Dos and Donts for Debit/Credit Card holders:

DOs
1. Please sign on the signature panel available on the reverse of the card immediately on receipt of the card. 2. Treat your Card just like cash/cheque book/Jewel and protect against loss/misuse. 3. Use your new card in an ATM first so that PIN number can be validated, before using the card in shops/Internet. 4. Learn to use the card yourself in ATM/Online without depending on others. 5. Ensure that the contact details available with your Bank are always current and accurate. Please inform and get changes updated immediately. 6. Keep a list of your card numbers and help desk numbers in a secure place and update this list at frequent intervals, which will be very useful when you need to contact help desk to report the loss of your card. 7. Loss of cards should be reported to the bank at the earliest through Phone/E-Mail/Internet/in person. 8. Memorise the Pin number and destroy the pin mailer sent to you. 9. Change your PIN number and other passwords at frequent intervals and whenever you suspect unauthorized persons copying the same. 10. Ensure complete privacy while entering the Pin number in ATM, by shielding the PIN keypad with your hand or body to ensure against copying by others. 11. Please take back the card from the ATM. 12. Be alert while using the ATM and if you find signs of external fittings or loose wiring on the ATM/Card reader, please avoid using the ATM and report to the nearest branch of the Bank immediately. 13. Use the card for purchase in reliable Merchant Establishments only. 14. Ensure that card is swiped only once and that too in your presence in a swiping machine. If swiped for more than once, make enquiry and find out the reason.

15. Sign the charge slip only after verifying the correctness of the amount printed in the slip. 16. Remember to take back the card from the Merchant. 17. For online transactions, ensure that the site you select is secured (site with https is preferred against http site). 18. Update your PC/Laptop used for online payment, with latest patches of Operating system and latest version of antivirus softwares. 19. While making online transactions, apart from CVV number, 3rd factor secure VbV password is also required. Ensure that cvv and vbv passwords are kept confidential. 20. Destroy expired cards by cutting the same into pieces. -------------

DONTs
1. Do not lend your card to anyone. 2. Do not disclose your card number unnecessarily to anyone over phone or e-mail. 3. Do NOT give photocopies of both sides of the card to anyone lest the CVV printed on the reverse of the card is copied unauthorisedly. If any service provider/establishment insists on photocopy of both sides of the card, ensure that the CVV number is completely scratched out/covered before taking photocopy. Remember the cvv before scratching it out. 4. Do Not write your pin number on the card. 5. Do Not share your PIN number and other Passwords with anyone including Bank Officials. 6. Do not use pin number that can be easily guessed like 1111, 2222, 1234, your date of birth, Telephone number, etc. 7. Do Not enter wrong pin repeatedly in the ATM lest the pin will get blocked. 8. Do not allow the card to be taken out of your view for swiping in Merchant Establishments. 9. Do not use your card for online transactions in publicly used computer eg. Cybercaf. -----------------

Guidelines to Customers/Public to guard themselves against PHISHING: Phishing is a criminally fraudulent process of attempting to acquire sensitive information such as usernames/passwords/card details etc. by masquerading as a trustworthy entity in an electronic communication. In such incidents, fraudsters send messages through e-mail or web pages that appear to have been emanated from reputed firms/sites. The intention of the fraudsters is to gather sensitive personal information without raising suspicion and defraud the customers. Many reputed organizations/Banks/E-commerce sites, Auction Sites, Social Networking Sites like eBay, Paypal, Face book etc. were affected due to Phishing. We caution our Customers/Public to avoid falling prey to such attack by observing the following precautions: 1. Banks or any other genuine organization will NEVER on their own ask for confidential/sensitive information like PIN, Password etc. from customers, through e-mail or telephones etc. 2. If Bank is sending a genuine mail to its customers, generally they will address with the customers name or other personal details already available with the bank. 3. In all e-transactions, customers initiate the action where minimum sensitive details are asked for identification and authentication purpose to permit the transaction. Further, in such cases, the communication takes place through secured channel between the website and browser of the user. How to counter the Phishing Attack: 1. Customers should be suspicious of any mail requesting URGENT information on personal/financial sensitive information. It is reiterated that Banks will never ask for sensitive personal information (PIN, Password etc). Hence customers should avoid responding to such requests received. 2. Customers should make it a habit to enter the Unique Resource Link (URL) address of Banking/Shopping/Auction/Financial/Social network websites directly in the web browser and not depend on displayed links. 3. Even if no suspicion is raised and the mail appears genuine, the link in an e-mail should never be clicked. Instead, the correct web address (URL) should be physically typed in the browsers address bar. This precaution should be observed since the URL shown in the mail may be genuine, however, on clicking the link, the fraudster may take the user request to another URL

4. Once it is suspected that phishing mail is received, staff members/customers/public should forward the mail to the Bank or CERT-in (www.cert-in.org.in) a Central Government Organisation handling Computer related incidents in india. (incident@certin.org.in).While forwarding the phishing messages, the entire original email with its original header information should be sent intact. 5. Forwarding the phishing mail, instead of ignoring/deleting, will help the Bank to warn and protect other customers. 6. Customers should regularly log into his/her online accounts and check the profile, transactions, balance, credit card statements to ensure that all operations are legitimate and bring to the Bank knowledge of the Bank regarding any suspicious transactions. 7. Similarly, sensitive personal information solicited over phone or though SMS should also be handled cautiously as above. 8. It is better to avoid publicly used computers (eg. Cyber caf) for accessing online banking transactions. 9. Similarly, the PC/Laptop used for online banking should be updated with the latest patches of the Operating Systems and latest antivirus versions. 10. All Customers are advised to register for SMS alert facility, if not already registered, to keep immediate track of the transactions put forth in their accounts.