1. Keep your account and card number private
When you are out in public and using your card, do not let anyone touch or take your card out of your sight. Only provide your account or card number over the phone if you initiated the contact and are speaking with verified Bank personnel. Be wary of messages that urge you to provide personal information or click a questionable link through email, text, phone, or social media. Consider paperless statements and online payments to keep sensitive information out of the mail system or lying around where they can be seen and copied. It is also a good idea to shred documents containing sensitive personal information before throwing them away.
2. Always update your information
If you relocate or change your email and phone number, notify the Bank. Your statements and other information will be sent to your new details and will not end up in the wrong hands. Sign up for alerts on all your cards and double-check that you have supplied your most up-to-date phone number and email address so that we can reach you swiftly in the case of fraud or suspicious behaviour.
3. Secure your devices and networks
You may be susceptible if you enable your browser to save your card details. To avoid this, consider disabling the autofill function in each browser you use. If you use an app for your cards, make your smartphone difficult to access by requiring a password and, if feasible, a fingerprint.
4. Protect yourself online
If you use your card for online payments and purchases, there are four steps you can take to protect yourself:
- Know your merchant. When shopping online, look for sites with "HTTPS" in their web addresses. The "s" stands for "secured" and the lock icon shows that the site is secure. Ensure the URL includes the correct company name, rather than a close-but-incorrect version; and, even on a secure site, share your information only if you know how it will be used.
- Never keep your credit card information on an internet buying site.
- Be wary of public Wi-Fi. Do not use public Wi-Fi to shop or do financial activities, such as checking your accounts. Because it is a public network, anybody may readily access your information.
Reviewing recent account activity is critical to card safety—and it is simple to accomplish. You may do it using your bank's app, Online Banking, or by requesting through Virtual Banking. Set up email or SMS alerts to notify you of all transactions.
6. Report lost cards and suspicious activity immediately
Contact your bank immediately if you lose your card or suspect fraudulent activity. You can also disable your card through the App Card Management Centre, and then apply for a new card.
UNDERSTANDING SOCIAL ENGINEERING
Understanding social engineering helps us protect payment card information and important personal data. Social engineering, in the context of information security, is psychologically manipulating people into divulging confidential information (like payment card information and other valuable data). Don't fall for it; it tricks users into making security mistakes or giving away sensitive information. A common method is for a computer hacker to pretend to be from the IT department or perhaps a well-known computer company, software provider, or bank.
COMMON SOCIAL ENGINEERING ATTACKS
- Baiting attacks use a false promise to pique a victim’s greed or curiosity. They lure users into a trap that steals their personal information or infects their systems with malware.
- Scareware bombards victims with false alarms and fictitious threats. Users are led to believe their system is infected with malware, prompting them to install software that has no real benefit. Even worse, they may be prompted to upload a virus or trojan horse software.
- Pretexting is when an attacker obtains information through a series of cleverly crafted lies. They often establish trust with their victims by impersonating co-workers, police, bank employees, and tax officials.
- Phishing scams are email and text message campaigns aimed at creating a sense of urgency, curiosity, or fear in victims. It then prods them into revealing sensitive information, clicking on links to malicious websites, or opening attachments that contain malicious software (malware).
- Spear Phishing is a targeted version of a phishing scam whereby an attacker chooses specific individuals or entities. They then tailor their messages based on characteristics, job positions, and contacts belonging to their victims to make their attack less conspicuous and more believable.