IDBI Bank has been in the forefront in leveraging Information Technology (IT) to extend better service / products to the customers and other stakeholders, it recognizes the need for effective IT risk management. Apart from Information Security aspects, IDBI Bank's IT risk mitigation strategy includes aspects of compliance & privacy also. IDBI Bank has put in place an Information Security Policy (ISP) to ensure that information is protected from unauthorized access and confidentiality & integrity of the information are maintained along with timely availability of IT resources to legitimate users. A high-level Information Security Steering Committee (ISSC) of IDBI Bank ensures that provisions are in place for continued protection of IT resources of IDBI Bank. Apart from conducting regular information security awareness programs for the employees, IDBI Bank also communicates with the customers on various Information Security precautions through E-Mail / Mail / SMS.
IDBI Bank’s IT infrastructure and systems have been implemented within a robust information security framework. The centralized Data Center of IDBI Bank has been accredited with ISO 27001. ‘Defense in depth’ is achieved by multi-level information security implementations such as Firewalls, Gateway filters, De-militarized zone (DMZ), etc. Access to the information of IDBI Bank is on ‘need to know’ basis and internal controls & processes are in place to achieve the same. A dedicated team monitors the information security infrastructure of IDBI Bank on a 24X7 basis.
The phishing email may also direct you to a spoofed website or pop-up window, which looks exactly like the real site. Phishing is an increasingly common type of scam in which personal data such as credit card numbers and online banking passwords are stolen for fraudulent use.
The fraudster sends "spoofed" emails that appear to come from a legitimate website that you have online dealings with such as a bank, credit card company or an ISP - any site which requires users to have a personal identity or account. The email may ask you to reply with your account details in order to "update security" or for some other reason.
site’s login page, but has been set up for the sole purpose of stealing personal information. Unsuspecting people are then often fooled into handing over credit card numbers, passwords or other personal details.
If you are using Internet banking or any other online account, you should be aware of these attacks and how to protect against them.
At IDBI, we would never ask for your personal details through an email. Nor would we ask for your password through any means, online or offline. If any of our bank personnel asks you for your password, do not disclose it and report him or her immediately to us.
Changing passwords often helps in protecting your account even if inadvertently you may have disclosed it to someone.
PCs at cyber cafes may be infested with viruses and Trojans that can capture and transmit your personal data to fraudsters. The easiest way to grab information is key logging softwares. Beware of typing passwords on unknown PCs.
Some phishing emails or other spam may contain software that can record information on your internet activities (spyware) or open a 'backdoor' to allow hackers access to your computer (Trojans). Installing anti-virus software and keeping it up to date will help detect and disable malicious software, while using anti-spam software will stop phishing emails from reaching you. It is also important, particularly for users with a broadband connection, to install a firewall. This will help keep the information on your computer secure while blocking communication from unwanted sources. Make sure you keep up to date and download the latest security patches for your browser. If you don't have any patches installed, visit your browser's website, for example users of Internet Explorer should go to the Microsoft website.
Before submitting your bank details or other sensitive information there are a couple of checks you can do to help ensure the site uses encryption to protect your personal data: If the address bar is visible, the URL should start with ‘https://’ (‘s’ for secured) rather that the usual ‘http://’.
If the address bar is not visible as in our Internet Banking website, look for a lock icon on the browser's status bar. You can check the level of encryption, expressed in bits, by hovering over the icon with your cursor.
Note that the fact that the website is using encryption doesn't necessarily mean that the website is legitimate. It only tells you that data is being sent in encrypted form.
If you are in any doubt, click on the lock icon at the bottom of the secured page. This opens up a new window, displaying the SSL certificate information. Ensure that there is no red cross mark preceding the title ‘Certificate Information’. It should also be ‘Issues to: www.idbibank.co.in. You can get more information by clicking on the other tabs in the certificate window. Following the above steps would help you in protect yourself. However, please remember, fraudsters are always trying to stay a step ahead. To ensure that you remain protected at all times.
Never let anyone know your PINS or passwords, do not write them down.
Do not use the same password for all your online accounts.
Avoid opening or replying to spam emails as this will give the sender confirmation they have reached a live address.
Above all, use common sense when reading emails. If something seems implausible or too good to be true, then it probably is.
Please remember to always use the facility of the Virtual KeyPad, provided on the login page while logging on to your account from an unknown PC or from a cyber café.
- Never let anyone know your PINs or passwords, do not write them down.
- Do not use the same password for all your online accounts.
- Avoid opening or replying to spam emails, even if purportedly sent by the Bank.
- In case of suspicion, report the matter immediately to us on our toll free 24 hour customer care numbers or email us at firstname.lastname@example.org.
- Look for the padlock symbol on the bottom bar of the browser to ensure that the site is running in secure mode.
- Disable the "Auto Complete" function on your browser to prevent your browser from remembering Passwords.
- Always logout to terminate your session, instead of closing the browser directly.
- Always type the address of the bank website in the address bar of your browser or access it from your stored list of favourites.
- Do not access the bank website through a link in an email or through another website.
- Using special characters like # $ @ etc. in your password is highly recommended.
If you receive an e-mail claiming to be from IDBI Bank Ltd. regarding updating sensitive account information or asking for verifying your identity or login to your account for instant activation etc. by clicking on a link provided within the email, DO NOT act on the mail and delete such mails from your mailbox. Please also let us know by forwarding the e-mail to email@example.com or call on our toll free Phone Banking numbers.