**Phishing is a way of obtaining sensitive personal information such as account details, PIN and password through the internet. Anyone with these details can perform unauthorized transactions on your account. Find out how to protect yourself from phishing attempts.
What is phishing and how to protect yourself.
Be alert to phishing attempts. Note that your bank will not ask you for your personal details over emails.
Don’t click on any link or open attachments in suspicious emails that appear to be from your bank.
If you think you have become a victim of phishing, contact your bank immediately.
How to avoid phishing attacks
Phishing (pronounced as “fishing”) is a common technique used by criminals to trick you into giving away your personal information. They could do this by using emails, SMS, or phone calls.
If you fall prey to phishing and have given your personal information and online banking credentials, criminals may use the information to access your online banking accounts and transfer money out of your bank accounts.
Beware of bogus emails or SMS
You may receive a fake email or SMS that looks like it is sent from your bank to trick you into believing that the email or SMS is authentic. The email or SMS typically contain alarming messages so that you will take notice, such as informing you that your online account has been hacked or regulatory bodies suspect that your account is used for money laundering.
You will typically be asked to click on a link to verify your account. The URL will then bring you to a fake website that looks exactly like your bank’s login page. The criminals will be able to steal your login username, login passwords, and OTP when you key in these details into the fake website.
With your stolen credentials, the criminals will be able to access your online banking accounts and perform unauthorised transactions on them.
To protect yourself from falling prey to phishing, remember the following:
Never give out your banking details.
Your bank will NEVER send you emails or SMS asking you for your bank login ID, password, or OTP.
Do not open attachments or click on any link in suspicious emails or SMS.
Use your bank’s mobile app to perform banking transactions.
Always enter the full URL or domain name of your bank on your browser address bar.
Install firewall, and anti-virus and anti-spyware in your computer. Update them regularly.
Avoid online banking in public areas such as cyber-cafes.
Log off each time you complete online banking activities.
Select passwords that are difficult to guess. Change them often.
Monitor banking transaction notifications so as to spot any suspicious activity quickly.
If you think you have become a victim of phishing, contact your bank immediately to freeze your accounts, card, or e-wallet. This gives you the best chance to prevent further unauthorised transactions.
Beware of bogus phone calls
Criminals may also call and trick you into believing that they are bank officers, government officials or the police. The caller ID on your mobile phone may even appear as “999”. Criminals typically use scare tactics to threaten you and make you believe that you have committed a crime.
Criminals may then ask you to give them your online banking credentials so that they can “check” your online accounts. If you do so, the criminals will be able to login to your online banking accounts and wipe out all the money in your bank accounts.
Here are some tips to protect yourself from bogus phone calls. Always keep the following in mind:
Government officials or bank officers will NEVER call you to ask you for your personal information, such as your online banking credentials.
When in doubt, always hang up the phone.
If the caller ID displays “999”, hang up and call or visit your nearest police post to verify the authenticity of the call.