At YES BANK, it is our continuous endeavor to make you aware of the simple steps to help avoid compromising your details to online scams such as Phishing, Vishing, Spoofing etc. In the event of you suspecting any abnormal activity on your YES BANK Account, immediately inform YES BANK of the same to firstname.lastname@example.org.
We look forward to your support in combating fraudulent attempts.
- Phishing: It is a global problem faced by Banks worldwide. It is an attempt to 'fish' for your banking details. Phishing could be an e-mail that appears to be from a known institution like banks/a popular website asking confidential data like user id and transaction password, One Time Password (OTP), Unique Reference No. (URN) etc.
- Spear Phishing: It is a targeted phishing attempt through an e-mail that appears to come not only from a trusted source with a context customized /personalized and often will be one of relevance to either current projects of developments within the company, or may be related to family event.
- Spoofing: These attacks refer to tricking or deceiving the users, by faking the identity of another user, over email, phone, website etc. Website spoofing is the act of creating a website, as a hoax, with the intention of performing fraud. To make spoof sites seem legitimate, phishers use the names, logos, graphics and even code of the actual website. They can even fake the URL that appears in the address field at the top of your browser window and the Padlock icon that appears at the bottom right corner. Even Emails can be spoofed to make the victim believe that it has been sent by ‘Trusted’ sender and lead victim to share sensitive information.
- Vishing: It is an attempt of a fraudster to take confidential details from you over a phone call. Details like user id, login & transaction password, OTP (One time password), URN (Unique registration number), Card PIN, Grid card values, CVV or any personal parameters such as date of birth, mother's maiden name. Fraudsters claim to represent banks and attempt to trick customers into providing their personal and financial details over the phone. These details will then be used to conduct fraudulent activities on your account without your permission leading to financial loss.
- SIM Swap: Your mobile phone is a convenient banking channel. You can get account-related alerts and the One Time Password (OTP) required to carry out banking transactions and make various financial inquiries through your mobile. However, if you do not take a few simple precautions, a criminal can divert these alerts by getting your genuine SIM exchanged with a duplicate SIM through your service provider, and attempt to commit a fraud.
- Smishing: It is a combination of short message service (SMS - also known as text messaging) and phishing (the act of emailing someone with the intent of obtaining personal information that can be used for identity theft). In this case, fraudster sends message over SMS, rather than Email. Smishing message may look like "You have won a 2 free tickets to an Amusement Park, visit this website to claim your prize". Clicking on the link may lead you to a website asking for personal information. These are becoming more common due to smart phones becoming more popular.
- Frauds through social networks: Social media sites are fast being popular among fraudsters also and celebrations are easy times to lure the youth of today. For example, the latest tool observed is an invite to install a “Valentine theme” on one of the most popular social networking website. The install button prompts the download of a malicious browser extension which monitors the user’s activities. Sometimes users are redirected to a survey page asking them for vital information like name, mobile number etc.
- General Safety Tips:
- YES BANK or Government and Regulatory bodies, including the Income Tax Department/ Reserve Bank of India (RBI), will never ask for any confidential information over e-mail or phone call
- Treat any e-mail message that asks for confidential/ personal information with suspicion. Do not respond to any web-forms in e-mails, that ask for your NetBanking or email user id/ passwords, ATM card number or PIN, Date of Birth, Mobile number etc.
- Never use a link in an e-mail message to log on to the YES BANK website. Type the URL directly into your browser's address bar to ensure that you are reaching the correct web page. Access the official YES BANK website via www.yesbank.in
- Do not open e-mail attachments from unverified/ unexpected sources or instant message download links. Delete such suspicious e-mail messages immediately
- Do not access YES BANK NetBanking or make payments using your Credit/ Debit Card from shared or unprotected computers in public places
- Setup either email and/ or SMS alerts on your YES BANK NetBanking for all transactions on your account(s)