Cyber Security & Safe Banking
As per RBI directives on Cyber Security Framework for Urban Co-operative Banks, KTCCB is committed to educating its customers on digital safety, fraud prevention, and secure banking practices.
RBI Cyber Security Framework for Urban Co-operative Banks
Based on RBI Circular DCBR.BPD.(PCB/RCB).Cir.No.6/18.01.000/2016-17
What the Bank Does
- Maintains an IT & Cyber Security Policy per RBI guidelines
- Implements multi-factor authentication for all digital transactions
- Conducts regular security audits and vulnerability assessments
- Uses end-to-end encryption for all customer data in transit
- Maintains a 24×7 Incident Response team
- Complies with NPCI security mandates for UPI and card transactions
- Mandatorily reports cyber incidents to RBI within prescribed timelines
Your Responsibility as a Customer
- Never share OTP, PIN, Password, or CVV with anyone
- Use only official KTCCB channels for banking
- Enable SMS/email alerts for all transactions
- Regularly change your Internet Banking / Mobile Banking password
- Keep your registered mobile number updated with the bank
- Report unauthorised transactions immediately
- Verify the sender before clicking any link in email/SMS
Phishing Attacks — Fake Emails & Websites
Fraudsters impersonate banks to steal your credentials
What is Phishing? Cybercriminals send emails, WhatsApp messages or SMS that appear to come from KTCCB, RBI, or government agencies. These messages contain links to fake websites designed to steal your banking credentials.
DO
- Always check the sender email domain — official KTCCB email ends with
@ktccb.in - Look for HTTPS padlock icon before entering any details
- Verify website URL carefully — watch for misspellings like
ktc-cb.in - Call the bank directly on 03454-255105 to verify suspicious communications
- Keep your browser and antivirus updated
DO NOT
- Click on links in unsolicited emails, SMS, or WhatsApp messages
- Enter your account details on any website accessed via email link
- Download attachments from unknown senders
- Believe urgency tactics like "Your account will be blocked in 24 hours"
- Ignore browser security warnings on a website
www.ktccb-secure-verify.xyz/login MALICIOUS LINK — DO NOT CLICK
Vishing & KYC Fraud — Fraudulent Phone Calls
Callers impersonate bank officials, RBI, TRAI, or police to extract sensitive information
Fake KYC Update Call
Fraudster calls claiming your KYC is incomplete and your account will be blocked. They ask for Aadhaar number, OTP, or ask you to install AnyDesk/TeamViewer for "remote verification".
Fake RBI / Government Call
Caller claims to be from RBI, ED, CBI, or Income Tax. They warn about illegal transactions in your account and ask for money transfer to a "safe account" or demand OTP to "freeze your account for safety".
Lottery / Prize Fraud
You receive a call saying you've won a prize/lottery. To receive the prize, you are asked to pay "processing fee", "GST" or share your account details.
Remote Access Scam
A "bank executive" calls offering to help resolve a problem and asks you to download AnyDesk, QuickSupport, or TeamViewer. Once installed, they gain full control of your device and banking app.
The Golden Rule of Safe Banking
OTP is your digital signature. KTCCB staff will NEVER ask for your OTP, ATM PIN, Internet Banking Password, or CVV under any circumstances. The moment someone asks for this, end the call and report to 1930.
UPI, QR Code & Digital Payment Frauds
Understanding the mechanics of modern digital payment scams
Fake "Collect" Requests
Fraudsters send a UPI "Collect Money" request. You enter your PIN to approve it — but instead of receiving money, you send money. Remember: PIN is only for SENDING money, never for RECEIVING.
Malicious QR Codes
Scammers paste fake QR codes over legitimate merchant QR codes. Always verify the merchant UPI ID on the confirmation screen before approving any payment.
Screen Sharing Fraud
A fake customer or seller asks you to do a screen-share on WhatsApp or Zoom to "complete the transaction". This exposes your banking app, OTP, and UPI PIN.
SIM Swap Fraud
Fraudster contacts your telecom provider with forged documents to get a new SIM for your number. They then use your mobile number to receive OTPs and access your accounts.
OLX / Social Media Scam
Fake "Army/Government Officer" buyers on OLX/Facebook request advance payment or ask you to scan their QR code to "verify your account" before paying.
Loan App Fraud
Fraudulent loan apps charge processing fees upfront, access your contacts, and later blackmail you. Use only RBI-regulated and KTCCB-approved lending services.
NPCI Safe UPI Practices
Enter UPI PIN only to send money — never to receive
Verify recipient UPI ID / VPA before confirming any payment
Do not scan unknown QR codes sent via WhatsApp or email
Set transaction limits on your UPI app as per your requirement
Immediately report an unknown debit via NPCI dispute portal
Never link your primary account to unknown UPI applications
ATM, Debit Card & Internet Banking Security
Physical and digital safeguards for your cards and accounts
At the ATM
Internet & Mobile Banking
www.ktccb.in
Social Engineering & Impersonation Frauds
Psychological manipulation tactics used by cybercriminals
Common Psychological Tactics Used by Fraudsters
"Act NOW or your account will be blocked in 2 hours"
"I am from the CBI / RBI / Income Tax Department"
"You have won ₹50,000. Share your details to claim"
"I am your son's friend — he's in an accident, please transfer money"
Pause. Verify. Act. If you feel pressured or panicked during any communication, take a breath and call the bank directly on the official number before doing anything.
How to Report Cyber Fraud — Immediate Actions
Act fast — every minute matters in limiting financial loss
Call Cyber Crime Helpline
Dial 1930 immediately. Available 24×7. The National Cyber Crime Reporting Helpline freezes fraudulent accounts faster when called early.
Contact Your Bank
Call KTCCB on 03454-255105 or visit the branch immediately. Freeze your account / cards and request transaction reversal initiation.
File Online Complaint
Register complaint at cybercrime.gov.in with transaction details, screenshots, and communication records. Note your Complaint Number.
File Police FIR
Visit the nearest Cyber Crime Police Station or your local police station to file an FIR. Carry all evidence — screenshots, call records, and bank statements.
Important Helpline Numbers & Resources
Password Hygiene & Device Security
Strong passwords and secured devices form your first line of defence
Strong Password Guidelines
ktccb12312345678Kalna2024K@ln@#Bk7$24- Minimum 12 characters — the longer, the stronger
- Mix of UPPERCASE, lowercase, numbers, and symbols
- Do not use personal info: birthdate, name, phone number
- Use a different password for banking vs. social media
- Change your banking password every 90 days
- Use a trusted Password Manager instead of writing passwords down
- Enable Two-Factor Authentication (2FA) wherever available
Device Security
- Keep your phone OS and apps always up-to-date
- Install apps only from Google Play Store / Apple App Store
- Enable screen lock (biometric or strong PIN) on your device
- Do not root/jailbreak your device — it disables security protections
- Install a reputable Mobile Security/Antivirus app
- Enable "Find My Device" and remote wipe capability
- Disable Bluetooth and NFC when not in use in public places
- Do not store OTPs or passwords in chat applications or notes
Key RBI Circulars & Customer Rights
Know your rights as a banking customer under RBI regulations
As per RBI Master Direction on Limiting Liability of Customers in Unauthorised Electronic Payment Transactions (DBR.No.Leg.BC.78/09.07.005/2017-18):
- Zero Liability for customers where the fraud is due to the bank's negligence or a third-party breach without customer fault, if reported within 3 working days
- Limited Liability applies based on transaction amount and time of reporting for cases where customer negligence is partly involved
- Report unauthorised transactions to the bank immediately to preserve your rights under this circular
- Banks must resolve such complaints and credit the amount within 10 working days
RBI Circular DCBR.BPD.(PCB/RCB).Cir.No.6/18.01.000/2016-17 mandates that all Urban Co-operative Banks must:
- Formulate and implement a Board-approved IT Security Policy
- Conduct Risk-Based Information Security audits periodically
- Implement IT Service Continuity Management (ITSCM)
- Ensure secure transmission of customer data using encryption
- Maintain logs of all IT transactions for audit purposes
- Impart mandatory IT security awareness training to staff
- Report any significant cyber incidents to RBI within 2-6 hours
- Banks must mandatorily send real-time SMS/email alerts for all card and digital transactions
- All new cards issued are enabled for domestic use only by default — international usage must be separately activated
- Cardholders can set transaction limits via mobile/internet banking
- Positive Pay System mandated for cheques above ₹50,000 — reduces cheque fraud significantly
- Additional Factor of Authentication (OTP) is mandatory for all online card transactions
If your complaint is not resolved by the bank within 30 days, or if you are dissatisfied with the response, you may approach:
- The RBI Banking Ombudsman — free of cost service at bankingombudsman.rbi.org.in
- The Integrated Ombudsman Scheme covers all regulated entities including UCBs
- Toll-free number: 14448
- Cases involving digital fraud of up to ₹20 lakh can be escalated here
Official Disclaimer — The Kalna Town Credit Co-operative Bank Ltd.
KTCCB will never contact customers to ask for OTP, ATM/Debit Card PIN, Internet Banking passwords, CVV number, or Aadhaar OTP through any channel — including phone calls, SMS, email, or social media. We are a licensed Urban Co-operative Bank regulated by the Reserve Bank of India (RBI) and the West Bengal Co-operative Societies Act. Any communication claiming to be from KTCCB requesting sensitive credentials is fraudulent. Customers are advised to exercise vigilance and report suspicious contacts immediately.