eScan warns online banking users on email phishing scams
Mumbai, India, March 4, 2014: eScan one of the leading Anti-Virus and Content Security Solution provider warns the IT users who take benefit of Online banking services about the email phishing scams wherein customers are asked to update their bank details.
Phishing emails are probably one of the most used methods in luring users into downloading malware. They are even used to extract important information from unsuspecting users. Recently, these attacks are becoming more specific in nature. Extra care and attention by cyber criminals is making these attacks more realistic and harder to spot.
How could this happen?
Online banking users may get email like the one shown below (Source of the image – eScan’s Anti-Phishing and Anti-Spam Honeypot), which looks legitimate and appears to be coming from the bank. The email will have one website page attached and it will ask for personal or corporate banking option. Then the web-page will ask the customer to fill their name, account number and other details. Once the details are provided, it’s a success for the cyber criminal who can then use this information to commit fraud.
The phishing attempt could be identified through unsolicited emails asking for the confidential data, messages, links received in the emails for quick action related to security reasons of the bank account.
For funds transfer scam, phishers can also send out SMSs to the users with the phishing URL. In some cases, the phishers may pose as a bank employee and call up the user with the intention to collect sensitive personal information. The user does not suspect the caller and shares the personal information, which is blatantly misused.
How to avoid this?
With the increasing number of phishing fraud cases on the rise, especially related to Internet Banking, users are advised to avoid phone calls from the stranger as well as restrict sharing their confidential information. When in doubt, customers are advised to get in touch with the banks. Moreover, Anti-Virus or Internet Security Suites should be deployed, so as to ensure safety and protection against such frauds.
Here are a few tips that will help you recognize a phishing attempt targeting Bank customers:
- Grammatical errors: 98% of the time there will be errors in the way a sentence is formed. Look into it.
- Banks will never ask for details such as the Password, Debit/Credit Card number, CVV, ATM Pin; unless you are carrying out a transaction and there is a need to log in.
- The URL of the bank website and the phishing website will be different. Always try to remember the URL of your bank website.