Cardholders   Commercial   Merchants   Value of Visa   Media Center      Southeast Asia  
Search:

Navigation

    Chip Technology Secure Online Shopping Email Fraud

Frequently Asked Questions


What is ‘brand spoofing’?

Brand spoofing is the act of copying a legitimate company’s corporate look (brand name, corporate logo, corporate colors) in an email or on a fraudulent website.  The goal of criminals using brand spoofing is to lead consumers to believe that a request for information is coming from a legitimate company.  In reality, it is a malicious attempt to collect customer information for the purpose of committing fraud.

How do ‘phishing’ and ‘brand spoofing’ work?

Customers receive an unsolicited email appearing to be from a legitimate company with which the customer deals – for example, their Internet Service Provider (ISP), online payment service or financial institution.  
 
The email claims that a billing error or account problem has occurred, or that the consumer’s information needs to be updated or validated.  Customers are then asked to follow instructions that will take them to a website that appears legitimate, complete with a company’s brand name, corporate logo, and corporate colors – otherwise known as a “brand spoofed” website.  While at the site, customers are asked to provide updated personal and financial information by completing an online form.  The form requests a variety of information such as credit card numbers, account numbers, passwords, date of birth, etc. 
 
Because these websites and email often look ‘official’, some recipients are fooled into responding, and thereby disclosing their financial and personal information to criminals.  These criminals then use the information to purchase goods and services, obtain credit or commit identity theft.

What should I do if I suspect that I’ve received a ‘phishing’ email?

If you receive an email that appears to have been sent by Visa that you are suspicious of, contact Visa immediately at phishing@visa.com.  If you think you have given away your account details to a fraudulent site, call the customer service number printed on the back of your payment card.

How can I ensure that I am communicating with Visa or one of its financial institutions during a secure session?

You can verify that you are communicating with Visa or one of its financial institutions by examining the website certificate during a secure session.  The website certificate will verify the identity of the specific website you are accessing as well as validate that the site is secure and genuine.  It also ensures that no other website can assume the identity of the original secure site.  Please refer to your web browser’s documentation for instructions on how to view a certificate.

How is my information transmitted safely over the internet?

Web browsers use standard security protocols like Secure Socket Layer (SSL), and Secure Hyper Text Transfer Protocol (S-HTTP) to enable private information to be transmitted safely over the internet.  When you visit a website with the SSL protocol, a secure connection is created between your computer and the website server you are visiting.  Once this connection is established, you can transmit any amount of information to the web server safely.  In contrast, S-HTTP is designed to transmit individual messages securely.

How can I tell if my browser session is secure?

For most web browsers such as Microsoft Internet Explorer and Netscape Navigator, a secure, encrypted session will be indicated by a closed padlock or an unbroken key icon that appears in the lower left or right hand corner of the browser window.  You may also check the address bar of your browser.  If the website address starts with “https://” rather than the standard “http://” then the session is secure.

What is a Digital Certificate and how does it help to ensure security?

Digital certificates are issued by extensively audited and controlled certification authorities to authenticate a website or elements of websites.  The certificate identifies the originator of the site and verifies that it has not been tampered with.  When your web browser is presented with a certificate, it will check to see if a legitimate certification authority issued the certificate.  If there is a match, your session will continue.  Otherwise, your browser will issue a warning, and your safest action is to cancel your activity.

What is the difference between 40-bit encryption and 128-bit encryption?

40-bit and 128-bit refer to the size of the alphanumeric key used to encrypt information.  To use the lock and key analogy, the greater the number of keys, the more difficult it is to find the correct key to fit into the lock that protects the information.  Therefore, the larger the size of the encryption level, the more difficult it is to find the right key to unlock the information.

Can other people view my personal information when I am using the internet?

If a secure session is established and the information is encrypted during transmission, then others will not be able to view your information.  However, you should be aware that some web browsers will store information on your computer even after you are finished conducting your online activities, this is called caching.  Therefore, you should close your browser once you are finished using the internet, particularly if you visit secure sites to conduct financial transactions, check account balances or view any other information that you regard as private and confidential.

Are email transmissions secure?

If a secure session is established and the information is encrypted during transmission, then others will not be able to view your information.  However, you should be aware that some web browsers will store information on your computer even after you are finished conducting your online activities, this is called caching.  Therefore, you should close your browser once you are finished using the internet, particularly if you visit secure sites to conduct financial transactions, check account balances or view any other information that you regard as private and confidential.

  • Printable Page

Related Links

  • Contact Us
    Send us an email at phishing@visa.com if you think you have received a fraudulent email claiming to be from Visa.
  • Online Shopping Tips
    Pick up valuable tips on how you can shop online safely.
 
 
Home | About Visa | Careers | Site Map | Legal | Privacy Policy | Hyperlink Guidelines | Global Sites | Asia Pacific Sites
© Copyright Visa. All Rights Reserved.