• Pay attention to the alerts sent by the bank, such as transaction alerts, address / mobile number changes, etc. and inform the Bank in case of discrepancies.
  • Inform the bank immediately in case of changes to the address or mobile number provided to the Bank.
  • Memorise your Personal Identification Number (PIN), change it regularly, and destroy any physical documents with the PIN number
  • Verify that the Credit/Debit Card returned to you after a transaction at a merchant outlet, is yours
  • Insist on swiping your Credit/Debit Card in your presence, at a merchant outlet
  • Check the transaction notification message after the transaction, to verify the amount
  • Ensure that the Credit/Debit Card PIN is not visible to others while entering it at POS machines and ATMs
  • Contact the Bank immediately on losing your Credit/Debit Card or if you have mistakenly shared your details with anyone
  • Keep the Bank’s Customer Care number handy, so that you can call immediately in cases like needing assistance/emergency/loss of card/disputed transactions
  • Beware of spurious messages/calls/ emails and never respond to any such communication with your details
  • Do not hand over your Credit/Debit Card to anyone, even if they claim to be a representative from IndusInd Bank.
  • Do not disclose your PIN / OTP / CVV / VBV / MASTER SECURE PASSWORDS to anyone. The Bank or any other government institution will not ask for this information
  • Do not access your Card/ Account using unsecure Wi-Fi networks or shop online on such networks, in public places
  • Do not seek help from strangers at an ATM, even if they offer to help voluntarily



  • Use the Virtual Keypad to enter your Login Password and Debit Card PIN
  • Change your Login Password and Transaction Password on your first login
  • Change your Password frequently or at least once a month, using the Change Password option
  • Destroy the Password after memorizing it, do not write it down or store it anywhere
  • Don't disclose your Password to anyone; it is personal and confidential
  • Choose Passwords that are difficult for others to guess. Do not select an easy-to-guess Password, like date of birth, telephone number or sequential numbers such as 111111, 12356, etc.
  • Use both letters and numbers and a combination of lower case and capital letters in your Passwords
  • Always log out of our Net Banking platforms - IndusNet, IndusDirect, Connect Online, Indus Speed Remit and Indus Collect after using the service or when you are going to be away from your PC. For security reasons, your login sessions will be terminated if your browser is left idle for a while
  • Always remember to close the browser application after logging out
  • Avoid accessing Net Banking through computers installed in public/open areas
  • If you are not familiar with making online transactions, you may refrain from doing so. Or seek the Bank's guidance in this regard
  • We shall not be responsible for wrong transactions or disclosure of details by you. Viewing and transacting options online are different. Please exercise your option diligently
  • Kindly have necessary security related tools (eg. Anti-Virus/Firewall) in place on your business servers, devices and associated infrastructure
  • Payment processing using APIs provided by us should be done through secured and authorized devices, personnel, servers and associated infrastructure




  • Download IndusInd Bank’s Mobile Banking App (including IndusDirect Corporate Mobile Banking App) from Google Play Store/ Apple App Store only
  • Before downloading, confirm that the app has been developed by IndusInd Bank Ltd.
  • Avoid installing apps that ask for more permissions than necessary
  • Install and use a reputed AntiVirus as well as a Mobile Protection App on your mobile
  • Do not root or jail-break the device. It discards all the security controls on your device
  • Use a screen inactivity lock in conjunction with a pass code / pattern / fingerprint / face recognition unlock
  • Do not store passwords or any other sensitive information on your mobile
  • Avoid clicking on the links received via social media, without verifying the source




  • Please beware of suspicious emails that invite you into revealing sensitive information, such as Login ID, Passwords, and other confidential account information
  • Such emails may also lead you to a fake website that looks very similar to the Bank's genuine website, or could request you to update your banking information
  • The Bank does not issue such emails and you are advised to ignore them, and not respond to any requests for personal information
  • Please report such suspicious emails immediately to
  • Watch out for scam emails. They may invite you into downloading a virus or clicking through to a fraudulent website in order to elicit confidential information
  • Make sure that the websites you transact on, have privacy and security statements and review them carefully
  • Verify that the website address (URL) is, or type the URL yourself
  • Do not log into IndusNet, IndusDirect, Connect Online, Indus Speed Remit and IndusCollect through hyperlinks embedded in the emails or on third party websites
  • Do not reply to any email that requests your personal information. Do not disclose your Passwords
  • Do not open an email with an attachment, in case you suspect the sender
  • Look for the padlock symbol at the bottom right of a web page to ensure that the site is running in secure mode before you enter sensitive information
  • Do not keep computers online when not in use. Either shut them off or physically disconnect them from your internet connection
  • Immediately report any irregularities
  • Keep your Personal Computer updated by downloading security patches and also update your anti-virus & firewall software on a regular basis
  • Do crosscheck your last login information regularly to monitor your sessions
phone calls / SMS
  • Fraudsters may ask for your details through a phone call or a text message
  • You may also be requested to call a particular number, and to reveal or key in confidential details on an interactive voice response system, under the pretext of verifying your Credit Card information.
  • Do not respond to messages asking you for confidential information
  • Do not call any given or unknown numbers, it may be a phishing
  • Contact the Bank immediately in case you receive such messages or phone calls that look suspicious and fishy

The first step to avoiding domain fraud is to understand the scam. Domain fraud is the process of creating and using unethical domain names of reputed brands to redirect users or businesses to make financial transactions. Cybercriminals impersonate trusted brand names to launch some of the following attacks:

  • Wire transfer fraud
  • Phishing
  • Counterfeit good sales
  • Session stealing



  • PIN (Personal Identification Number)
  • OTP (One-time Password)
  • CVV (Card Verification Value)
  • Card Expiry Date
  • Your Net Banking/Mobile Banking Login ID,Transaction Password, OTP or MPIN (for Mobile Banking)

Make Digital Payments

Safe and Seamless

  • Be alert to fraudulent calls (Vishing) that ask you to download third-party apps or share confidential information (disconnect such calls immediately)
  • In case you have already downloaded any remote access app and it is no longer required, uninstall it immediately
  • Enable app-lock on your payments or mobile banking-related apps
  • Report any suspicious activity at your nearest bank branch/authorised customer care number only
  • Validate Transaction Type before transacting through UPI, there is one standard rule – No PIN required for receiving money through UPI
  • Beware of Fraudulent/counterfeit applications while transacting through UPI, prefer using trusted applications for UPI transactions
  • Keep your details updated with your Bank
  • Alert your bank immediately in case you experience any unusual transaction


  • Never share your UPI PIN, CVV & OTP with anyone over Call/SMS/Email even if claiming to be from the Bank
  • Never store Banking passwords in your mobile handset
  • Be cautious of money requests from unknown senders as accepting an UPI money request is a debit to your account. Only accept requests from known senders and verified merchants
  • Do not forward any unsolicited SMS received on a request of the so-called Bank representative
  • Never give permissions / access to unknown apps
  • Never open untrusted SMS / Emails with links redirecting to UPI payment


To know more about general Information Security best practices, please visit here.
Be aware of the mechanisms used by Fraudsters to steal your money. Follow simple steps to protect yourself from them. Click here.
© Copyright IndusInd Bank Limited 2022. All Rights Reserved.