Protecting Passwords : Measures to Enhance Your Security

Your password serves as the key to accessing your digital identity. If the scammers are able to know your PIN, password or OTP, then they can also access your digital identity. This will allow the scammers to cause financial fraud and conduct illegal activities in your name by stealing your digital identity.
By using safe passwords and by protecting passwords effectively, you can significantly reduce the possibility of being scammed. This article will explain why you should ‘share your feelings, not your Password, PIN or OTP’.
To learn more about such scams and their prevention, you can use HDFC Bank Vigil Aunty to learn about the latest scam techniques, how to avoid them and what to do if you ever get scammed!

Protecting your financial fortress

The following points will help you in safeguarding your passwords -

• Strong passwords - You must use a strong password to keep your password safe from scammers. A good password should ideally have a combination of uppercase and lowercase letters with numbers and special characters.
  To have safe passwords, avoid using guessable information like your birthdate or obvious word choices like using the word ‘password’ as your password. Having safe passwords will make it difficult for scammers to get unauthorised access to your account and conduct a scam.
• Two-factor authentication - Adding an additional layer of security to your account only helps you safeguard your interests. By using two-factor authentication or 2FA, you will also need to have a one-time key to access your account over and above your set password.
  A 2FA will ensure that even if the scammers can get your password, they will still need access to your registered mobile number or email ID to get the one-time key or OTP. Without successfully entering the key or OTP, no one can ever log into your account!
• No sharing - It is vital that you understand that under no circumstances whatsoever you should never share your PIN, password or OTP with anyone. Remember that no bank or their representatives can ever ask you to share your PIN, password or OTP.

If someone asks you for such information, report the matter immediately to the bank and relevant authorities.
Also, make it a practice not to write down your PIN or password on any piece of paper. Someone who can get access to that paper will then also be able to have unauthorised access to your accounts.

How do you ensure enhanced security?

Scammers are also evolving with the constant upgrades in technology. Hence, it is essential that you also make use of the technology to protect your interests. The following are some ways that can help -

• Biometrics - Nowadays, the majority of mobile phones offer biometric authentication. Enabling biometrics for your banking application can make your accounts more secure.
  Biometrics provides an additional layer of security as now, for authenticating your identity, you will also need your unique features like fingerprints, facial recognition or IRIS scanner.
• Regular updates - Application developers and mobile phone manufacturers are also constantly working on enhancing security. You will keep receiving updates from time to time, and it is essential that you install those updates promptly. Often, these updates will fix existing loopholes in security, which scammers can potentially exploit.
• Firewall - If you are using reliable firewall and anti-virus software on your mobile phone, laptop and computer. Then, you can potentially filter the incoming network traffic from the scammers that might contain malicious elements to infect your device.
• Periodic review - You should regularly audit your banking statements. This will help you identify any unauthorised transactions happening via your account.

If you can spot any transaction you didn't make, please report it to the bank and the authorities immediately.

Growing cyber threats

Cybercrime is on the rise; scammers now deploy different tactics to dupe you and ultimately conduct their fraudulent activities. The following are some common cyber threats - 

• Phishing - Scammers often illegally impersonate a reputed individual or organisation in order to earn your trust. You might receive a call or an email claiming it is from your bank seeking to validate your account details.
  Always try to first verify the identity of the requestor before sharing any information. For example - If you receive such a call, then ask the person to send an email from their official email address provided by the bank with their employee code.
• Social engineering - Scammers can also make use of information posted by you on social media platforms to earn your trust. For example - if you post any detailed negative review online, then the scammer can use that information to contact you, posing as an official representative who is trying to help. 
  Always be cautious of such tactics and seek to validate the authenticity of such a communication.
• Data breach - If you have stored your personal or banking information with any organisation that has suffered a data breach. Then you are at risk, too!
  Immediately change your safe passwords and protection PIN to ensure the security of your accounts.

Join Vigil Army, where Vigil Aunty will decode various frauds and give people a heads-up on the dos and don’ts of combating frauds online. To join the Vigil Army, send ‘Hi’ to her via WhatsApp number 7290030000.

Disclaimer: The appearance of Vigil Aunty's bindi has been refreshed with a change in color from red to blue for a distinctive look.