Login To Internet Banking

Overview

Internet has revolutionized the way online users can avail services like internet banking from anywhere, anytime without physical presence. Mehsana Urban Co Operative Bank Ltd has been delivering electronic services to its customers and businesses remotely since last couple of years. Though increased world-wide acceptance of internet as a delivery channel for providing services and products creates new business opportunities, it also gives an opportunity for fraudsters to use internet as medium to commit frauds. It is important for online users to be aware of such frauds and protect themselves against them

The main objective of both offline as well as online fraud is to steal your 'identity'. This phenomenon is commonly known as "identity theft". Identity theft occurs when someone illegally obtains your personal information - such as your credit card number, bank account number, or other identification and uses it repeatedly to open new accounts or to initiate transactions in your name. Identity theft can happen even to those who do not shop, communicate, or transact online. A majority of identity thefts occur offline. Stealing wallets and purses, intercepting or rerouting your mail, and rummaging through your trash are some of the common tactics that thieves can use to obtain personal information. The more you are aware about identity theft the better prepared you will be.

Offline

Most offline fraud incidences happen as a result of theft of your mail, sensitive information related to your bank or credit card accounts, stolen atm/debit/credit cards, forged/ stolen cheques etc. You can protect yourself from such instances by exercising caution while receiving, storing and disposing your account statements as well as your cheques, atm/debit and credit cards

Online

Online fraud occurs when someone poses as a legitimate company (that may or may not be in order to obtain sensitive personal data and illegally conducts transactions on your existing accounts. Often called "phishing" or "spoofing", the most current methods of online fraud are usually through fake emails, Web sites and pop-up windows or any combination of such methods. Most common are Phishing and Money Mule.

Phishing is an act undertaken by fraudsters to gain your private and sensitive information whereby emails sent out appear to be sent by Mehsana Urban Co Operative Bank Ltd.

What is Phishing?

Phishing is an act undertaken by fraudsters to gain your private and sensitive information through emails that appear to be sent by your Bank. Such fake emails encourage you to click on a link in the email which leads you to a fake website with a similar look and feel as that of the Bank's authentic website. It is designed so, to capture your personal confidential account information such as Customer ID, IPIN, Credit/Debit Card number, Card expiry date, CVV number, etc. Customers' email addresses are obtained/purchased by the fraudster through non-trusted sites where the customer would have revealed his email ID by means of casual browsing or shared it on chat rooms, blogs or mailing lists, etc. Some fake emails may also contain a virus known as a "Trojan horse" that can record your keystrokes or could trigger background installations of key logging software or viruses onto your computer. The virus may live in an attachment or be accessed via a link in the email. Never respond to emails, open attachments, or click on links from suspicious or unknown senders. If you're not sure if a email sent by Mehsana Urban Co Operative Bank Ltd is legitimate, report it to us without replying to the email.

How do the fraudsters operate?

Fraudsters send spoofed emails, appearing to be sent by Mehsana Urban Co Operative Bank Ltd, to large number of recipients with an urgent tone that calls for quick action to verify, update or reveal your confidential account information by clicking onto a link in the e-mail.

Once the recipient clicks on the link in the e-mail, he is diverted to a fake website with a similar look and feel of the Bank's original website. The customer is presented a web form to divulge his confidential account information i.e. customer ID, IPIN, Credit / Debit Card numbers, Card expiry date and CVV number, etc.

Once the unaware customer reveals his confidential account information on the fake website he may be directed to the authentic website of the Bank to suppress any suspicion arising in the customer's mind. This is how the customer's identity is compromised.

This customer confidential account information or identity credentials are then used by the fraudster to gain access to the customer's account to commit fraudulent transactions.

How do you identify a fake / phishing email?

The fraudster may use Mehsana Urban Co Operative Bank Ltd's' email address, domain name, logo, etc to give an authentic look to the fake email.

Do not rely on the name and source in the "From" field of the email address as it may be easily manipulated by the fraudster to a valid email account of Mehsana Urban Co Operative Bank Ltd.

Such fake emails will always address you by a generic salutation or address you by "Dear Customer" or "Dear Net Banking Customer" or "Dear Mehsana Urban Co Operative Bank Ltd Customer". Mehsana Urban Co Operative Bank Ltd's authentic emails will always address you personally by your own name e.g. "Dear Mr. Ravi Patil"

Such fake emails are poorly drafted and may have spelling or grammatical mistakes.

Such fake emails always encourage you to click on to a link to verify or update your confidential account information.

The links embedded in such fake emails may sometimes look authentic but when you move the cursor/pointer over the link, there may be an underlying link/url to a fake website.

By phishing or other means of customer identity theft, the fraudster harvests customer NetBanking credentials i.e. customer ID and IPIN with a motive to transfer money from customer account to another account holder

What is Money Mule?

By phishing or other means of customer identity theft, the fraudster harvests customer NetBanking credentials i.e. customer ID and IPIN with a motive to transfer money from one customer account to another account holder of the same or different bank. The beneficiary account holder is referred as a "Money Mule". The beneficiary becomes accomplice unknowingly by social engineering techniques employed by the fraudster.

How do the fraudsters operate?

These fraudsters either maintain anonymity or use fictitious identity to commit these frauds. They generally operate from a country other than where the fraud is to be committed (e.g. if fraud is to be committed in India, they may operate from countries like Nigeria, Uganda, etc) to keep themselves away from local law enforcement agencies.

Social engineering techniques such as contacting the prospective money mules either by sending emails, in chat rooms, job search websites or through internet blogs are the common way how fraudsters launch their attack.

Fraudsters lure the prospective money mules to share their bank account details by telling them a fake story and convincing them to receive money in their accounts. Fraudsters also offer a part of their money or commission and persuade them to unknowingly act as money mules.

Fraudsters then transfer money from the bank customer account whose Internet Banking customer ID and IPIN / password has been harvested either by means of phishing or through other means of identity theft.

Money Mule is then directed by the fraudster to retain commission and transfer balance money either through wire transfer or to an account of another money mule by means of online transfer or cash deposit thereby forming a chain of fraud.

Such money transfers would ultimately lead to funds transfer into fraudster's account thereby maintaining anonymity.

When such frauds are reported the money mules become the target of law enforcement agencies as their bank accounts are used and their identity is established.

How do you protect yourself from becoming a money mule?

The fraudster may cook different stories, however his motive will be to convince you to share your bank account details, receive money and act as per his directions.

Do not respond to email from strangers asking you for your bank account details.

Do not get carried away by attractive offers or prizes.