At ICICI Bank, we are committed to make
your banking with us a wonderful experience. We have adopted
several measures to enhance the security of your funds and
protection of your account. ICICI Bank's Safe Banking
guidelines set out simple steps you can take to ensure that
your money and your personal details are safe and secure.
Whether it's about online-banking security or
traditional-banking security threats, BE INFORMED. Know how
scamsters operate. Know how to keep your password secure and
your debit/credit card safe.
The following will give
you information about security issues, help you make the right
decisions and hence avoid costly surprises
Account Protection
Your
account safety is our number one priority, and we're working
diligently to protect your information. Here are just a few of
the ways that we deliver safe banking commitment:
Security Begins When
You Open Your Account
Whenever you open an
account, your protection begins immediately. We require proper
identification and verification to confirm the identity of all
new account applicants. We may also check credit information
to verify that warnings have not been placed on credit bureau
reports that might indicate fraud or identity
take-over.
Privacy and
Security Practices
We take your privacy very
seriously and take precautions to maintain it. Policies and
procedures have been instituted to protect your personal
financial information and to maintain the privacy of personal
information relating to your relationship with ICICI.
For details on our Privacy Policy, please
click here
Security Practices
When
you access your account and perform transactions on ICICIBANK
Online, we use 128-bit Secure Sockets Layer (SSL) encryption
technology—the most widely used method of securing internet
transactions available today. Following technical security
controls are implemented to protect your
account.
128-bit Secure Socket Layer
(SSL)technology: To access your accounts, you must
use browser that supporting 128 bit encryption-among the
strongest method available for commercial
use.
Online user ID and password: To
access your account, you need to use internet banking user id
and password. Multilayer Password Authentication is asked for
financial transactions.
Firewalls: Servers that run our site are protected by firewalls system
that prevent unauthorised access to our network and which are
constantly monitored to prevent security
breaches.
Timed Logout : To protect
your accounts against unauthorized access, our systems are
designed to terminate a secure online session automatically if
extended inactivity is detected. In addition, after logging
into ICICIBankUSA.com, you cannot use the ‘Back', ‘Forward' and
‘Refresh' buttons of your browser. If you click any of these
buttons, your secure session will be logged out automatically.
This is done to ensure that no unauthorized entry is made into
your online account during your absence from your computer
system.
Expiry Of User ID: Your Internet
banking user ID expires if it is not used for a period of more
than one year. However, if you have lost/misplaced your
Internet Banking user ID / passwords, it is advisable to
inform us and we will disable them to prevent their
unauthorized usage. Your passwords also can be re-issued upon
your request.
How
do you protect yourself from online
frauds:
Stay
Alert –
No one is as familiar with your accounts
as you are. Thats why regularly monitoring your account
activity is one of the best ways to safeguard yourself against
the fraud.
 |
Review your account details
regularly |
|
Check your credit report
regularly |
Safety Measures –
Internet
Banking Safety:
Use Internet Banking To Minimise
The Risk of Fraud
|
Utilize paperless options. Restrict
receipt of paper statements by subscribing to e-mailed
bank account statements. |
|
Monitor your account activity
regularly by checking your balances and statements
online through www.icicibankusa.com. This helps you to
detect fraudulent transactions, if any, quickly. The
earlier a fraud is detected, the lesser will be its
financial impact.
|
|
Restrict the use of cheques. Transfer
funds online between your ICICI Bank accounts or send
money to other ICICI Bank and non-ICICI Bank customers
through www.icicibankusa.com. |
|
Link and
manage all your ICICI Bank relationships online at
www.icicibankusa.com. |
Tips For Use When Banking Through The
Internet
|
Avoid accessing your Internet Banking
account from a cyber cafe or a shared computer. However,
if you happen to do so change your passwords from your
own computer. |
|
Every time you complete your online
banking session, log off from ICICIBankusa.com. Do not
just close your browser.
|
|
To access ICICI Bank's Internet
Banking, always type in the correct URL ( http://www.icicibankusa.com//) into
your browser window. Never click a link that offers to
take you to our website. |
|
If your log-in IDs or passwords
appear automatically on the sign-in page of a secure
website, you should disable the “Auto Complete” function
to increase the security of your
information.
To disable the “Auto Complete”
function:
1. Open Internet Explorer and
click "Tools" > "Internet Options" > "Content".
2. Under "Personal Information", click "Auto
Complete”.
3. Uncheck "User names and passwords on
forms" and click "Clear Passwords".
4. Click "OK". |
|
Change your
Internet Banking passwords (both log-in password and
transaction password) after your first log-in, and
thereafter regularly (at least once in a month). |
|
Your password should be complex and
difficult for others to guess. Use letters, numbers and
special characters [such as !,@, #,$, %, ^, &,* (,
)] in your passwords. |
|
For additional security to financial
transactions through Internet Banking, create and
maintain different passwords for log-in and for
transactions. |
|
If you have more than one Internet
Banking user ID, use a different password for each of
the user IDs. You may also view all your accounts with
ICICI Bank under a single user ID by linking your
various accounts to your preferred Internet Banking user
ID. Click here to know more about linking your
accounts. |
|
Never share your Internet Banking
passwords with others, even family members. Do not
reveal them to anybody, not even to an ICICI Bank
employee. |
|
Always check the last log-in to your
Internet Banking account. Log in to ICICIBankusa.com and
see the left hand side of the “My Accounts” page to view
the date and time of your last
log-in. |
E-mail Safety
Tips:
|
ICICI Bank will never send e-mails
that ask for confidential information. If you receive an
e-mail requesting your Internet Banking details like
your PIN, password, account number, you should not
respond. |
|
Delete suspicious e-mails without
opening them. If you happen to open them, do not click
any link or attachment they may contain.
|
|
|
|
To know about e-mail related frauds
and tips to protect yourself from frauds, read " Phishing"
and " Spoofing" |
Tips for Safe Online
Shopping:
|
Be very sure of the website address.
The website address is reflected in the address bar of
your Internet browser. This check is recommended every
time you access any website from a link given elsewhere.
Always type the website address into the address bar or
bookmark the websites that you use frequently. |
|
Never enter, confirm or update your
account-related details in a pop-up
window.
|
|
If you tend to use your credit cards
for online shopping frequently, make sure that you sign
up for the Verified by VISA and/or MasterCard Secure
Code program(s). |
|
Confirm that the website is a secure
one. Make sure any Internet purchase activity you engage
in is secured by encryption to protect your account
information. Look for "secure transaction" symbols. |
|
Shop only from
reputed websites. |
|
Beware of online offers that require
you to provide your account details “for verification”. |
Computer safety
Measure:
Install And Update Anti-Virus
Software
Always protect your computer by using
up-to-date
anti-virus software that is capable of
scanning files and e-mail messages for
viruses.This will prevent your files getting
corrupted or lost and also prevent your computer from getting
infected with the virus.
Anti-virus software protects
you from
Trojan horses. Trojan horses are sent to
computer systems typically through e-mail. They are
particularly dangerous because they have the potential to
allow others to gain control of your computer system remotely,
without your knowledge or consent. These programs can capture
and send sensitive information stored on your hard drive to
any other person who has gained remote access to your
computer.
Use A Personal
Firewall
Any computer or device connected to the
Internet that is not properly protected is vulnerable to a
variety of malicious Internet intrusions and attacks. This
applies to all users of cable modems, digital subscribe lines
(DSL) and dial-up lines. However, cable modem and DSL users
are particularly vulnerable because both connection methods
provide "always-on" connection capability. The likelihood of a
malicious person entering your computer increases
significantly the longer your computer is on and is connected
to the Internet.
A personal
firewall will help protect you from
intrusion. Firewalls create a barrier between your computer
and the rest of the Internet. A firewall can be a
hardware device, a
software application or a combination of the
two. Firewalls can prevent malicious attacks and block certain
types of data from entering your computer or private network.
They can also be set up to alert you if anyone tries to access
your system.
Keep Your Browser And Operating
System Up-To-Date With Software Updates
The
software you use and the Internet itself can impact the
security of your online activities. Therefore, you should
watch for security bulletins that warn you of various security
"holes" or "bugs" that may impact the software and web browser
you are using. It is very important to check the websites of
your
operating system and web-browser
vendors for software "
patches" and "updates". Some operating
systems and software can be configured to automatically check
for new updates.
Activate A Pop-Up
Blocker
Several free, publicly available programs
exist that will block all
pop-up windows from occurring while you are
online. You can download such programs from the
Internet.
Scan Your Computer For
Spyware Regularly.
Spyware and adware are programs that
monitor your Internet activity and potentially relay
information to a disreputable source. Free spyware-removal
programs are available on the Internet.
When You Are Not Using Your Computer, Shut It Down
Or Disconnect It From The Internet.
Do not leave your
computer unattended for a long time. When not in use,
disconnect from the Internet or shut it down.
If You're a Victim of Identity
Theft or Account Fraud
If
you're a victim of identity theft or account fraud, you should
notify your bank(s) immediately. If your account(s) is with
ICICI you should call your ICICI customer service
representative immediately. ICICI will work with you in an
effort to make appropriate corrections of unauthorized
transactions in your ICICI accounts and to correct any
incorrect reports submitted by ICICI to credit bureaus, and
will attempt to help protect you from any future identity
theft or account fraud.
We also suggest that you
immediately:
|
Call the fraud departments of all
three credit bureaus. Ask them to put a "fraud alert" on
your file. This tells creditors to call you before they
open any more accounts in your name.
Equifax
1-800-525-6285
Experian 1-888-397-3742
TransUnion
1-800-680-7289 |
|
Contact your local police and ask to
file a report. Even if the police can't catch the
identity thief, having a police report can help you in
clearing up your credit records later on. File a
complaint with the Federal Trade Commission (FTC). Call
the FTC's identity theft hotline toll-free at 1 (877)
IDTHEFT (438-4338). The hotline is staffed by counselors
trained to help victims and take their complaints. You
may also file a complaint online at www.consumer.gov/idtheft.
|
|
Complete the identity theft
affidavit, which will assist you in reporting to many
companies that a new account has been open in your name.
Obtain a copy of the identity theft affidavit by
clicking the link below: www.ftc.gov/bcp/conline/pubs/credit/affidavit.pdf.* |
How to report a fraud :
|
If you receive an e-mail claiming to
be from ICICI Bank regarding updating sensitive account
information like PIN, password, account number, let us
know by forwarding the e-mail to usbranch@icicibank.com |
|
Never provide sensitive account
information like PIN, password, account number or
personal details in response to an e-mail. If you have
entered such information, report it to us immediately.
|
|
If you notice any spoofed
(duplicate/unofficial) ICICI Bank website, let us know
by writing at usbranch@icicibank.com |
|
To report
unauthorized transactions in your
account |
Please call our
24-hour
Customer Care or visit
www.icicibankusa.com
Types of Online
Fraud
PHISHING
What
Is Phishing?
Phishing is an attempt by fraudsters
to 'fish' for your banking details. A phishing attempt usually
is in the form of an e-mail that appears to be from your bank.
The e-mail usually encourages you to click a link in it that
takes you to a fraudulent log-on page designed to capture your
details. E-mail addresses can be obtained from publicly
available sources or through randomly generated lists.
Therefore, if you receive a fake e-mail that appears to be
from ICICI Bank, it does not mean that your e-mail address,
name, or any other information has been taken from our
systems.
How The Fraudsters
Operate?
|
Fraudsters send fake e-mails claiming
that your information has been compromised, due to which
your bank account has been de-activated/suspended, and
ask you to hence confirm the authenticity of your
information/transactions like credit card number,
personal identification number (PIN), passwords or
personal information, such as mother's maiden name. In
order to prompt a response, such e-mails usually resort
to using statements that convey an urgent or threatening
condition concerning your account. |
|
While some e-mails are easy to
identify as fraudulent, others may appear to be from a
legitimate source. However, you should not rely on the
name or address in the “From” field alone, as this can
be easily duplicated.
|
|
Very often, such phishing e-mails may
contain spelling mistakes. Even the links to the
counterfeit websites may contain URLs with spelling
mistakes, to take you to a fake website which looks like
that of your bank. |
|
Some fake
e-mails promise a prize or gift certificate in exchange
for your completing a survey or answering a few
questions. In order to collect the alleged prize, you
may be asked to provide your personal information. |
|
Fake e-mails
appear to be sent by companies to offer a job. These are
often for work-at-home positions that are actually
schemes that victimize both the job applicant and other
customers. |
|
Fake e-mails
may direct you to counterfeit websites carefully
designed to look real. Hence such websites may look very
similar and familiar to you, but are in fact used to
collect personal information for illegal use. |
|
Such e-mails
attempt to convey a sense of urgency or threat. Example:
“Your account will be closed or temporarily suspended if
you don't respond.”Or, “You'll be charged a fee if you
don't respond.” |
Tips
To Protect Yourself From Phishing
|
ICICI Bank will never send e-mails
that ask for confidential information. If you receive an
e-mail requesting your Internet Banking security details
like PIN, password or account number, you should not
respond. |
|
Whenever you use a link to access a
website, be sure to check for the URL of the website and
compare it with the original. We recommend that you type
in the URL yourself whenever you access
www.icicibankusa.com or bookmark/store the URL in your
list of ‘Favorites’.
|
|
Delete suspicious e-mails without
opening them. If you happen to open them, do not click
any link or attachment they may contain. |
|
If you receive
a job offer via e-mail, ensure that it's from a genuine
and reputed company. |
SPOOFING
What
Is Spoofing?
Website spoofing is the act of
creating a website, as a hoax, with the intention of
performing fraud. To make spoof sites seem legitimate,
phishers use the names, logos, graphics and even code of the
actual website. They can even fake the URL that appears in the
address field at the top of your browser window and the
Padlock icon that appears at the bottom right
corner.
How The Fraudsters
Operate?
Fraudsters send e-mails with a link to a
spoofed website asking you to update or confirm account
related information. This is done with the intention of
obtaining sensitive account related information like your
Internet Banking user ID, password, PIN, credit card / debit
card / bank account number, card verification value (CVV)
number, etc..
Tips To Protect Yourself
From Spoofed Websites
|
ICICI Bank will never send e-mails that ask for
confidential information. If you receive an e-mail
requesting your Internet Banking security details like
PIN, password or account number, you should not
respond.
|
|
Check for the Padlock icon: There is
a de facto standard among web browsers to display a
Padlock icon somewhere in the window of the browser For
example, Microsoft Internet Explorer displays the lock
icon at the bottom right of the browser window. Click
(or double-click) on it in your web browser to see
details of the site's security.It is important for you
to check to whom this certificate has been issued,
because some fraudulent websites may have a padlock icon
to imitate the Padlock icon of the browser.
|
|
Check the webpage’s URL. When
browsing the web, the URLs (web page addresses) begin
with the letters "http". However, over a secure
connection, the address displayed should begin with
"https" - note the "s" at the
end. |
For
example: Our home page address is
http://www.icicibankusa.com. Here the URL begins with "http"
meaning this page is not secure. Click the tab under "Login".
The URL now begins with "https”, meaning the user name and
password typed in will be encrypted before being sent to our
server.
VISHING
What Is
Vishing?
Vishing is a combination of Voice and
Phishing that uses Voice over Internet Protocol (VoIP)
technology wherein fraudsters feigning to represent real
companies such as banks attempt to trick unsuspecting
customers into providing their personal and financial details
over the phone.
How The Fraudsters
Operate?
A typical vishing attack could follow a
sequence such as this:
Tips To
Protect Yourself From Vishing
|
Your bank would have knowledge of
some of your personal details. Be suspicious of any
caller who appears to be ignorant of basic personal
details like first and last name (although it is unsafe
to rely on this alone as a sign that the call is
legitimate). If you receive such a call, report it to
your bank. |
|
Do not call and leave any personal or
account details on any telephone system that you are
directed to by a telephone message or from a telephone
number provided in a phone message, an e-mail or an SMS
especially if it is regarding possible security issues
with your credit card or bank account.
|
|
When a telephone number is given, you
should first call the phone number on the back of your
credit card or on your bank statement to verify whether
the given number actually belongs to the bank. |
SKIMMING
What Is
Skimming?
Skimming is a method used by fraudsters
to capture your personal or account information from your
credit card. Your card is swiped through the skimmer and the
information contained in the magnetic strip on the card is
then read into and stored on the skimmer or an attached
computer. Skimming is a tactic used predominantly to
perpetrate credit-card fraud – but it is also a tactic that is
gaining in popularity among identity
thieves.
How The Fraudsters
Operate?
|
At ATM
machines
Fraudsters insert a skimming device
to the ATM's card slot. This device scans the card and
stores its associated information. While a customer keys
in his PIN, the wireless skimming device transfers the
data to the fraudsters. This information is then used by
the fraudsters for online shopping or to make
counterfeit credit cards. |
|
At Restaurants / Shopping
Outlets
At restaurants and shopping outlets,
the credit card is swiped twice, once for the regular
transaction and the other in the skimmer that captures
the personal information which is retrieved later by the
fraudsters.
|
Tips To
Protect Yourself From Skimming
|
Sign on the reverse of your credit
card as soon as you receive it. |
|
Collect your receipts / charge slips
at ATM's, restaurants and shopping
outlets.
|
|
Use your card with merchants that you
know and can trust. Never allow a shopkeeper to take
your card to a different shop/room for swiping. |
MONEY MULE
What
is a Money Mule?
Once the fraudster has captured
personal information using anyone of the ways mentioned above,
they need an account to which they can transfer funds from the
compromised account. This is where a “Money Mule” comes into
picture. A Money Mule is an unwitting participant in the
frauds who is recruited by fraudsters to launder stolen money
across the globe.
How The Fraudsters
Operate?
Tips on how
you can avoid getting involved in a money mule
scam.
 |
|
