Banks: Don't give account details via phone or e-mail
16th October 2006 (The Star)

PETALING JAYA: Bank customers, do not reveal your PIN (personal identification number), password or computer log on details to anyone seeking to get them by phone or e-mail.

And those who receive calls or e-mail on the pretext of urging them to update their details should advise their banks immediately.

This is one of the security tips outlined by the Association of Banks in Malaysia to ensure that customers' PIN or password are not compromised when using Internet banking in view of the recent "phishing" scam.

Its executive director Wong Suan Lye said in a statement that banks that offer Internet banking services would not request customers to reveal or verify their PIN or password for whatever reasons via e-mail, a hyperlink through the e-mail or by phone.

"Without PIN or password, the fraudster would not be able to access the customers' Internet banking accounts. If in doubt, contact your bank for verification," she said.

Wong was responding to a report on a group of 13 computer-savvy youths arrested recently for phishing.

Other tips include:

BEFORE doing online transactions, customers must ensure that they are using a legitimate website;

THEY should not put any sensitive information that might help provide access to their account, even if the website appears legitimate;

ALWAYS enter the URL of the website directly into the web browser to ensure that it begins with "http". They should also look for a closed padlock symbol on the status bar of their browser. Verification of the website Digital Certificate is also recommended; and

THEY should also always remember to log off when they have completed their transactions.