Partner With Us NRI

How to protect your trading account against cybercrime / data breaches


Let's hope you never see yourself in this situation. Like any other day, you go online to check your trading account details. And your jaw suddenly drops. There is minimal to nil balance in your account. But you know for sure that neither the market nor any of your investments have fallen in value. So, you quickly check the statement and collapse in shock. You see a list of money transfers from your trading account to an outside bank account. Neither did you authorize these transactions, nor did you receive notifications regarding the transfers. Unfortunately, you've just fallen prey to identity theft, hacking or cybercrime.

Why you should not take your trading account for granted

Your online trading account gives you instant access to check your information at any time, allows you to buy and sell securities and transfer money to and from your savings account. It offers you convenience and a host of benefits and features. But if you haven't been practising online safety measures, you could fall prey to malicious activity from lurking online cybercriminals.

For instance, as recent as last week, a popular online US stock trading platform, Robinhood, suffered a massive data breach with more than 5 million customer email addresses and 2 million customer names hacked, including a smaller set of more specific customer information. With the help of sophisticated software, malware and viruses, hackers infiltrated financial information of millions of customers.

What happens in a data breach?

When a trading account is hacked, cybercriminals or fraudsters obtain information to gain unauthorized access to the account. They then steal assets and securities or could misappropriate information to render the trading account invalid.

How do online frauds and identity thefts take place?

Hackers use malicious programs to attack unprotected and vulnerable computers of online investors.

For instance, you may have received an email that appeared genuine from a hacker. You probably think it to be an authentic link, attachment or URL. You click on it and, without your knowledge, launch a backend program or virus that begins to steal information back to the thief's computer. The virus or program monitors your computer activity, logs your keystrokes, thus allowing the identity thieves to obtain your credentials for all your financial accounts, including your trading account.

How can you detect if there is an issue?

The most crucial step is to monitor your account vigilantly. That means you need to go through your account and read your statements carefully. 

Signs that point out identity theft or cybercrime include:

  • Unauthorized transactions, transfers and unfamiliar deposits

  • Misplaced funds or investments

  • Suspicious updates or unauthorized modifications to account information such as a change in email, mobile number or address

  • Sudden notifications from your brokerage company indicating a change to your trading account that you did not authorize

  • Omitted account statements

  • Unfamiliar savings account added to your trading account

If you notice any of the above signs, your trading account may have been compromised. In this case, you would need to reach out to your brokerage company immediately. While the firm takes the necessary steps to get you the requisite assistance, you must change your username and password for the breached trading account and every other financial account you use with the same login.

How to safeguard your trading account?

  • Know what you're clicking. With phishing getting more sophisticated, an ideal way to safeguard yourself from a malicious attack is to ensure you do not click on any unverified emails. Even if you are 100% sure the link is valid, it's always safe to avoid clicking. Instead, you may want to go to the financial firm's website or app to confirm the information sent to you.

  • Use robust passwords. Do not save your passwords on your computer, do not share them or make a note of it anywhere that can be easily viewed and stolen. Use strong and different passwords for different accounts and change your passwords regularly.

  • Do not use a public computer. As a trader wanting to keep tabs on the market at any time or place, you may be tempted to use a shared computer. However, that could be risky. For one, there may be no assurance about the network security or if the computer you're using has been infected with malicious software.

  • Always enable two-step verification or multifactor authentication. How can you eliminate the likelihood of a cybercriminal taking over your trading account? Opt for multifactor or two-step verification -- you will need to enter your password, provide your password with a thumbprint, and an OTP sent as a text to your smartphone to access your trading account. 

  • Maintain up-to-date information. Enable alerts on every financial activity and all financial transactions. Doing so can ensure you receive instant notification of any suspicious account activity, thus allowing you to react instantly to unauthorized transactions.

  • Update your computer security. Install effective and robust antivirus, antispam and spyware detection features, especially if you are in the business of engaging in online financial transactions. If you're using a computing terminal, ensure it has up-to-date security software. Remember to configure the software for automatic updates and patching. If you're using a smartphone device, install security updates the moment you receive an update notification. Look to improve the safety of your system periodically to ensure it is up to date on online security.

How iSec protects your trading account

At ICICI Direct, we are committed to developing robust defence mechanisms and procedures to address these concerns. We are highly sensitive and cautious about cyber security practices and understand our responsibility in securing the customer's personal information and other related details.

To achieve this objective, ICICI Direct has invested in technology systems designed to offer responsive and reliable solutions that:

  • Manage customer privacy and information security

  • Safeguard assets and businesses

  • Ensure compliance with applicable laws

Our robust and resilient Information Security processes ensure confidentiality, integrity, and data availability at all levels of infrastructure and applications.

We focus on all verticals of cyber security and follow an established framework to address cyber security relating to:

  • Application security

  • Data security

  • Infrastructure and network security

  • Governance

  • Risk

  • Compliance

  • Detection

  • Mitigation

At ICICI Direct, we understand that cyber security is a constantly evolving area, hence making sustained investments in upgrading our systems and strengthening the cybersecurity team's breadth, depth, and capabilities.

We do this through:

  • Regular reviews of our information security framework

  • Measures to enhance team member awareness

  • Periodic application control reviews that cover Vulnerability Assessment and Penetration Testing involving external firms where necessary

In addition, every new application is subjected to Application Security Life Cycle (ASLC) testing. Periodic audits are conducted by the Internal Audit Group covering network security, database security and web servers. Additionally, we are also subject to SEBI-mandated Half Yearly Systems Audit and Cyber Security Audit.

While we constantly strive to put in place best-in-class controls relating to cyber security, we understand that due to the complexity of systems and sophistication of threat actors, it can be difficult to ensure complete safety at all times. Hence, we put in significant efforts and infrastructure to monitor our networks and identify threats and attacks through 24 x 7 monitoring systems.


At ICICI Direct, we hold cyber security as one of our topmost priorities and hence remain always cautious regarding the same. We constantly work towards enhancing our security posture.
Secure your financial information and protect your trading account today. Implement these simple safety measures and guard yourself against cybercriminals, malicious hackers and sophisticated thieves.


ICICI Securities Ltd. ( I-Sec). Registered office of I-Sec is at ICICI Securities Ltd. - ICICI Venture House, Appasaheb Marathe Marg, Prabhadevi, Mumbai - 400 025, India, Tel No : 022 - 6807 7100. The contents herein above shall not be considered as an invitation or persuasion to trade or invest.  I-Sec and affiliates accept no liabilities for any loss or damage of any kind arising out of any actions taken in reliance thereon. The contents herein above are solely for informational purpose and may not be used or considered as an offer document or solicitation of offer to buy or sell or subscribe for securities or other financial instruments or any other product. Investments in securities market are subject to market risks, read all the related documents carefully before investing. The contents herein mentioned are solely for informational and educational purpose.

Most Popular

  • 12 Jan 2022
  • ICICI Securities

What is a Bond Ladder? & How to Use it to gain from Debt Funds?

Investing in bonds that mature on different dates makes a bond ladder. Read on to know how to make gains from debt funds using a bond ladder.

  • 12 Jan 2022
  • ICICI Securities

The shoe must go on! An overview of the Indian footwear industry

The Indian footwear market has seen many changes in customer behaviour towards footwear.

  • 12 Jan 2022
  • ICICI Securities

Is a 50:50 investment in Large-Cap & Mid-Cap Funds a good idea?

Large-Cap vs Mid-Cap asset allocation can be tricky, especially when the market is experiencing some headwinds. Developments and economic cues can either push the market indices higher or push them off a cliff.

  • 11 Jan 2022
  • ICICI Securities

Demerger in Motherson Sumi Systems Limited: Implications on your F&O positions

Motherson Sumi Systems Limited has fixed a Record Date of January 17, 2022 for the purpose of issuance and allotment of 1 equity share of Motherson Sumi Wiring India Limited for every 1 equity shares to shareholders of Motherson Sumi Systems Limited.

  • 11 Jan 2022
  • ICICI Securities

NSE to launch Futures and Options for Nifty Midcap Select Index from 24th January

F&O Trading has evolved in India with F&O volumes now contributing to more than 95% of overall NSE volumes. F&O volumes in NSE have nearly doubled in FY 22 compared to FY 21 same time.

  • 09 Jan 2022
  • ICICI Securities

Demerger in GMR Infrastructure : Implications on your F&O positions

GMR Infrastructure Limited has fixed a Record Date of January 12, 2022 for the purpose of issuance and allotment of 1 equity share of GMR Power and Urban Infra Limited for every 10 equity shares to shareholders of GMR Infrastructure Limited.

  • 06 Jan 2022
  • ICICI Securities

Best Stocks to Buy in 2022

The new year is here, which means it's time for new investments! If you're wondering which are the best stocks to buy in 2022 that will give you returns in the range of 20%-80%, we've got a list of 10 top stocks in different sectors that you should definitely consider for your portfolio.

  • 04 Jan 2022
  • ICICI Securities

What is smallcase? Know Investing Ideas via smallcases

In our efforts to offer you the most seamless investing experience, we’ve partnered with smallcase. What exactly are smallcases? They are baskets of stocks or ETFs based on relatable ideas. They are professionally managed by registered entities or individuals.

  • 02 Jan 2022
  • ICICI Securities

Tips to Reduce your Used Car Loans Interest Rates

A new car brings joy not only to the person who drives it but to the entire family. Families prefer to travel in their vehicle, rather than depend on public transport. Since not everyone can afford to buy a new car, people opt for car loans. But the interest rates that they pay on a car loan can be challenging to navigate. Read on to find out tips on how to reduce car loan interest rates.

  • 02 Jan 2022
  • ICICI Securities

Tips and Advice For Loan Against Property

There are times when you may face a sudden shortage of funds. One of the quickest ways to deal with this adversity—is to avail of a Loan against Property (LAP). A Loan against Property enables you to get a secured loan against the residential or commercial property you own. Like any other type of loan, you must bear a few things in mind before applying for it. Click here to know a loan against property and the dos and don’ts you need to follow.