What is phishing?
Phishing is a process where scamsters trick you into giving them your user IDs, passwords or credit card details, so that they can gain access to your online banking accounts.
Victims are known to receive phone calls, SMS or most frequently emails claiming to be from a bank or trading partner, asking them for personal information to re-register or update their accounts. Soon after they've provided this information, they usually find that their banking accounts have been cleared out.
How do I recognise a phishing scam / site?
Here are a couple of ways you can spot a phishing scam
- you receive a phone call, SMS or email asking you to provide personal/ security information or TAC
- a phishing email link, when clicked, will open into an un-secure login site, with its URL most likely to begin with http, instead of the secure https
- the phishing site's URL may contain misspelled words, like "Mybank" instead of Maybank.
How do I prevent phishing attempts?
Here are several safe tips to minimise threats of "phishing" and similar scams
- Do not trust any phone calls, SMS, e-mail, web and chat that requests for your personal details and identity.
- Never click on a URL link in an e-mail or fill out forms in e-mail messages and un-trusted websites.
- Go directly to your bank's web site to access Internet Banking and manually key in the company's web site address in the browser's URL bar.
- Keep up-to-date with the latest security patches. Update your Operating System and Internet Browser with the latest patches, making sure all security and critical patches are applied. Use anti-virus software and, if possible, personal firewalls. Ensure your anti-virus software is up to date with the latest signatures.
- Scanning your PC regularly from a popular anti-virus web site is also recommended.
- Lastly, if an online money-making scheme seems too good to be true, it probably is. This generally holds true for off-line schemes as well!