Email fraud to get at your personal information


About Phishing

What do you do when you come across emails that seem suspicious? Phishing is a type of fraud that involves stealing personal information such as Customer ID, IPIN, Credit/Debit Card number, Card expiry date, CVV number, etc. through emails that appear to be from a legitimate source, say HDFC Bank.

Nowadays, phishers also use phone (voice phishing) and SMS (Smishing).

​​​​​​​Report Phishing site/email -

How Do Fraudsters Operate?

Step 1:Fraudsters pose as Bank officials and send fake emails to customers, asking them to urgently verify or update their account information by clicking on a link in the email.

Step 2:Clicking on the link diverts the customer to a fake website that looks like the official Bank website – with a web form to fill in his/her personal information.

Step 3:Information so acquired is then used to conduct fraudulent transactions on the customer’s account.

How To Identify Fake Phishing Website:


Verify the URL of the webpage. The ‘s’ at the end of ‘https://’ stands for ‘secure’ - meaning the page is secured with an encryption. Most fake web addresses start with ‘http://’. Beware of such websites!


Check the padlock symbol. This depicts the existence of a security certificate, also called the digital certificate for that website.


Establish the authenticity of the website by verifying its digital certificate. To do so, go to File > Properties > Certificates or double click on the Padlock symbol at the upper right or bottom corner of your browser window.

How to protect yourself from Phishing?


Always check the web address carefully. Below are our NetBanking Addresses:
Old NetBanking - 
​​​​​​​New Netbanking -

For logging in, always type the website address in your web browser address bar.

Always check for the Padlock icon at the upper or bottom right corner of the webpage to be ‘On’.

Install the latest anti-virus/anti spyware/firewall/security patches on your computer or mobile phones.

Always use non-admin user ID for routine work on your computer.


DO NOT click on any suspicious link in your email.

DO NOT provide any confidential information via email, even if the request seems to be from authorities like Income Tax Department, Visa or MasterCard etc.

DO NOT open unexpected email attachments or instant message download links.

DO NOT access NetBanking or make payments using your Credit/Debit Card from computers in public places like cyber cafés or even from unprotected mobile phones.