Phishing - Phishing refers to a person or a group of cyber-criminals who create a copy of an existing legitimate web page (in the name of your bank) to trick users into providing sensitive personal information. Responding to 'phishing' emails put your accounts at risk.
To carry out this trick, the phishing scammers send fraudulent email disguised as an official request for information from the bank. Generally, they also create a look-a-like website that is designed to closely resemble the target company's official site. The fake website may appear almost identical to the official site.
Recipients of the scam mail are requested/ lured to click on a link, which will cause fake website to open in the user's browser. The recipient will be asked to enter the user ID and Password of Net Banking. The scammers then use this information to their advantage. Very often such phishing emails may contain various spelling mistakes. Even the links to fraudulent website may contain URLs with spelling mistakes.
Tips to protect you from Phishing
- Never respond to any mails asking for your confidential information such as User ID, Password etc. Please note that Kotak Mahindra Bank will never ask for your password
- Visit the bank website by always typing our URL www.kotak.com in your browser window. Never click on a link that takes you to bank's website
- Always look for the padlock symbol on the bottom bar of the browser to ensure that site is running in a secure mode before entering sensitive information
- Check your previous login date and time post logging into Net Banking
- Avoid access of Net Banking from Cyber cafe or shared computer. However, if you happen to do so, please use Virtual KeyPad for enhance security
- In case you feel you have divulged any sensitive information to fraudsters, please change your password immediately and inform us by contacting our Customer Contact Centre or write to us at firstname.lastname@example.org
- Vishing is a combination of Voice and Phishing that uses Voice over Internet Protocol (VoIP) technology wherein fraudsters feigning to represent real companies such as banks attempt to trick customers into providing their personal and financial details over the phone.
In this trick, fraudsters call up customers through an automated dialer through a computer-modem. Once the phone is answered, an automated recording is played to inform customer that customer's bank account had an illegal activity and customer should call the recorded phone number immediately.
Once the customer calls up the recorded number, he is asked to enter his confidential information such as Account No, User Id, Password, Date of birth etc on phone keypad. Once customer enters the required details the fraudsters have all the confidential information required to carry out transactions in customer account.
Vishers generally do not have any actual information regarding customer and would address customer as 'Sir' or 'Madam' and not by actual name.
Tips to protect you from Vishing
- Do not call and leave any personal or account information on any telephone system that you are asked to through any telephonic message, SMS or E-mail, especially if it is regarding possible security issues regarding your bank account.
- Your bank would have knowledge of some of your personal details such as your first/last name. Beware of calls claiming to be from your bank's customer service centre.
- In case you happen to receive such a message or email, inform us by calling our Customer Contact Centre or write to us at email@example.com
- Identity theft is a crime in which fraudsters try to obtain key pieces of your personal information such as date of birth, mother's maiden name, passport number etc in order to gain access to your bank account, make online purchases or illegally apply for New Account /Credit Card. Fraudulent Web-sites/E-mails, misplaced account statements or personal documents, impersonation as bank staff are some of the tools used by fraudsters to gain access to customer's personal information. Revealing personal information to unknown entities puts your account at risk.
By using gathered personal information, fraudsters carry out transactions through banking channels such as Phone Banking, Internet Banking to their benefit. In a worst case scenario, they can also transfer funds from your account.
Tips to protect you from Identity Theft
Nigerian Fraud (419 Scam)
- Never respond to mails asking for your personal information such as Date of Birth, Mother's maiden Name, user ID etc. Please note that Kotak Mahindra Bank will never ask for such information
- Inform us immediately in case your mobile number is de-activated without your consent. Also get your correspondence address updated with us, in case it has changed
- Verify the identity of the Bank's representative visiting you
- Consider shredding rather than thrashing unused copies of documents such as PAN Card, Ration Card, Bank Statements etc which contains your personal information
- Beware of unsolicited phone calls claiming to be from Bank's Customer Service Centre and asking for confidential personal information
- Nigerian fraud refers to fraudulent schemes which starts with bulk mailing/e-mailing of offers asking the recipients to enter into a business or to extend help in getting money transferred in return for huge commission. The scam is referred to as '419 Scam' after the section 419 of Nigerian Penal Code.
The Nigerian fraud emails commonly have proposals such as transfer of funds, generous reward for helping to move large balance of funds or offer of disbursement of money from 'Will'.
Such mails would generally display a sense of urgency and ask for bank account and other details. These mails may also ask the recipient of the letter or email message to pay something like a fee / tax / bribe to complete the deal - this is the Advance Fee. Such advance fee is always lost.