New Delhi: There is an increased risk of cyber attacks on bank accounts and financial systems as more and more people use home wifi, which is not as safe as office wifi which is monitored by experts, as they work from home due to the Covid restrictions. Phishing is a widely used method by cyber attackers and hackers to steal personal and financial data to commit online frauds.
Phishing is a general term for emails, text messages as well as websites fabricated and sent by criminals to lure customers in giving away their sensitive data. These attacks are designed in such a way that looks like they have come from well-known and trusted businesses, financial institutions and government agencies, with an ill-intent to collect personal, financial and sensitive information.
These phishing attacks on the bank and financial customers are also known as brand spoofing. If a bank customer or someone who uses online financial services receives an email that appears to be suspicious, do not reply to it or click on the link it provides. Simply delete it. And this incident should be reported to the concerned bank or to the financial service provider.
Be aware of methodologies used by cyber criminals
Phishing attacks use both social engineering and technical subterfuge to steal customers' personal identity data and financial account credentials. In such cases, bank customers receive a fraudulent e-mail seemingly from a legitimate Internet address. Such emails invite people to click on a hyperlink provided in the mail. If any clicks on the hyperlink believing it to be genuine then it directs the customer to a fake website that looks similar to the genuine site.
Usually, the email will either promise a reward on compliance or warn of an impending penalty on a non-compliance. Usually, these cyber criminals ask people to update their personal information, such as passwords and credit card and bank account numbers etc.
If the person believes and provides personal details in good faith and clicks on the 'submit' button then most likely he or she will get an error page. It means the user has already fallen prey to a phishing attempt and shared his or her sensitive data with the cyber criminals.
How you can avoid a phishing attack
You should never click on any link which has come through e-mail from an unexpected source. It may contain malicious code or could be an attempt to 'phish'. Secondly, do not provide any information on a page which might have come up as a pop-up window. Thirdly, never disclose any personal information via text message, including account numbers, passwords, or any combination of sensitive information that could be used fraudulently.
Never ever provide your password over the phone or in response to an unsolicited request over email. You should always keep in mind that information like password, PIN, TIN, etc. are strictly confidential and are not known even to employees or service personnel of your bank or other financial service providers. You should therefore, never divulge such information even if asked for.