At ICICI Bank, we are committed to make your banking with us a wonderful experience. We have adopted several measures to enhance the security of your funds and protection of your account. ICICI Bank's Safe Banking guidelines set out simple steps you can take to ensure that your money and your personal details are safe and secure.
Whether it's about online-banking security or traditional-banking security threats, BE INFORMED. Know how scamsters operate. Know how to keep your password secure and your credit card safe.
The following will give you information about security issues, help you make the right decisions and hence avoid costly surprises
Account Protection
Your account safety is our number one priority, and we're working diligently to protect your information. Here are just a few of the ways that we deliver safe banking commitment:
Security Begins When You Open Your Account
Whenever you open an account, your protection begins immediately. We require proper identification and verification to confirm the identity of all new account applicants. We may also check credit information to verify that warnings have not been placed on credit bureau reports that might indicate fraud or identity take-over.
Privacy and Security Practices
We take your privacy very seriously and take precautions to maintain it. Policies and procedures have been instituted to protect your personal financial information and to maintain the privacy of personal information relating to your relationship with ICICI.
For details on our Privacy Policy, please
click here
Security Practices
When you access your account and perform transactions on ICICIBANK Online, we use 128-bit Secure Sockets Layer (SSL) encryption technology—the most widely used method of securing internet transactions available today. Following technical security controls are implemented to protect your account.
128-bit Secure Socket Layer (SSL)technology: To access your accounts, you must use browser that supporting 128 bit encryption-among the strongest method available for commercial use.
Online user ID and password: To access your account, you need to use internet banking user id and password. Extra Two levels of passwords and second factor been asked for executing financial transactions.
Firewalls: Servers that run our site are protected by firewalls system that prevent unauthorised access to our network and which are constantly monitored to prevent security breaches.
Timed Logout : To protect your accounts against unauthorized access, our systems are designed to terminate a secure online session automatically if extended inactivity is detected. In addition, after logging into ICICIBank.com, you cannot use the ‘Back', ‘Forward' and ‘Refresh' buttons of your browser. If you click any of these buttons, your secure session will be logged out automatically. This is done to ensure that no unauthorized entry is made into your online account during your absence from your computer system.
Expiry Of User ID: Your Internet banking user ID expires if it is not used for a period of more than one year. However, if you have lost/misplaced your Internet Banking user ID / passwords, it is advisable to inform us and we will disable them to prevent their unauthorized usage. Your passwords also can be re-issued upon your request.
How do you protect yourself from online frauds:
Stay Alert –
No one is as familiar with your accounts as you are. Thats why regularly monitoring your account activity is one of the best ways to safeguard yourself against the fraud.
 |
Review your account details regularly |
|
Subscribe to regular transaction alerts on your mobile and email
|
|
Check your credit report regualrly |
Safety Measures –
Internet Banking Safety:
Use Internet Banking To Minimise The Risk of Fraud
|
Utilize paperless options. Restrict receipt of paper statements by subscribing to e-mailed bank account statements, credit card statements and demat account statements. |
|
Monitor your account activity regularly by checking your balances and statements online through ICICIBank.com. This helps you to detect fraudulent transactions, if any, quickly. The earlier a fraud is detected, the lesser will be its financial impact.
|
|
Restrict the use of cheques. Transfer funds online between your ICICI Bank accounts or send money to other ICICI Bank and non-ICICI Bank customers through ICICIBank.com. |
|
Receive and pay bills online for free with Bill Pay at ICICIBank.com. Fewer the personal documents sent through the mail, lesser the chance of fraud. |
|
Link and manage all your ICICI Bank relationships online at ICICIBank.com. |
|
Register for Mobile Banking and receive alerts upon all significant transactions in your account. Learn more about Mobile Banking. |
|
Communicate with the bank through the secure mailbox option at ICICIBank.com, “Write to Account Manager”. |
Tips For Use When Banking Through The Internet
|
Avoid accessing your Internet Banking account from a cyber cafe or a shared computer. However, if you happen to do so change your passwords from your own computer. |
|
Every time you complete your online banking session, log off from ICICIBank.com. Do not just close your browser.
|
|
To access ICICI Bank's Internet Banking, always type in the correct URL ( http://www.icicibank.com/) into your browser window. Never click a link that offers to take you to our website. |
|
If your log-in IDs or passwords appear automatically on the sign-in page of a secure website, you should disable the “Auto Complete” function to increase the security of your information.
To disable the “Auto Complete” function:
1. Open Internet Explorer and click "Tools" > "Internet Options" > "Content".
2. Under "Personal Information", click "Auto Complete”.
3. Uncheck "User names and passwords on forms" and click "Clear Passwords".
4. Click "OK".
|
|
Change your Internet Banking passwords (both log-in password and transaction password) after your first log-in, and thereafter regularly (at least once in a month). |
|
Your password should be complex and difficult for others to guess. Use letters, numbers and special characters [such as !,@, #,$, %, ^, &,* (, )] in your passwords. |
|
For additional security to financial transactions through Internet Banking, create and maintain different passwords for log-in and for transactions. |
|
If you have more than one Internet Banking user ID, use a different password for each of the user IDs. You may also view all your accounts with ICICI Bank under a single user ID by linking your various accounts to your preferred Internet Banking user ID. Click here to know more about linking your accounts. |
|
Never share your Internet Banking passwords with others, even family members. Do not reveal them to anybody, not even to an ICICI Bank employee. |
|
Always check the last log-in to your Internet Banking account. Log in to ICICIBank.com and see the left hand side of the “My Accounts” page to view the date and time of your last log-in. |
E-mail Safety Tips:
|
ICICI Bank will never send e-mails that ask for confidential information. If you receive an e-mail requesting your Internet Banking details like your PIN, password, account number, you should not respond. |
|
Delete suspicious e-mails without opening them. If you happen to open them, do not click any link or attachment they may contain.
|
|
|
|
To know about e-mail related frauds and tips to protect yourself from frauds, read " Phishing" and " Spoofing" |
Tips for Safe Online Shopping:
|
Be very sure of the website address. The website address is reflected in the address bar of your Internet browser. This check is recommended every time you access any website from a link given elsewhere. Always type the website address into the address bar or bookmark the websites that you use frequently. |
|
Never enter, confirm or update your account-related details in a pop-up window.
|
|
If you tend to use your credit cards for online shopping frequently, make sure that you sign up for the Verified by VISA and/or MasterCard Secure Code program(s). |
|
Confirm that the website is a secure one. Make sure any Internet purchase activity you engage in is secured by encryption to protect your account information. Look for "secure transaction" symbols. |
|
Shop only from reputed websites. |
|
Beware of online offers that require you to provide your account details “for verification”. |
Computer safety Measure:
Install And Update Anti-Virus Software
Always protect your computer by using up-to-date
anti-virus software that is capable of scanning files and e-mail messages for
viruses.This will prevent your files getting corrupted or lost and also prevent your computer from getting infected with the virus.
Anti-virus software protects you from
Trojan horses. Trojan horses are sent to computer systems typically through e-mail. They are particularly dangerous because they have the potential to allow others to gain control of your computer system remotely, without your knowledge or consent. These programs can capture and send sensitive information stored on your hard drive to any other person who has gained remote access to your computer.
Use A Personal Firewall
Any computer or device connected to the Internet that is not properly protected is vulnerable to a variety of malicious Internet intrusions and attacks. This applies to all users of cable modems, digital subscribe lines (DSL) and dial-up lines. However, cable modem and DSL users are particularly vulnerable because both connection methods provide "always-on" connection capability. The likelihood of a malicious person entering your computer increases significantly the longer your computer is on and is connected to the Internet.
A personal
firewall will help protect you from intrusion. Firewalls create a barrier between your computer and the rest of the Internet. A firewall can be a
hardware device, a
software application or a combination of the two. Firewalls can prevent malicious attacks and block certain types of data from entering your computer or private network. They can also be set up to alert you if anyone tries to access your system.
Keep Your Browser And Operating System Up-To-Date With Software Updates
The software you use and the Internet itself can impact the security of your online activities. Therefore, you should watch for security bulletins that warn you of various security "holes" or "bugs" that may impact the software and web browser you are using. It is very important to check the websites of your
operating system and web-browser vendors for software "
patches" and "updates". Some operating systems and software can be configured to automatically check for new updates.
Activate A Pop-Up Blocker
Several free, publicly available programs exist that will block all
pop-up windows from occurring while you are online. You can download such programs from the Internet.
Scan Your Computer For Spyware Regularly.
Spyware and adware are programs that monitor your Internet activity and potentially relay information to a disreputable source. Free spyware-removal programs are available on the Internet.
When You Are Not Using Your Computer, Shut It Down Or Disconnect It From The Internet.
Do not leave your computer unattended for a long time. When not in use, disconnect from the Internet or shut it down.
If You're a Victim of Identity Theft or Account Fraud
If you're a victim of identity theft or account fraud, you should notify your bank(s) immediately. If your account(s) is with ICICI you should call your ICICI customer service representative immediately. ICICI will work with you in an effort to make appropriate corrections of unauthorized transactions in your ICICI accounts and to correct any incorrect reports submitted by ICICI to credit bureaus, and will attempt to help protect you from any future identity theft or account fraud.
We also suggest that you immediately:
|
Call the fraud departments of all three credit bureaus. Ask them to put a "fraud alert" on your file. This tells creditors to call you before they open any more accounts in your name.
Equifax 1-800-525-6285
Experian 1-888-397-3742
TransUnion 1-800-680-7289 |
|
Contact your local police and ask to file a report. Even if the police can't catch the identity thief, having a police report can help you in clearing up your credit records later on. File a complaint with the Federal Trade Commission (FTC). Call the FTC's identity theft hotline toll-free at 1 (877) IDTHEFT (438-4338). The hotline is staffed by counselors trained to help victims and take their complaints. You may also file a complaint online at www.consumer.gov/idtheft.
|
|
Complete the identity theft affidavit, which will assist you in reporting to many companies that a new account has been open in your name. Obtain a copy of the identity theft affidavit by clicking the link below: www.ftc.gov/bcp/conline/pubs/credit/affidavit.pdf.* |
How to report a fraud :
Please call our
24-hour Customer Care or visit “
Customer Service” at www.icicibank.com
Types of Online Fraud
PHISHING
What Is Phishing?
Phishing is an attempt by fraudsters to 'fish' for your banking details. A phishing attempt usually is in the form of an e-mail that appears to be from your bank. The e-mail usually encourages you to click a link in it that takes you to a fraudulent log-on page designed to capture your details. E-mail addresses can be obtained from publicly available sources or through randomly generated lists. Therefore, if you receive a fake e-mail that appears to be from ICICI Bank, it does not mean that your e-mail address, name, or any other information has been taken from our systems.
How The Fraudsters Operate?
|
Fraudsters send fake e-mails claiming that your information has been compromised, due to which your bank account has been de-activated/suspended, and ask you to hence confirm the authenticity of your information/transactions like credit card number, personal identification number (PIN), passwords or personal information, such as mother's maiden name. In order to prompt a response, such e-mails usually resort to using statements that convey an urgent or threatening condition concerning your account. |
|
While some e-mails are easy to identify as fraudulent, others may appear to be from a legitimate source. However, you should not rely on the name or address in the “From” field alone, as this can be easily duplicated.
|
|
Very often, such phishing e-mails may contain spelling mistakes. Even the links to the counterfeit websites may contain URLs with spelling mistakes, to take you to a fake website which looks like that of your bank. |
|
Some fake e-mails promise a prize or gift certificate in exchange for your completing a survey or answering a few questions. In order to collect the alleged prize, you may be asked to provide your personal information. |
|
Fake e-mails appear to be sent by companies to offer a job. These are often for work-at-home positions that are actually schemes that victimize both the job applicant and other customers. |
|
Fake e-mails may direct you to counterfeit websites carefully designed to look real. Hence such websites may look very similar and familiar to you, but are in fact used to collect personal information for illegal use. |
|
Such e-mails attempt to convey a sense of urgency or threat. Example: “Your account will be closed or temporarily suspended if you don't respond.”Or, “You'll be charged a fee if you don't respond.” |
Tips To Protect Yourself From Phishing
|
ICICI Bank will never send e-mails that ask for confidential information. If you receive an e-mail requesting your Internet Banking security details like PIN, password or account number, you should not respond. |
|
Whenever you use a link to access a website, be sure to check for the URL of the website and compare it with the original. We recommend that you type in the URL yourself whenever you access www.icicibank.com or bookmark/store the URL in your list of ‘Favorites’.
|
|
Delete suspicious e-mails without opening them. If you happen to open them, do not click any link or attachment they may contain. |
|
If you receive a job offer via e-mail, ensure that it's from a genuine and reputed company. |
SPOOFING
What Is Spoofing?
Website spoofing is the act of creating a website, as a hoax, with the intention of performing fraud. To make spoof sites seem legitimate, phishers use the names, logos, graphics and even code of the actual website. They can even fake the URL that appears in the address field at the top of your browser window and the Padlock icon that appears at the bottom right corner.
How The Fraudsters Operate?
Fraudsters send e-mails with a link to a spoofed website asking you to update or confirm account related information. This is done with the intention of obtaining sensitive account related information like your Internet Banking user ID, password, PIN, credit card / debit card / bank account number, card verification value (CVV) number, etc..
Tips To Protect Yourself From Spoofed Websites
|
ICICI Bank will never send e-mails that ask for confidential information. If you receive an e-mail requesting your Internet Banking security details like PIN, password or account number, you should not respond.
|
|
Check for the Padlock icon: There is a de facto standard among web browsers to display a Padlock icon somewhere in the window of the browser For example, Microsoft Internet Explorer displays the lock icon at the bottom right of the browser window. Click (or double-click) on it in your web browser to see details of the site's security.It is important for you to check to whom this certificate has been issued, because some fraudulent websites may have a padlock icon to imitate the Padlock icon of the browser.
|
|
Check the webpage’s URL. When browsing the web, the URLs (web page addresses) begin with the letters "http". However, over a secure connection, the address displayed should begin with "https" - note the "s" at the end. |
For example: Our home page address is http://www.icicibank.com. Here the URL begins with "http" meaning this page is not secure. Click the tab under "Login". The URL now begins with "https”, meaning the user name and password typed in will be encrypted before being sent to our server.
VISHING
What Is Vishing?
Vishing is a combination of Voice and Phishing that uses Voice over Internet Protocol (VoIP) technology wherein fraudsters feigning to represent real companies such as banks attempt to trick unsuspecting customers into providing their personal and financial details over the phone.
How The Fraudsters Operate?
A typical vishing attack could follow a sequence such as this:
Tips To Protect Yourself From Vishing
|
Your bank would have knowledge of some of your personal details. Be suspicious of any caller who appears to be ignorant of basic personal details like first and last name (although it is unsafe to rely on this alone as a sign that the call is legitimate). If you receive such a call, report it to your bank. |
|
Do not call and leave any personal or account details on any telephone system that you are directed to by a telephone message or from a telephone number provided in a phone message, an e-mail or an SMS especially if it is regarding possible security issues with your credit card or bank account.
|
|
When a telephone number is given, you should first call the phone number on the back of your credit card or on your bank statement to verify whether the given number actually belongs to the bank. |
SKIMMING
What Is Skimming?
Skimming is a method used by fraudsters to capture your personal or account information from your credit card. Your card is swiped through the skimmer and the information contained in the magnetic strip on the card is then read into and stored on the skimmer or an attached computer. Skimming is a tactic used predominantly to perpetrate credit-card fraud – but it is also a tactic that is gaining in popularity among identity thieves.
How The Fraudsters Operate?
|
At ATM machines
Fraudsters insert a skimming device to the ATM's card slot. This device scans the card and stores its associated information. While a customer keys in his PIN, the wireless skimming device transfers the data to the fraudsters. This information is then used by the fraudsters for online shopping or to make counterfeit credit cards. |
|
At Restaurants / Shopping Outlets
At restaurants and shopping outlets, the credit card is swiped twice, once for the regular transaction and the other in the skimmer that captures the personal information which is retrieved later by the fraudsters.
|
Tips To Protect Yourself From Skimming
|
Sign on the reverse of your credit card as soon as you receive it. |
|
Collect your receipts / charge slips at ATM's, restaurants and shopping outlets.
|
|
Use your card with merchants that you know and can trust. Never allow a shopkeeper to take your card to a different shop/room for swiping. |
MONEY MULE
What is a Money Mule?
Once the fraudster has captured personal information using anyone of the ways mentioned above, they need an account to which they can transfer funds from the compromised account. This is where a “Money Mule” comes into picture. A Money Mule is an unwitting participant in the frauds who is recruited by fraudsters to launder stolen money across the globe.
How The Fraudsters Operate?
Tips on how you can avoid getting involved in a money mule scam.
 |
|
