Basic ways to determine it is fake/phishing email
- The fraudster may use well known bank's email address, domain name, logo, etc to give an authentic look to the fake email
- Do not rely on the name and source in the "From " field of the email address as it may be easily manipulated by the fraudster to a valid email account of bank.
- Such fake emails will always address you by a generic salutation or address you by "Dear Customer" or "Dear Net Banking Customer" or "Dear <XXX> Bank Customer". Bank's authentic emails will always address you personally by your name e.g. "Dear Mr. Sagar Kumbhar"
- Very often, such fake emails are poorly drafted and may have spelling or grammatical mistakes.
- Such fake emails will always encourage you to click on to a link to verify or update your confidential account information.
- The links embedded in such fake emails may sometimes look authentic but when you move the cursor/pointer over the link, there may be an underlying link/url to a fake website.
- Unsolicited emails, calls from strangers or websites asking for confidential banking details
- Messages asking for urgent action due to security reasons
How do you identify a counterfeit / fake website?
- Verify the URL of the webpage (web page address):
- Most of the counterfeit / fake webpage addresses start with "http://" unlike HDFC Bank's transaction related webpages that warrants customer confidential account information (e.g. internet banking, payment gateway sites for online shopping) would start with "https://" and not http://.
- Verify the end letter "s" that ensures the security of communication by means of encryption between webpage and the visitor accessing it.
Please visit my below posts to get more information about online scams and steps to avoid-
What is phishing?
