KEEP AWAY FROM THREATS

 
South Indian Bank has adopted most of the advanced technologies like Internet Banking, Mobile Banking and ATM services for providing Banking services to it's Customers. While customers are fully responsible for taking adequate precaution in operating their Banking accounts through internet, we would like to ensure that the customers are aware of certain key areas of internet banking threats, frauds etc. This section deals with 'On-Line Customer Education'  giving certain terminologies and their respective meaning with regard to Internet Banking and other alternate delivery channels. We are hopeful that you find these details useful in enriching your knowledge  that may pave the way for a SAFE - BANKING with SIB.

e-Threats ( Internet Banking Threats )

• PHISHING

What is phishing?

Phishing refers to 'fishing' out sensitive information such as banking details  by pretending as a trustworthy entity. Usually the attacks will be in the form of an e-mail that appears to be from the bank. These randomly generated e-mails contain clickable links that guides you to a scamsters log on page which will be a page designed to capture your details. Different techniques will be employed by the scamsters to make you click on the links and enter the user id and passwords. Scamsters then use this information to siphon off funds or, undertake transactions that are billed to the original customer.

HOW THE PHISHERS OPERATE ?

Usually Phishing attempts will be in the form of a spam mail which contains clickable links that will direct you to the 'spoofed website',which scamsters have created. A database of valid email addresses will be procured by the fraudsters over a period of time in advance through publicly available sources. The website to which the email directs will have the same look and feel as the bank's website. The URL or the website address of such fake pages will be created by the scamsters on freely available web hosting servers. Our Bank website's URL is www.southindianbank.com. The fraudsters create fake websites with URL almost similar to the real one .For example www.southindianbank.org or www.southindianbank.net .Those who are unaware of this fact enter their login details which will be captured in the background by the fraudsters.The mis-users then log-in remotely into such victims’ accounts and transfer funds into thier account. The bank has employed the best possible security software and firewalls to protect our customers sensitive information. On the other hand we expect our customers to be alert of the above facts.

• SPOOFING

What is spoofing?

Website Spoofing is the term for falsified e-mail addresses that appear to come from a sender when in fact, the message is really being sent by a spammer. They can be difficult to spot and cause many problems, both for recipients and spoofed e-mail address owners. Scamsters can not only fake the URL but also the Pad lock icon at the bottom right corner.

How the spoofers operate?

E-mail spoofing can assume a variety of forms. Basically, a spoofed e-mail  appears to be sent from one source when it actually was sent from another source entirely. However, any replies to a spoofed e-mail go directly to the legitimate e-mail account causing confidential customer information to be captured. It is extremely difficult to detect a spoofed e-mail address, at first glance. But it is possible to identify a spoofed e-mail by carefully analyzing e-mail headers .Examples of spoofed email that could potentially affect you include:  email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not do this , email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information.

• VISHING

What is vishing?

"Vishing" or "Voice Phishing" is the  act of leveraging a new technology called Voice over Internet Protocol(VoIP) in using the telephone system to falsely claim to be a legitimate enterprise in an attempt to scam users into disclose personal information. The victim is contacted by a phishing e-mail directed to a VoIP based telephone number. The user may recieve a telephone call from another individual with a spoofed caller ID or a recorded incoming call with a spoofed caller ID directing them to a phishing site.

HOW THE VISHERS OPERATE ?

Fraudsters  uses a spoofed (fraudulent) caller ID matching the identity of a misrepresented organization and they invite you to punch your telephone information through your telephone keypad. The content of the incoming message is designed to trigger an impulsive reaction from you. It can use upsetting or exciting information, demand an urgent response  or use a false pretense . Any of the personal information such as bank account number, credit card number, PIN etc should not be typed in your telephone keypad in response to above mentioned calls.  As a customer you also have a role in stopping vishing scams. You are encouraged to recognize it, report it and stop it. Do not react immedietly without thinking.

ATM RELATED THREATS

• SKIMMING

What is skimming?

Skimming is a scam where scamsters use a skimming card reader or skimmer with which they make a counterfeit copy of the ATM card or Credit card. While the victim withdraws money from his/her account the card details will be read into the skimmer or an attached PC. Once the skimmer gets the card data they can duplicate the card and also use it for online shopping.

How the skimmers operate?

Usually Skimming card readers or Skimmers will be placed in ATMs or POS machines . Skimmer is a small electronic device which is capable of capturing the data present in magnetic strips of the cards. Skimming may take place during a legitimate transaction at a business. Such fraudlent activities can happen mostly in shopping outlets and restaurants. For example, in a restaurant your card may be taken away when the bill is being settled and may use your card for regular transaction,  also for capturing the card details. This captured card details will be misused by the scamsters.

Tips to protect youself from skimming

Do not leave your card unattended.
Keep changing your ATM Card PIN number regularly
Use your hand or body to shield your PIN from onlookers when you are conducting transactions at a bank machine or at the point-of-sale.
Beware of a skimming card reader.
Regularly check your statements or passbook to verify all transactions have been properly documented.
Never let your card out of your sight, for example at a restaurant.

MOBILE MALWARES

TIps to deal with mobile malwares

The threat of mobile phone malwares, though not pronounced still, is expected to become a nightmare for mobile phone users in the not too distant future. Mobile malwares spread or infect other handsets without any user interaction through bluetooth e-mails or infected multimedia message . There are some spying tools that can be installed on the target mobile phones to keep a log of each and every activity of the user. Such logged information may be forwarded to spying server for viewing and misusing.

HOW TO PROTECT YOURSELF FROM E-THREATS

Given below are some of the tips that could be useful to protect yourselves from potential e-threats:     
             
DOs and DON'Ts
          
     

Do not reply to any email that ask for sensitive information like user id and passwords.South Indian Bank will never ask  for updation of your sensitive account information online.

Do not use Cyber Cafe to access SIBERNET
Do not  give Card/ account related information in an e-mail or post it on any website or forum.
Do not go for a easy to break password.
Do not disclose your password to anyone even to bank staff.
Do not download software or files from an unknown source; they might contain phishing Trojans.
Change your passwords often and keep them secret.
Use different passwords for login and transaction.
Add the URL of SIBERNET to favorites of your browser and always access the site through that only.
Use a good anti-virus and anti-spyware software (and keep it updated) to prevent your computer from falling prey to malicious software.
Always check for SSL certificate by clicking the lock icon at the botttom of secured page.
SIBerNet is best accessed using Internet Explorer version 5.5 & above and Mozilla Firefox version 3.0 & above, with a screen resolution 1024 by 768 pixels.