[ZA Bank] Things you need to know to protect yourself from a phishing scam

[ZA Bank] Things you need to know to protect yourself from a phishing scam

The internet creates convenience, but sometimes it can be dangerous, especially when we don't know how to identify phishing scam.

Fraudsters usually will use electronic messages which are made to look like they originate from a trusted entity, such as a bank or big-name company to defraud your personal asset and information.

You think you won't be fooled

Most users can be alerted of phishing attempts by observing inconsistent layout, poor spelling and grammar. Having said that, criminal will try different tactics to convince you to action, e.g. to click on a link; he may clone an email from a legitimate entity and replace the link with a malicious one. You believe you are logging on an authorised mobile app or website, but this is where your sensitive information such as account number and password are disclosed.

3 tips recognise a phishing message

- Call for urgent action: It is common to trick users by using a false sense of urgency or importance. The criminal may claim that you must act immediately; otherwise, your bank account will be suspended, or a reward will be expired.

- Suspicious email address: Do not trust the name of the email sender. Take ZA Bank as an example, check the "from" address, and you may find the email address closely resembles the one of ZA Bank, but some characters are changed or omitted.

- Request for sensitive information: It is a warning sign if the message is asking for your personal or confidential information.

Here is an example of a phishing scam, can you spot the signs?

Source: https://www.cisecurity.org/blog/a-short-guide-for-spotting-phishing-attempts/

If you are using ZA Bank's service, remember that:

- ZA Bank will never ask for any sensitive information (such as PIN, password) via email or other electronic messages.

- ZA Bank will never send messages to customers with embedded hyperlinks to a) transactional websites, b) website that requires an input of personal data, or c) a location/internet app store from which the mobile banking app can be downloaded.

- ZA Bank will never ask you to transfer money to another account or to conduct a transaction.

If you think you have fallen victim to the phishing, please call the ZA Bank service hotline at (852) 3665 3665 immediately or report to the Police.

Kenneth Chan

  • Kenneth Chan

    Kenneth Chan

    Senior Manager of Tech Risk & Cyber Resilience from ZA Bank. -with extensive experience in IT and cyber security advisory and compliance and is passionate about ISO standards.

    More posts by Kenneth Chan.

    Kenneth Chan