance, the ICICI Bank’s official portal or website or domain is icicibank.com and NOT icici.com
- Trust Your Email SPAM Filter : If your email service SPAM filter automatically throws any Bank account related email to the SPAM folder, do trust your SPAM filter. Don’t worry, if your bank has something important to convey to you, it’ll summon you to Bank Branch.
Phishing attempts on Bank Account are increasing with each passing day. But if you follow the standard usage procedure shared in the article in detail, you will be always safe online. Some Bank account users feel that if they use their credit card, debit card or use internet banking to buy things online, they will be at risk. This is a wrongly held notion. Your online bank gateway is capable enough to secure you online, and the moment it suspects the credentials of the site of purchase, it immediately terminates the buying process.
Hope You find the article informative and useful. Do share it with Friends on Facebook, Twitter and elsewhere.