Meanwhile, the phisher adds a payee in the user's account. This is required to be given to the bank employee who will call him. Phishers send out SMS to users informing them that an SMS will be received with the URN. ![]() (URN) that is received on the registered mobile no. Phishers use a combination of email phishing, vishing (voice phishing) and smishing (SMS phishing) to get customer details like account no., login ID, login and transaction password, mobile no., address, debit card grid values, credit card no., CVV no., PAN, date of birth, mother's maiden name, passport no., etc.įor funds transfer through internet banking, the user needs to add a payee and confirm the registration, using the Unique Reference No. Phishers have refined their technology to launch sophisticated attacks and use advanced social engineering techniques to dupe online banking users. Post which the user is redirected to the genuine website On updation, the data goes to phishers.Or while the user is online, a form will populate through an "in-session pop-up" When the user clicks on the link, the replica of the website will open.Bulk e-mails are sent to users asking for their personal data like account details, passwords etc.Phishers sets up a replica page of a known financial institution or a popular shopping website.As far as possible do not use un-trusted system to access a sensitive service.Do not accept auto complete option provided by your computer/ browser. Do not let your computer remember your password.One possible method for picking a good password is to make up your own acronym.Any of the above reversed or concatenated.Name of a person or a thing, a place, a proper noun, a phone number or a vehicle number.Dictionary words (including foreign and technical dictionaries).Passwords should not be any of the following:.Make the password difficult for others to guess or crack but easy for you to memorise and remember. Writing down your password: One should never write down a password.Forbidden Characters: There are a few characters that will cause problems if used in a password - the "delete" character is one of the obvious ones.Long Digit Sequences: An acceptable password must not have a digit sequence any longer than two (2) characters. ![]() Long Alpha Sequences: An acceptable password must not have an alphabetic sequence any longer than three (3) characters.A password that includes a sample from a rich character set is difficult to crack. Character Types: An acceptable password must have characters from at least three (3) different character types - upper case, lower case, digits, punctuation, etc.Repeated characters can make for palindromes and make it easier to crack. Unique Characters: An acceptable password must have at least five (5) different characters.Change passwords at least once every 90 (ninety) days.Do not store passwords in a file on ANY computer system (including Palm Pilots or similar devices) without encryption.Better practice would be to log on to the service by typing in the URL in the address bar after making sure the page opening up is from the genuine service provider. Do not provide user-id and passwords on any page that appears as a popup when you click on a hyperlink received through email. ![]() Any changes from normal make sure there is no attempt to steal your personal information before providing it.Enter your user-id and password only in the space provided for- that you are normally used to.Do not divulge your password to any one.Password Management - Password Creation and Maintenance
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |