Beware Of Fraudulent e-Mails.


Dear Customer,

We would like to caution you against the fraudulent emails which claim to have come from the HDFC bank. These emails ask the customer to verify their personal details by clicking on a link and some of them threaten to restrict the NetBanking access or similar such action in case you do not respond.

We would like to re-iterate that as a policy we do not ask for the following details from our customers through emails:
  • Credit Card number / Debit Card number/ Customer Identification Number/ Account Number.
  • Credit Card PIN / ATM PIN (Personal Identification Number).
  • NetBanking / PhoneBanking Password.

We seek your cooperation by forwarding all such suspicious emails to [email protected] .

Click here to learn more about the precautions for using Online Banking securely.


Yours Sincerely,

Vishal Salvi
Chief Information Security Officer
HDFC Bank

 

WHAT IS PHISHING
  • Phishing is a modus operandi where in a customer gets an e-mail that deceptively claims to be from a particular enterprise (like your Bank) and asking for account sensitive information.
  • Phishing is a spoofed e-mail that closely resembles the Bank notices. The mail aims to convince customers to divulge account sensitive information such as Credit Card Numbers, Passwords and PINs, Bank Account Details etc..
  • These Phishing mails have a legitimate-looking URL or an image, which when clicked directs the affected user to the Phishing site where in the account sensitive details are captured.
  • Alternatively, sometimes the customer is asked to download and install "Security" software attached to the spam e-mail and doing so by the customer, the scamster can retrieve all the account related details.
 Some tips to Identify Phising Mails!
  • These emails generally ask for sensitive account information like Usernames, Passwords, Credit Card or Debit Card Numbers over the email.
  • The emails may include content, which is bound to make you react. For example, the email may have content which would state, "Please click here to update your Account Information in order to keep your Bank Account active". HDFC Bank will never send such emails. In such cases, always back check with the Bank.
  • Secure Site: Always look on the address bar to ensure that the NetBanking site has https:// in the address link. The HDFC Bank address bar link is https://netbanking.hdfcbank.com.
 PROTECTION FROM PHISHING
  • Be wary of e-mail messages that ask for your account sensitive information such as Customer Id and IPIN details, Card related details or any other sensitive information in reference to your account.
  • Unless the e-mail is digitally signed, you can never be 100% sure of its source!
  • Do not click any links inside an e-mail of which you have the slightest suspicion. Instead use a web browser to reach a particular web address.
    (Type http://www.hdfcbank.com) instead of clicking on the link.
  • Ensure that any Web site visited is secure when submitting sensitive information such as Credit Card numbers or using your NetBanking IPIN.
    1. One indication that a Web address is secure is if it starts with https:// rather than http://.
    2. Another indication is a padlock icon at the bottom of the screen, which when clicked, displays a security certificate.
  • Ensure that your browser requirement is up-to-date for accessing NetBanking.
  • Consider installing security software such as those offered by anti-virus specialists that can help detect virus, filter SPAM and/or ensure secure Internet Usage (firewalls).
  • Turn off your computer when not in use, to avoid criminals gaining access and misusing it for fraudulent purposes, which includes launching Phishing attacks.
  • If you receive any suspicious e-mail or website prompts which are asking for your private and confidential information in relation to your account with the Bank, please inform us immediately. You can forward the mail to us at [email protected] or call the nearest PhoneBanking Numbers.
  • If you suspect that you have become a victim of a Phishing attack and already have divulged your sensitive account information to fraudsters, please report to your home branch or call the nearest PhoneBanking Number or write in to us at [email protected]