As our nation takes a leap towards digitization, Internet becomes an integral part of our daily activity. But the boon of Internet also poses some threats – cyber threats – a common threat for individuals, enterprises or anything that exist on the Internet.
We, at Ujjivan Small Finance Bank, acknowledge the crisis and resolve to provide optimal security to your data and transactions. We also feel that your active involvement in knowing more about cyber threats or scams is equally important for your safety of your money.
You are your first line of defence against the Internet frauds. You can safeguard your information from the cyber threats by embracing safe practices while you are on the Internet, which is almost all the time. Also, being aware of the threats empowers you to become more cautious.
So, let’s get to know about cyber threats in detail and also about some common scams that robbed many people of their money.
The system of internet-connected devices is called the 'cyberspace', and any attempt to disrupt, damage, or deceive any entity via the cyberspace is known as a 'cyber threat'.
Hackers or cyber criminals try to steal vital information related to an individual, or an enterprise, using various methods and modus operandi. This psychological manipulation of people into performing actions or divulging confidential information is called 'social engineering'.
Perpetrators use human interaction or psychological manipulation to obtain information about an individual, or an enterprise, from its systems that are connected to the Internet.
Through Social Engineering, the hacker tries to steal your vital information by manipulating you or by playing psychological tricks. They can try persuading you to make a payment or visit a fake website. Also, they push you to give away your account information by presenting fake scenarios.
Social Engineering is a broad category, with Phishing, as one of its types.
In Phishing, an attacker or hacker uses emails as his/ her tool for deception. You, the victim, receive an email with hyperlinks that redirect you to a malicious website, often a dummy of the official website of a bank or a trusted organisation. The attacker seeks information via email, and when you respond with the data, the hacker misuses it to siphon money from your bank account.
In case of a suspicious email, you should try to verify the sender's identity with the company or the organisation. Move your computer cursor over the link and see what it shows. If the displayed link differs from the written link, do not click on it.
Tips to avoid Phishing:
When Phishing attacks are carried out using voice communication (phone calls), it is called Vishing or Whishing. In this kind of fraud, an attacker calls you primarily using VoIP (Voice over Internet Protocol) to hide or spoof their ID. Sometimes, the hackers may try to pressurize you by presenting an urgent scenario, manipulating you to give away vital information or act in haste.
Tips to avoid Vishing/ Whishing:
The modus operandi of a Smishing attack is like a Phishing attack; the only difference is that it is carried out using text messages or SMS.
Tips to avoid Smishing:
A spoofing attack happens when a hacker/ attacker tries to obtain personal information or persuades you to make an online payment by pretending to be a legitimate/ original business entity by creating duplicate websites, email IDs, or other methods, e.g., payment gateways.
Tips to avoid Spoofing:
Card Cloning/ Skimming is a widespread practice for stealing money from a debit/ ATM card. Scammers attach an undistinguishable cloning tool to the ATM. Unaware of the malicious device, you swipe your card. The machine reads the magnetic stripe on the card and stores the information. The scammers obtain the PIN by setting up a camera or a special cover over the keypad of the ATM that tracks the finger movement/ fingerprints. Once they get both the information, the scammers create a new card and fish the money out of your account.
There is another common method called Card Swapping. Scammers replace your original ATM/ Debit card with a dummy card and steal your money after they obtain the security PIN.
Taking precautionary measures eliminates the chances of any debit card frauds that you may face otherwise.
Tips to avoid ATM Frauds:
An Image of a Debit Card without a Chip
An Image of Ujjivan Bank Debit Card with a Chip
Note: All of Ujjivan’s ATM’s are equipped with Anti-Skimming machines to protect you from Skimming frauds.
When you visit a website, especially the ones that allow payments, look for a sign of a padlock on the address bar or see if the web address starts with https:// instead of http://
You can also click on the 'padlock' sign to read the information about the security certificate and see who it has been issued to.
At Ujjivan Small Finance Bank, we take every effort to protect our systems from unauthorized access and other rapidly evolving threats by deploying award-winning, future-ready security measures. We understand ensuring cybersecurity is an on-going endeavour and, therefore, regularly invest towards upgrades and enhancements.
Despite stringent policies, and round the clock vigilance, some mishaps may happen. Therefore, to achieve enhanced security, we urge you to embrace the safety precautions and protect yourself from cyber threats:
Please remember, the bank or any financial organization can only introduce policies and take security measures to ensure your safety. However, only you possess the power to prevent the frauds by being aware and not falling prey to the scams.
To secure the data and information of our customers, Ujjivan Small Finance Bank has institutionalized multiple protocols and best practices. Here are some of the features that can help you differentiateofficial email communication from the Bank:
If you feel suspicious about any email that claims to be sent by the Bank, please to write to us at email@example.com
Acknowledging the dynamic threat environment, we have taken multiple measures to ensure that every transaction is safe and that customers' information is not compromised at any stage. A few of these measures are:
We have adopted an approach of continuous improvement when it comes to security. Our robust Business Continuity and Disaster Recovery plans are periodically tested to ensure that they meet any operational urgency.
Our proactive measures to ensure the customer security by constant up-gradation of the system and policies have earned accolades from the industry experts, winning prestigious awards like the 'Finnoviti Awards, 2019 For Best Innovation In IT' and 'DSCI Excellence Awards, 2018 For 'Security Practices In Small Finance Banks'.
On 11th March 2020, the RBI Governor, Mr. Shaktikanta Das, issued an advisory titled Banking Landscape in the 21st Century. The commentary covers how the sector has unfolded in recent times, and how newer technologies are being implemented to fast- track user experience while introducing more safety features.
He said, "...Artificial Intelligence (AI), Machine Learning (ML), and Big Data are becoming central to financial services innovation. They can also help in fraud detection and in identifying better ways of monitoring the use of funds by borrowers, track suspicious transactions, etc. by processing large datasets. …".
The Governor's speech is expected to encourage Indian consumers to accept a more digital approach to the banking services as he said, "...Advanced analytics and real-time monitoring of emerging cybersecurity risks will be critical in detecting potential threats and enabling pre-emptive action." Read the full article here.
If possible, change your passwords and PIN immediately.