Repeated sign-in attempts to my HDFC Net Banking

[Avinash4348]

There have been more than 1000 attempts or even more to sign in to my HDFC Net Banking ID. Every time my account gets blocked after someone tries to sign in and it happens everyday. And everyday the account get blocked due to safety measures after 3 incorrect password sign in attempts. The problem is that I have to reset my HDFC Net Banking password just to log in. Is there any way to change my HDFC Net Banking user id by contacting customer care?

Whoever it is, has been trying to login from personalized user id most probably. Because it is set exactly as my first name

 

[Kloud]

By default user ID is your customer ID. I don't think you can change it easily. If hackers are trying to login using the customer ID then it's going to be difficult.

On HDFC netbanking, you can add alias to your account and that'll also work as user ID. If the hackers got this alias then it might be easier to change. You can't change it from the Netbanking though. Call them.

 

[enthusiast29]

User ID can be customized, I've done so already. There's a "personalize User ID" on top of the screen but it ain't showing any editable field now sadly. Perhaps you can only set once?

 

[montsa007]

Whoever it is, has been trying to login from personalized user id most probably. Because it is set exactly as my first name

Change it to something different mate, speak to the customer care executive once as they'll be the best people to guide you.
Since each bank has a different policy.
You may be required to visit the branch once.

 

[nRiTeCh]

Some banks allow to set user id only once.
When trying to look outside, may be someone from your own family is tying to play here unless you actually signed in from someones devices, public kiosks others laptops etc etc.. Also, if you ever installed any malicious app or cliecked on such phshing links theres high possibility your cookies, saved credentials were sent backdoor and exposed on the net.

Speak to cc and be ready with battery of verification rounds to prove authenticity. Meanwhile if you are able to access your account, transfer all balance to a secondary a/c or to your wifes or parents a.c ftw to be secured as money matters eod.

Troubleshooting can be done later on and it does takes time. and I hope you dont want to mess up with your hard earned money here..

Just fyi.. I keep getting at times 50+ twitter otps and fb otps for the a/c which I created and never used and I dont bother and have blocked such smses.

 

[salian]

I've wondered about this aspect.
Doesn't this form a trivial DDOS attack vector on a bank if user IDs of all their customers can be blocked just by attempting the wrong password a few times?