Secure Portal Usage

Open Financial Technologies Private Limited ("Open") is dedicated to safeguarding the financial assets of our users by offering guidance on how to avoid becoming a victim of online scams and fraudulent activities. If you notice any unusual activity on your Open account, please contact us immediately at [email protected].

We value your partnership in our efforts to combat fraudulent activities by being aware of the below common methods through which a user’s security is compromised:

  • Malware: Malware is a form of computer virus that installs itself on a user’s system. It is downloaded without the user's knowledge from infected websites or by piggybacking other software installations. Once inside the system, it can monitor the user’s activity and steal sensitive data such as card numbers, logins and passwords.
  • Phishing: Phishing is a malicious attempt to obtain sensitive banking and personal information. It often takes the form of an email or other electronic communication methods, including social networks and Short Message Service (SMS) text messages (smishing) that appear to come from a trusted institution, such as a bank or a well- known website, requesting confidential data like user IDs, transaction passwords, One- Time-Passwords (OTPs), Unique Reference Numbers (URNs), and other personal details. Cybercriminals employ these tactics to trick individuals into revealing their banking and other credentials, which can lead to financial loss and identity theft.
  • Spear Phishing: Distinguished by its targeted nature, spear phishing involves sophisticated email attacks that masquerade as trustworthy sources, tailored with personalized content. These deceptive emails are intricately crafted to appear relevant to ongoing projects, internal company developments, or even personal family events. Perpetrators of spear phishing meticulously customize their messages to deceive recipients into divulging sensitive information or taking malicious actions, posing a significant threat to organizational security and personal privacy.
  • Spoofing: A sophisticated online attack, spoofing involves fraudsters impersonating other individuals or entities through emails, phone calls, or counterfeit websites. These malicious actors employ genuine logos, graphics, and codes to create convincing replicas of authentic sites. They can even manipulate URLs and padlock icons to further deceive victims. Spoofed emails often appear to originate from trusted senders, making it challenging to discern the deception. To safeguard sensitive information, it's crucial to remain vigilant and adopt robust security measures to protect against spoofing attacks.
  • Vishing: Vishing is an attempt by a fraudster to take confidential details from you over a phone call. Details include user ID, login & transaction passwords, OTP, URN, card PIN, grid card values, CVV or any personal parameters such as date of birth, mother's maiden name, and Aadhaar. Fraudsters claim to represent banks on the pretext of helping the user with KYC/Aadhaar updation/verification/refund of amount/card Activation/limit enhancement/card issuance, etc. and attempt to trick users into providing their personal and financial details over the phone by guiding them to download remote access applications and gather unique access code to gain access of their mobile/computer. The details gathered through remote access will be used to conduct fraudulent activities on their account leading to financial loss. Open's users are encouraged to verify the legitimacy of links and contact information associated with authorized merchants/owners while exploring freeware software on the internet. Numerous fraudulent contacts can be found online, and scammers may exploit these situations to mislead users and steal login credentials via Vishing calls or remote access to mobile devices or systems. To ensure safety, users should exercise caution when encountering spam and refrain from sharing or accessing unknown links or mobile applications to prevent falling victim to fraud.
  • SIM Swap Fraud: Mobile phones serve as a convenient banking and communication channel, enabling users to receive account-related alerts and OTPs necessary for transactions and financial inquiries. However, without taking a few basic precautions, a criminal can reroute these alerts by illegally obtaining a duplicate SIM through your service provider, potentially leading to fraudulent activities. To protect yourself, it's essential to remain vigilant and take necessary measures to safeguard your portal usage experience.
  • Social Network Frauds: Social media platforms are popular among fraudsters, and they often exploit celebratory events to target today's youth. For instance, a recent trend involves invitations to install a "Valentine theme" on a well-known social networking site. The "Install" button downloads a malicious browser extension that monitors the user's activities. In other cases, users are redirected to a survey page soliciting crucial information such as their name, mobile number, credit/debit card credentials, OTP, and ATM PIN. These fraudulent activities highlight the importance of staying vigilant on social media platforms and safeguarding personal information.
  • Money mule: This scenario involves an attacker luring innocent victims with the prospect of making easy money. The attackers either demand an upfront investment or ask the victim for their bank details with the promise to transfer money. The victim then becomes an accessory to a crime as his/her account is used to transfer stolen money, untraceably.

SECURE PORTAL USAGE TIPS

Confidential: Keep your login credentials confidential and do not disclose it to anybody.

Memorise: Memorize your login credentials and do not write them down anywhere.

Access: Avoid accessing Open’s portal from shared computer networks such as cyber cafes or public Wifi network like hotel/airport etc.

Clicks: Do not click on links in the emails or sites other than Open’s portal to access your account.

Address: Always visit Open’s webpage by typing the URL https://open.money in the browser's address bar.

Verify: Treat any email message that asks for confidential/personal information with suspicion. Do not respond to forms in emails that ask for your email user id/password, ATM/ card number or PIN, date of birth, mobile number etc.

Auto-complete: Disable "Auto Complete" feature on your browser.

Type: Always type in your confidential login information. Do not copy and paste it.

Monitor: Monitor your transactions regularly.

Logout: Always logout when you exit Open’s portal. Do not directly close the browser.

Update: Ensure that your latest contact information is continually updated with Open.

Vigilant: Pay complete attention to the SMS alerts like transaction alerts and OTP sent by Open or the banks and immediately report any discrepancies to Open or the banks, as applicable. Do not open email attachments from unverified/unexpected sources or instant message download links. Delete such suspicious email messages immediately.

Review: Review bank statements and Open transaction history regularly, and in case of any discrepancy, immediately report the same to the bank or Open.

* The content presented in this article is of a general nature and serves an informational purpose. It should not be considered a substitute for tailored advice that addresses your unique situation.