Security

Secure your computer 

  • Always use a trusted computer and avoid using a shared or public computer for banking. 
  • Ensure your computer is equipped with antivirus and firewall to prevent any malware infection. 
  • Update your computer regularly , especially the antivirus software, web browser and operating system 

Do not miss important banking signposts designed to provide you information to detect a fraud

  • Type in the bank's website address to browse the banks web page.
  • Do not use your banking password for anything else, such as your email account.
  • Pay attention to last logged in date and time
  • Periodically review your beneficiaries to ensure only beneficiaries added by you are present at your account

Be careful while travelling 

  • Consider enabling roaming when out of country so that you do not miss important notifications from Finopayment Bank
  • Do not use unsecure Wi-Fi access points such as the ones present at airports

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

  • Look for a secure connection. This is usually identified by a green area in the address bar, along with https in the URL.
  • Look at the domain of the URL. If you don’t know what the domain of a URL is, here is an example: The domain of RAKBANK is rakbank.ae, while the domain of RAKBANKOnline is rakbankonline.ae, and so on. Look to see that the domain is as it should be, and not something bizarre with spelling errors.
  • Look at the site itself. If it doesn’t look exactly like the site you’re always used to, it may be a scam site. You can double check by opening a new tab and visiting the main page of the site you think you’re on (if possible). If they’re quite different, then you’re more than likely dealing with a phishing site.

Vishing is the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. The scammer usually pretends to be a legitimate business, and fools the victim into thinking he or she will profit.

  • As a rule of thumb, don’t give out any information over the phone if you’re unsure of who’s calling. If you have any doubts at all, hang up. Credit cards, bills and bank statements should all feature customer service numbers that you can use to see if the call you just received was legitimate.

SMShing is the mobile phone version of phishing. An example of SMShing fraud would be a text message that appears to be sent from a legitimate source, such as a bank or credit card company, that urgently requests the recipient to call a phone number or follow a link in the message. The phone number or website will then ask for sensitive account or personal information.

  • Never take action on a request for your personal or financial information, including account numbers, passwords, Social Security number or birth date. If you receive a text message expressing an urgent need for you to update your information, activate an account, or verify your identity by calling a phone number or submitting information, on a website, do not respond and delete it. These messages may be part of a phishing scam conducted by fraudsters in an attempt to capture your confidential account information and may be used to commit fraud.

Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs.

Ransomware is a security threat that has data-kidnapping capabilities. Ransomware is a malicious software that denies you access to your computer or files until you pay a ransom.

  • Ensure anti-virus software is updated on both your office PC and home PC
  • Bookmark websites to ensure you do not accidentally mistype an incorrect address, do not trust links sent over SMS, instant messaging and email from unknown sources.
  • Be wary of free screensavers, games, browser add-ons, peer-to-peer (P2P) clients, and any downloads claiming to be cracked or free versions of expensive applications, such as Adobe, PhotoShop or Microsoft Office.

E-mail Spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately.

  • Always look for the content of the email. Spoofed emails are tend to look like sent from legitimate source. However you will be able to determine if it’s a spoofed email if the email seems to asking you for confidential information like user name, password, bank account number etc. details.
  • Or even at times the email may even look like from legitimate source and has some kind of an attachment or link to a website which can further ask you to furnish confidential information.
  • If in doubt please contact our contact center and have it confirmed with a call center agent.

Shoulder surfing, in computer security refers to using direct observation techniques, such as looking over someone's shoulder, to get information. It is commonly used to obtain passwords, PINs, security codes, and similar data.

  • When working on a laptop, ensure that your back is to a wall with no open sides close to you or to enter your passwords in a secluded location
  • When keying in PIN at ATM make sure no one in standing right behind you.

RBI has cautioned the members of public not to fall prey to fictitious offers / lottery winnings / remittance of cheap funds in foreign currency from abroad circulated by certain foreign entities / individuals, including Indian residents acting as representatives of such entities / individuals.  These entities make offers through letters or e-mails of huge amounts of money in foreign currency on the pretext of helping the recipients in their business or ventures in India.
 
The fraudsters seek victims’ bank details under different heads such as deposits, processing fees/ transaction fees/tax clearance charges/ conversion chares, clearing fees etc. These offers are generally made through letters, e-mails, mobile phones, SMSs, etc.
 
Remittance in any form towards participation in lottery schemes is prohibited under Foreign Exchange Management Act, 1999. These restrictions are also applicable to remittances for participation in lottery-like schemes operating under different names, such as money circulation scheme or remittances for the purpose of securing prize money or awards.
 
It is advised that all customers of the bank exercise due caution and be extra vigilant in their dealings.

Handset/ Mobile Browser Settings

Install anti-virus software on your mobile handset to protect against viruses. If already installed, then ensure its updations on a timely manner.

Download and run security updates and patches on your mobile browser. This helps in protection from known possible security problems.

Install a firewall on your mobile handset or enable the same if your handset comes with a firewall.

Remove all the temporary internet files after using mobile banking services.

Delete the browsing history of your mobile browser on a regular basis.

Emails/ Data/ Links/SMS from Unknown Sources

Do not open attachments or links from unknown sources. This helps in protection from viruses or other unwanted problems.

Type in the URL for mobile banking in the mobile browser, instead of clicking on any link. This will ensure access of the authentic website of the bank.

Ensure that Mobile banking app is downloaded from relevant App Store. (Eg: PlayStore for Android OS)

Update to latest version of Mobile banking app when ever it is available in relevant App store

Act with caution while installing any third party software on your mobile handset to avoid spyware. Do not install pirated software or software from unknown sources.

Delete spam messages.

Be aware of the potential for fraudulent SMS messages. The Bank will never request or invite customers to logon to its mobile banking service via a SMS message.

Check that the security padlock on your internet browser is “locked” to ensure the connection is secure and protected by SSL. You should also check that the URL starts from ‘https’ and not ‘http’.

The bank shall not be liable for any loss/damages due to any attempt from Mobile App run on the "Jailbroken" or "Rooted" Mobile devices.

  • Facebook - Fino Payments Bank
  • Linkedin - Fino Payments Bank
  • Twitter - Fino Payments Bank
  • Youtube - Fino Payments Bank