Phishing

The phishing email may also direct you to a spoofed website or pop-up window, which looks exactly like the real site. Phishing is an increasingly common type of scam in which personal data such as credit card numbers and online banking passwords are stolen for fraudulent.

The fraudster sends "spoofed" emails that appear to come from a legitimate website that you have online dealings with such as a bank, Insurance Companies, Credit Card Company or an ISP - any site which requires users to have a personal identity or account. The email may ask you to reply with your account details in order to "update security" or for some other reason. Unsuspecting people are then often fooled into handing over credit card numbers, passwords or other personal details.

If you are using Internet banking or any other online account, you should be aware of these attacks and how to protect against them.

The following points may help you protect yourself:

Never respond to emails that request personal information + -

At Exide Life Insurance, we would never ask for your personal details through an email. Nor would we ask for your password through any means, online or offline. If any of our bank personnel asks you for your password, do not disclose it and report him or her immediately to us.

Keep your password top secret and change them often + -

Changing passwords often helps in protecting your account even if inadvertently you may have disclosed it to someone.

Keep your computer secure + -

Some phishing emails or other spam may contain software that can record information on your internet activities (spyware) or open a 'backdoor' to allow hackers access to your computer (Trojans). Installing anti-virus software and keeping it up to date will help detect and disable malicious software, while using anti-spam software will stop phishing emails from reaching you. It is also important, particularly for users with a broadband connection, to install a firewall. This will help keep the information on your computer secure while blocking communication from unwanted sources. Make sure you keep up to date and download the latest security patches for your browser. If you don't have any patches installed, visit your browser's website, for example users of Internet Explorer should go to the Microsoft website.

Check the website you are visiting is secure + -

Before submitting your bank details or other sensitive information there are a couple of checks you can do to help ensure the site uses encryption to protect your personal data: If the address bar is visible, the URL should start with ‘https://’ (‘s’ for secured) rather that the usual ‘http://’.If the address bar is not visible as in our Internet website, look for a lock icon on the browser's status bar. You can check the level of encryption, expressed in bits, by hovering over the icon with your cursor. Note that the fact that the website is using encryption doesn't necessarily mean that the website is legitimate. It only tells you that data is being sent in encrypted form

Validate the SSL Certificate + -

If you are in any doubt, click on the lock icon at the bottom of the secured page. This opens up a new window, displaying the SSL certificate information. Ensure that there is no red cross mark preceding the title 'Certificate Information'. It should also be ‘Issues to: www.exidelife.in. You can get more information by clicking on the other tabs in the certificate window. Following the above steps would help you in protect yourself. However, please remember, fraudsters are always trying to stay a step ahead. To ensure that you remain protected at all times.

Never let anyone know your PINS or passwords, do not write them down.
Do not use the same password for all your online accounts.
Avoid opening or replying to spam emails as this will give the sender confirmation they have reached a live address.
logout to terminate your session, instead of closing the browser directly.
Always type the address of the bank website in the address bar of your browser or access it from your stored list of favourites.
Do not access the bank website through a link in an email or through another website.