| Online Security Tips |
| Security Measures |
 |
Firewall
Virtual electronic fence that prevents unauthorised access to the ICICI Bank server |
|
128 bit Secure Socket Layer (SSL)
SSL stands for "Secure Sockets Layer". It is a protocol designed to enable applications to transmit information back and forth securely. Applications that use this protocol inherently know how to give and receive encryption keys with other applications, as well as how to encrypt and decrypt data sent between the two. SSL has been universally accepted on the World Wide Web for authenticated and encrypted communication between the user's computer and servers.
Some applications that are configured to run SSL include web browsers like Internet Explorer and Netscape, email programs like GroupWise, Outlook, and Outlook Express, FTP (file transfer protocol) programs, etc. These programs are automatically able to receive SSL connections.
To send an SSL connection, however, or to open a secure connection, your application must first have an encryption key assigned to it by a Certification Authority. Once it has a unique key of its own, you can establish a secure connection with every other application that can "speak" the SSL protocol. |
|
VeriSign Digital Certificate
Digital certificates are issued by certification authorities to authenticate a Web site or elements of Web sites. The certificate identifies the originator of the site, or element, and verifies that it has not been tampered with. When your Web browser is presented with a certificate, it will check to see if a legitimate certification authority issued the certificate. If there is a match, your session will continue. Otherwise, your browser will issue a warning and your safest action is to cancel your activity. |
|
Data encryption
A way to make data unreadable to everyone except the recipient of a message. Encryption is often used to make the transmission of login passwords secure. |
|
Technology updates
In order to effectively counter the latest security threats, we ensure that our systems are constantly updated to maintain the security of your details. |
| |
Top |
| Secure your PC |
|
Install and Update Anti-Virus Software
You should always protect your computer by using up-to-date anti-virus software that is capable of scanning files and email messages for viruses. This will prevent your files from being corrupted or lost and also prevent your PC from getting infected with the virus.
Anti-virus software protects you from Trojan horses. Trojan horses are typically sent to computer systems through email. They are particularly dangerous because they have the potential to allow others to gain control of your computer system remotely, without your knowledge or consent. These programs can capture and send sensitive information stored on your hard drive to any other person who has gained remote access to your computer.
A variety of anti-virus software packages are available on the market today. Many of these products install anti-virus updates to your computer automatically, as long as you have the update feature enabled. Installing an Anti-Virus software package is simple and will save your hours of frustration spent on trying to restore an infected computer system. |
|
|
| |
Any computer or device connected to the Internet that is not properly protected is vulnerable to a variety of malicious Internet intrusions and attacks. This applies to all cable modem, digital subscribe line (DSL) and dial-up users. However, cable modem and DSL users are particularly vulnerable because both connection methods provide "always-on" connection capability. The likelihood of a malicious individual entering your computer increases significantly the longer your computer is on and is connected to the Internet.
A personal firewall will help protect you from intrusion. Firewalls create a barrier between your computer and the rest of the Internet. A firewall can be a hardware device, a software application or a combination of the two. Firewalls can prevent malicious attacks and block certain types of data from entering your computer or private network. They can also be set up to alert you if anyone tries to access your system. |
| |
Top |
|
Keep your browser and operating system up-to-date with Software Updates
The software you use and the Internet itself can impact the security of your online activities. Therefore, you should watch for security bulletins that warn you about various security "holes" or "bugs" that may impact the software and Web browser you are using. It is very important to check the Web sites of your operating system and Web browser vendors for software "patches" and "updates". Some operating systems and software can be configured to automatically check for new updates.
To access current Microsoft Security Updates, please visit their Security Updates Web site. |
|
Activate a pop-up blocker
Several free, publicly available programs exist that will block all pop-up windows from occurring while you are online. You can download such programs from the Internet. |
|
Scan your computer for spyware regularly
Spyware and adware are programs that monitor your Internet activity and potentially relay information to a disreputable source. Free spyware removal programs are available on the Internet. |
|
Shut down your computer or disconnect it from the Internet, when not in use |
| |
Top |
| Do's & Don't's |
| Do's |
|
Change your Passwords Periodically
We recommend that you change your passwords regularly, at least every 30 days or so. To change your Passwords, login to ICICI Bank website and access the Change Password section . |
|
Keep your Passwords Confidential
We assure you that ICICI Bank officials will never ask you for your login passwords. |
|
Take Care to Log Off
Log Off from ICICI Bank website every time after you complete your online session. Do not close your browser. |
|
Add the website to your List of Favorite Sites
We recommend that you bookmark / add to your favorites the ICICI Bank website in order to access information and transact using your login details. |
| |
Top |
|
Look for the padlock symbol on the bottom bar of the browser to ensure that the site is running in secure mode before you enter sensitive information. |
|
Clear your browser's cache
Clear your browser's cache and history after each session so that your account information is removed, especially if you have used a shared computer to access ICICI Bank website. |
| |
To clear your browser cache:
Internet Explorer
1. Go to "Tools"
2. Go to "Internet Options"
3. Select "General"
4. Click on "Delete Files" at "Temporary Internet files"
Netscape
1. Go to "Netscape" or "Edit"
2. Go to "Preferences"
3. Select or double-click on "Advanced"
4. Select "Cache"
5. Click on "Clear Memory Cache" and "Clear Disk Cache"
|
|
Disable the "Auto Complete" function on your browser
If you are using Internet Explorer, turn off the 'Auto Complete' function on your browser to prevent your browser from remembering Passwords.
To Disable the "Auto Complete" function
1. Open Internet Explorer and click on "Tools">>"Internet Options">>"Content"
2. Under "Personal Information", click on "Auto Complete"
3. Uncheck "User names and passwords on forms" and click on "Clear Passwords".
4. Click "OK" |
|
Shred unnecessary financial documents immediately
iscard pin or password mailers immediately after memorizing them. Never write them down. |
| Top |
|
|
Do not leave personal information lying around in an unprotected place |
|
Avoid downloading programs from unknown sources
Some sources may have hidden forms of spyware or viruses that could compromise the security of your computer. |
|
Do not open attachments sent through mails, if you do not know the sender. |
|
Never open email attachments that have file extensions like .exe, .pif, or .vbs. Such files are usually dangerous. |
|
Do not keep computers online when not in use
Either shut the PC off or physically disconnect it from the internet connections. |
|
Do not use shared computers
We recommend that you avoid accessing ICICI Bank website from a public/ shared computer, for eg. cyber cafe etc. |
|
| Top |
Online Fraud |
|
Online fraud occurs when someone poses as a legitimate company (that may or may not be) in order to obtain sensitive personal data and illegally conducts transactions on your existing accounts. Often called "phishing" or "spoofing", the most current methods of online fraud are usually through fake emails, Web sites and pop-up windows, or any combination of such methods.
The main objective of the online fraud is to steal your 'identity'. This phenomenon is commonly known as " Identity theft". Identity theft occurs when someone illegally obtains your personal information - such as your password, bank account number, or other identification and uses it repeatedly to open new accounts or to initiate transactions in your name. |
|
Phishing Emails
Every user of the Internet should be aware about the common attempts of fraud through means like 'phishing' or 'spoofing'.
Phishing is an attempt by fraudsters to 'fish' for your banking details. Phishing attempts usually appear in the form of an email appearing to be from your bank. Within the email you are then usually encouraged to click a link to a fraudulent log on page designed to capture your details. Email addresses can be obtained from publicly available sources or through randomly generated lists. Therefore, if you receive a fake email that appears to be from ICICI Bank , this does not mean that your email address, name, or any other information has been taken from our systems.
Although they can be difficult to spot, 'phishing' emails generally ask you to click on a link which takes you back to a spoof web site that looks similar to your bank's website, wherein you are asked to provide, update or confirm sensitive personal information. To prompt you into action, such emails may signify a sense of urgency or threatening condition concerning your account.
The information most commonly sought through such means are:
Your PIN numbers/ Passwords
You Bank Account/Credit Card/Debit Card number
Other verification parameters like your date of birth, mother's maiden name etc
Some fake emails may also contain a virus known as a " Trojan horse" that can record your keystrokes or could trigger background installations of key logging software or viruses onto your computer. The virus may live in an attachment or be accessed via a link in the email.
Never respond to emails, open attachments, or click on links from suspicious or unknown senders. If you're not sure if an email sent by ICICI Bank Money2India is legitimate, report it to us without replying to the email. |
|
Top |
|
Counterfeit Web sites
Online thieves often direct you to fraudulent Web sites via email and pop-up windows and try to collect your personal information. One way to detect a phony Web site is to consider how you arrived there. Generally, you may have been directed by a link in a fake email requesting your account information. However, if you type, or cut and paste, the URL into a new Web browser window and it does not take you to a legitimate Web site, or you get an error message, it was probably just a cover for a fake Web site. |
| Top |
|
| Identify & Protect yourself from Fraud |
|
How to Identify a Fake email/ website?
ake emails/ websites are not always easy to identify, however the below given indicators can help you safeguard against such emails or websites, should you ever come across one of these: |
|
Ask you for sensitive information
Fake emails claim that your information has been compromised due to which your account has been de-activated/suspended, and hence ask you to confirm the authenticity of your information/ transactions.
Appear to be from a legitimate source
While some emails are easy to identify as fraudulent, others may appear to be from a legitimate source. However, you should not rely on the name or address in the 'From' field alone, as this can be easily duplicated.
Contain spelling mistakes
Very often, such 'phishing' mails may contain several spelling mistakes and even the links to the counterfeit websites may contain a url with spelling mistakes in order to take you to a website which looks like that of your bank but is not. Whenever you use a link to access a website, be sure to check for the url of the website and compare it with the original. It is recommended that you type the url yourself whenever you access www.icicibank.com or you may bookmark/store the same in your 'List of Favorites'
Contain prizes or other offers
Some fake emails promise a prize or gift certificate in exchange for completing a survey or answering a few questions. In order to collect the alleged prize, you may be asked to provide your personal information.
Contain fraudulent job offers
Some fake emails appear to be sent by companies to offer you a job. These are often work-at-home positions that are actually schemes that victimize both the job applicant and other customers. Be sure to confirm that the job offer is from a genuine and reputed company.
Link to counterfeit Web sites
Fake emails may direct you to counterfeit Web sites carefully designed to look real. Hence such websites may look very similar and familiar to you, but are actually used to collect personal information for illegal use.
Look like a genuine Web site
Spoof web sites can be more difficult to detect, because even the address bar and padlock symbol that appear in your browser window can be faked. To make sure you are on our site, type in www.icicibank.com, click on NRI Banking and , see if you get to the same place.
|
|
Protect yourself against Online fraud:
With a few simple steps, you can help protect your account and personal information from fake emails and web sites.
Delete suspicious emails without opening them. If you do open a suspicious email, do not open or respond to online solicitations for personal information.
Do not open any attachments or click on any links it may contain.
Never provide sensitive account or personal information in response to an email. If you have entered personal information, report it to us immediately. Maintain the secrecy of your Passwords, PIN Numbers etc.
|
| Top |
