There has been an increasing number of “phishing attempts” over the past few months with emails purportedly from banks asking customers to update their personal particulars, including information on their bank accounts, online banking user names and passwords. Customers who receive such emails should not follow the sender’s instructions, and should report them promptly to the Bank.
Consumers who suspect that their User ID or Personal Identification Numbers (PIN) have been compromised, or who identify any suspicious activities on their banking accounts, should immediately contact their Relationship Manager.
What is phishing?
Phishing is a way of obtaining sensitive personal information such as one’s banking account details, PIN, One-Time Passwords (OTP), credit card number, User ID or password through the Internet, in order to perform unauthorized banking transactions. The most common phishing method is a spoofed email purporting to be from a bank, credit card issuer or service provider. The emails usually use the following tactics to get the consumer to release their personal information:
"Your account is currently being updated as we are introducing a new security system. Follow the instructions below to reactivate your account."
The phishing emails typically contain URL links, which when clicked, direct the consumer to fake webpages (e.g. a login page) which mimic the websites of legitimate banks. These fake webpages are often used by perpetrators to harvest the sensitive personal information belonging to consumers. The webpages may also contain malware aimed at infecting consumers’ computing devices.
Steps to protect against phishing
Below are some quick tips that can help you identify potential phishing attacks, as well as best practices that you can adopt to guard against phishing attempts:-