Learn to spot fake emails and fake websites

They set them up to con people into giving away passwords and bank details. The technical word for this is 'phishing'.

For example, they might send you an email that looks like it comes from us and it might contain a link to a website that looks like this one. When you try to log on, they can steal your password. They could also ask you to make a phone call or reply by email.

They are good at making their emails and websites look realistic. But you can often spot the fake ones:

• Dodgy looking email or web addresses
• Poor design, typos or bad spelling
• They ask you to do something unusual
• A site doesn't display the padlock symbol in the address bar when you log in

If in doubt, please contact us. Avoid clicking on links in emails.

Minimise the use of attachments

Copy and paste text as often as possible.

Question unsolicited documents

Unsolicited bulk mail and commercial email can put you and your organisation at risk. Questioning it means not opening it, not passing it on, and notifying your system administrator immediately.

Never respond to spam email

For a spammer, one "hit" among thousands of mailings is enough to justify the practice. Instead, if you want a product that is advertised in a spam email, go to a Web site that also carries the product, inquire there, and tell them you do not approve of spam methods and will not patronize a company that uses spammers.

Never respond to the spam email's instructions to reply with the word "remove"

This is just a trick to get you to react to the email -- it alerts the sender that a human is at your address, which greatly increases its value. If you reply, your address is placed on more lists and you receive more spam.

Never sign up with sites that promise to remove your name from spam lists

These sites are of two kinds: genuine AND spam address collectors. The first kind is ignored (or exploited) by spammers, and the second is owned by them. In both cases your address is recorded and valued more highly because you have just identified it as read by a human.

Question executable programs received via email

This is a common means for passing on viruses. Do not open them, do not pass them on, and notify your system administrator if you receive them.

Disable macros on your machine

To do this, you will need to open the applications Microsoft Word, Excel and disable macros.

Make sure that file extensions are viewable

This will alert you to files of the following types: .exe, .vbs, and .shs. This requires enabling of file name extension in Windows.

Notify the person you received an infected file from

This helps them correct the problem within their system before passing the virus on to other users.

Monitor your transactions.

Review your order confirmations, credit card, and bank statements as soon as you receive them to make sure that you are being charged only for transactions you made. Immediately report any irregularities.

Don't reply to any e-mail that requests your personal information.

Be very suspicious of any business or person who asks for your password, PIN (Personal Identification Number), or other highly sensitive information.

Keep your virus protection up-to-date

If you experience anything that arouses your suspicions, please write to indiahelpdesk@emiratesnbd.com

It is an act of using telephone to trick the user into surrendering private information that will be used for fraudulent purposes. The scammer usually pretends to be from a legitimate entity and tries to befool the victim by luring or threatening him.

Typical Examples of Vishing attacks: -

• OTP/CVV Fraud - Criminals attempts to dupe bank customers into revealing OTP/CVV or read it by accessing their smartphone by inducing the customer to download remote access apps such as Quick support, Any Desk, TeamViewer etc.
• Lottery Fraud - Fraudsters make a call stating that you have won a huge lottery. To receive the lottery money, you will be asked to submit your personal details by following a link leading to a fake website. You may also be asked to transfer some token money as acceptance of the offer. Once you submit your details and try to make payment through those websites, all your personal information and financial details are stolen.
• Income Tax Refund Fraud - Cyber criminals targets bank customers through phone calls luring them to receive Income Tax refunds and are thus fraudulently collecting customer’s sensitive personal details.
• KYC Fraud – Cyber criminals are calling customers asking them to click on a link to update their KYC details. Such calls come with a threat if the KYC is not updated, then the account will be blocked.

Best practices to avoid Vishing attacks: -

• Always verify the caller’s identity.
• Do not install any unknown software in your smartphone/computer on the advice of strangers.
• Do not respond to unsolicited sales, marketing, or outreach messages.
• Do not share OTP, ATM PIN, CVV over the phone.
• EMIRATES NBD BANK PJSC will never ask for your bank account details, Debit Card details, CVV number, PIN, Password etc.

You should always be aware of the security when using an ATM and should always follow these general tips to ensure your personal information is kept safe:

• Never disclose your Personal Identification Number (PIN) to anyone.
• Never write your PIN or Password on your ATM card. Memorise your PIN or Password.
• Never use an ATM with a blank screen.
• Do not force your card into the card slot.
• Stand close to the ATM and use your body and hand as a shield to make sure nobody sees you keying in your PIN.
• Keep your hand over the card slot to make sure nobody can swap or take your card.
• Follow the instructions on the ATM screen carefully.
• Do not insert your card until asked to do so by the display screen.
• Only put in your PIN when the ATM tells you to do so.
• Leave the ATM immediately if you don't feel safe or you are suspicious of individuals loitering around. Come back later or use another ATM.
• Never hurry when using an ATM. Make sure you are not distracted, intimidated or rushed into your transaction.
• Never accept help from strangers when using an ATM. Always be wary of strangers asking for help. While one distracts you the other steals your card and money.
• If the ATM retains your card, cancel it immediately.
• Never allow a bystander to call the toll-free number on your behalf - they could be tricking you into thinking your card has been stopped.
• Always check that it is your card you get back from the ATM.
• Be aware of the daily withdrawal limits on each of your cards and decrease them if necessary.
• When using your cards at ATM's be alert that there are no additional devices affixed on the card reader slot or keypad, and ensure that no one can see you punch the PIN number on the ATM keypad.
• Report lost or stolen cheques, ATM cards, or Credit Cards as soon as you discover they are missing.

They take the form of text messages that claim to be from legitimate entities and are often used in combination with other techniques to bypass inbuilt protections. They might also direct victims to malicious websites on their phones.

Best practices to follow to avoid Smishing attacks:

• Be suspicious of any text messages containing urgent request for personal or financial information.
• Do not share any sensitive information over text messages.
• Do not click on any links on the SMS.

Please call the bank for help or refer to the information only on the official website of the bank.

You have to protect your information at all times be it over the internet or during your normal banking activities by simply following these tips:

Protect your Password and Personal Information:

• Do not use passwords that are easy to guess, e.g. your name, your date of birth, your telephone number(s), etc.
• Use a combination of upper and lower case letters as well as numbers.
• Do not use share your password with anyone and do not use the same password for other websites.
• Change your password frequently and never write it down.
• Always log into Internet Banking via our sites at the following addresses: www.emiratesnbd.co.in and not through other links.
• Avoid logging into Internet Banking from Internet Cafes, Libraries, public wi-fi or public sites.
• Always close the window once you have logged out of your Internet Banking session.
• Important: No one at Emirates NBD will ever ask you for your internet banking password. If someone does ask you for it, they do not represent the Bank and you should not under any circumstance provide this information.

Protect your Computer and Internet session:

• Never share your computer.
• Use a password on your PC to prevent unauthorised access to your information.
• Be wary of opening email messages from untrustworthy sources, especially if they contain attachments.
• Do not reply to emails that request your personal information. They may appear to come from a trusted friend or business, but they are designed to trick you in disclosing sensitive personal information.
• Use personal firewalls and anti-virus software.
• Avoid downloading software such as screen savers, desktop themes, games, and other executable type programs from websites that are obscure or unidentifiable. These programs may contain Trojan viruses that would enable hackers to monitor or take over your PC.
• Disable all unnecessary services running on your computer.
• Always verify that the site is the genuine Emirates NBD site.
• Do not leave your internet banking session unattended at any time.
• Before you start your internet banking session, ensure that all other internet sessions are closed. If your internet banking session is open, we recommend that you do not open other internet browsers at the same time.
• Please write to indiahelpdesk@emiratesnbd.com in case you receive fraudulent emails or require any assistance using our Internet Banking service.

The program you use to look at websites is called a web browser. Modern browsers warn you if you visit fake websites and it is harder for viruses to infect them.

If you have updated your computer regularly, it is likely that you are already running either the latest version of Microsoft Edge / Google Chrome / Mozilla Firefox (on Windows PCs) or Safari (on Macs). It is a good idea that you install an up-to-date web browser. There are several to choose from and they are all free.

The criminals who create viruses take advantage of software bugs to infect computers. Software companies fix bugs with free downloadable updates.

• It is a good idea that you install updates for your software as soon as they become available.
• Be wary of fake emails about bogus updates. Use the update software that comes with your computer - don't click on links in emails. As well as your computer software, other programs need updating. This includes your web browser and the applications you use. Most modern software will check for updates automatically. You may want to install them as they become available.

All your personal information is useful to people who want to steal your identity or break into your online banking. You wouldn't give this information away to a stranger on the street but if you use social networking sites, such as Facebook, Twitter or MySpace, you could be over-sharing personal data.

You may want to think carefully about the information you put into your profiles on sites like these. It is also a good idea that you check the privacy settings on each site that you use to make sure you only share personal information with people you trust.

Please also remember that you must take all reasonable precautions to keep your details safe and prevent any unauthorised use of any cards and security details. If any information forms part of your security details, you should make sure that you do not disclose it to anyone else - see terms and conditions that apply to your account(s) for more detail.

There are many ways for them to make money online:

• Steal your passwords and bank details with viruses, fake emails and fake websites
• Ask you to provide security details
• Send spam with bogus offers and products
• Take over your computer and use it to attack other people's computers
• Use viruses to display unwanted adverts on your PC

We take your online banking security and privacy very seriously. Protecting yourself and your money takes a bit of know-how and the right software.

When it comes to protecting yourself and your money on the internet, be wary of ridiculous deals.

Criminals may contact you by email, through websites you use, via SMS or even by phone. It pays to be on your guard as they can be quite convincing.

Here are some warning signs:

• Big promises: 'You have won the lottery'
• Big threats: 'Your account has been hacked'
• A false sense of urgency: 'Act now or it'll be too late'
• Unnecessary secrecy: 'Don't tell anyone'
• 'Business opportunities' that involve holding or receiving money for strangers

If an attachment looks suspicious, don't open it. Don't install software unless it comes from a website you trust. If it doesn't feel right, take your time.

If you suspect that there is a problem with your online banking, you can always talk to us first.

You may even use it for internet banking and online shopping.

For example, they might send you an email that looks like it comes from us and it might contain a link to a website that looks like this one. When you try to log on, they can steal your password. They could also ask you to make a phone call or reply by email.

You may want to think about:

• Setting and using a security PIN code
• Adjusting the phone settings so that it locks automatically if you don't use it for five or ten minutes
• Not storing passwords or other sensitive information on your phone in a way that can be understood by someone else
• Be wary of voicemail and text message scams
• Clicking on links in text messages can be risky - be careful

If you lose your phone report it to your mobile phone provider immediately to block the SIM. Make a note of your phone's IMEI number (dial *#06# to get it). This will make it easier to disable a stolen phone on Central Equipment Identity Register(CEIR) website https://www.ceir.gov.in.

Contact your bank(s) and card issuers immediately to ensure the following are done:

• Access to your accounts can be protected
• Stop payments placed on missing cheques
• Personal Identification Numbers (PINs) and Online Banking Passwords changed
• Be sure to indicate to the bank or issuer all the cards and/or accounts potentially impacted, including your ATM cards and credit cards.
• Review all recent transactions on your accounts linked to those cards. Additionally, ensure that no one has requested an address change, title change, PIN change, or ordered new cards or checks to be sent to another address when appropriate.

Maintain a written chronology of what happened, what was lost, and the steps you took to report the incident to the various sources. Be sure to record the date, time, contact telephone number, person you talked to, and any relevant report or reference number and instructions.

For further information or queries, please write to indiahelpdesk@emiratesnbd.com.