|
PHISING ADVISORY
What is Phishing?
Phishing (pronounced as "fishing") is the act of sending an e-mail
to a user in an attempt to illegally obtain sensitive personal information from
you. The e-mail directs the user to visit a web site where you will be asked to
update personal information, such as your User ID, PIN, passwords, bank account,
credit card numbers, etc. which will be used for identity theft. The web site, however,
is bogus and was only set up to steal the user's information towards unauthorized
activities, purchases, etc.
Common techniques that are used by the phishing fraudsters include, but are not
limited to the following:
|
.: |
Using false email addresses, logos, and graphics to mislead you into accepting the
validity of the emails and web sites;
|
|
.: |
Fake domain names to appear representing us;
|
|
.: |
Duping you into providing personal details through one or more methods such as hyperlinks
to fake websites or embedded forms in emails.
|
Important security reminders:
|
.: |
Never disclose your User ID or PIN to anyone.
|
|
.: |
To access Security Bank Online, enter the URL address manually into your web browser.
Never login via any website links especially within emails.
|
|
.: |
Aware of email scams that typically request that you update your account information.
SECURITY BANK WILL NEVER REQUEST FOR YOUR USER ID AND PASSWORD THRU EMAIL.
|
SECURITY & YOU
At Security Bank, we know that the confidentiality of your personal information
is very valuable to you. Because of this, we are committed to provide you with a
safe and secure online environment for your banking needs.
Your Role in Safeguarding Your Account Information
Apart from the security measures put in place by the Bank, you play an equally important
role to ensure your online security and account information is not compromised.
We highly recommend the following security practices while doing banking transactions
online:
|
1. |
Keep your User ID and Password confidential at all times
|
|
2. |
Tf your online session at all times
|
|
3. |
Do not store your User ID and Password when using Internet Explorer browsers
|
|
4. |
Do not register in any suspicious websites so as not to disclose your personal information
|
|
5. |
Use a computer/device that you trust
|
|
6. |
Ensure adequate security for wireless network and devices
|
|
7. |
Clear your browser's cache and history after each session
|
|
8. |
Protect your computer from viruses and malicious programs
|
|
9. |
Protect your critical data to prevent the loss of important files.
|
|
10. |
Check your account and transaction history details regularly
|
|
11. |
Update your branch of account when you change your contact particulars
|
|
12. |
Report to immediately if you suspect that your personal information may have been
compromised
|
1. Keep your Password confidential at all times
Your Password is like the key to your online safe. We identify you using your User
ID and Password. Protecting your online identity is very important to safeguard
your Password at all times.
Important tips on how to safeguard and protect your password:
|
o
|
We encourage you not to use the same Security Bank Online Password for other financial
or non-financial web-based services such as for email, online shopping, digital
identity and other online subscription services.
|
|
o
|
Do not choose a Password that is easily guessed or data that is highly associated
with you, like your telephone number, TIN/SSS number, date of birth, or User ID.
Select an uncommon and unique Password to make it difficult for anyone to guess.
|
|
o
|
Avoid using sequential numbers or the same number more than twice (e.g. 121145).
|
|
o
|
Memorize your Password. Do not write down your Password or store it in computer
hard-disk, diskette, mobile phone or other none secure means.
|
|
|
:.
|
Do not key in your Password within view of someone else.
|
|
|
:.
|
Verify that the URL displayed in the browser is correct before entering your User
ID and Password. The URL of Security Bank Online's "Enter User ID" page should read
https:// securitybankonline.securitybank.com
|
|
o
|
Use the latest recommended Internet browser such as those that support 128-bit encryption
so that you have the most updated security features available.
|
|
o
|
Change your Password regularly by using the 'Change Password' service (minimum 8
digits) under the Utilities menu.
|
|
o
|
Change your Password immediately if you suspect it has been exposed to others or
the moment you suspect any unauthorized access.
|
2. Log off your online session
Log off your online session whenever you leave your computer, even for a short while.
This immediately ends your Internet Banking session and prevents further transactions
from being carried out without a fresh login. You should also shut down your computer,
when not in use, to prevent unauthorized access to your computer.
3. Do not store your User ID/Password when using Internet Explorer browsers
Some browsers store and list possible matches from entries that you have typed previously.
You can prevent any User ID/Password from being stored in your browsers by de-activating
the function:
|
o |
Internet Explorer |
|
|
- |
Launch your Internet Explorer browser and click on "Tools" >> "Internet Options"
>> "Content". |
|
|
- |
Under "Personal Information", click on "AutoComplete".
|
|
|
- |
Under "Personal Information", click on "AutoComplete".
|
|
|
- |
Under "Personal Information", click on "AutoComplete".
|
|
o |
Netscape 6.0
|
|
|
- |
Netscape 6.0
|
|
|
- |
Select "Preferences"
|
|
|
- |
Double click on "Privacy & Security"
|
|
|
- |
Click on "Passwords"
|
|
|
- |
Ensure that "Remember passwords" under "Password Manager" is unchecked
|
|
|
- |
Click "OK" to save your settings
|
4. Do not disclose your personal information to suspected websites
To prevent your personal information from being captured by bogus websites, you
should not disclose your personal, financial or credit card information to little-known
or suspected websites.
5. Use a computer/ device that you trust
You should not conduct your Internet banking transactions on computers/devices which
cannot be trusted such as shared or public computers, especially computers located
in unusual and out of the ordinary places. If you have to, always clear your browser
cache after each session on such computers to ensure your account information is
removed. For Internet Explorer 5 users, please also ensure that the "AutoComplete"
function is deactivated after use.
6. Ensure adequate security level for wireless network and devices
Poorly configured wireless equipment may allow malicious entry into your computer
directly through the air waves. If you are using a wireless network/ device, you
are strongly advised to read your instruction manual, or consult your vendors if
necessary, to configure your wireless network/ device to ensure that adequate security
levels are established.
7. Clear your browser's cache and history after each session
Temporary files stored in your computer called cache files and history can retain
information and data. Always remember to clear your browser's cache and history
after each session so that your account information is removed, especially if you
are using a shared computer.
8. Protect your computer from viruses and malicious programs
Apart from destroying important data on your computer, viruses/malicious programs
such as Trojan Horse may run a password sniffing program in the background to capture
your password keystrokes without your knowledge. Being constantly online may increase
risk exposure of your computer.
9. Protect your critical data
Make regular backup of your critical data and ensure that these data in your computer
is adequately protected.
10. Disable the "File and Printer Sharing" feature on your Operating System
This prevents an external party from gaining illegal control or access to your computer.
You can refer to your computer vendor or instruction manual on how to activate this
feature.
11. Check your account and transaction history details regularly
Regularly check your transaction history details and statements to make sure that
all details are updated and there are no unauthorized transactions on your accounts.
Also take note of your 'last login date and time' whenever you login to Security
Bank Online to make sure that there has not been any unauthorized access.
12. Update us when you change your contact particulars
To make it easier for us to reach you whenever we detect unusual transactions in
your account, always keep us updated with your latest contact numbers and mailing
address.
13. Let us know immediately if there's a problem!
If you notice any unusual/unauthorized transactions, please change your PIN and
notify us immediately. Where necessary, your Internet Banking access can be suspended
at your request to protect your interest.
|
