Avoid using any common words or phrases and never create a password that contains your name, initials, or your date of birth.
Security software is essential, regardless of what you use your computer for. As a minimum, make sure you have a firewall turned on and are running an antivirus software. This will ensure you are protected from Trojans, Keyloggers and other forms of malware that could be used to gain access to your financial data. You’ll also want to keep your operating system and other software up-to-date to ensure that there are no security holes present.
No financial institution will send you an email asking you to provide any of your login details. If you receive an email that asks for such details, then treat it with suspicion as it may well be a phishing attempt to trick you into handing your credentials over. Be aware of links in emails that appear to be from your bank – this is a trick often employed by people to get you onto a website that looks like your bank. When you log in to ‘your account’ they will steal your username and password and, ultimately, your money. It is always safer to access your online bank account by typing the address into your browser directly.
Online safety – how to protect yourself and family: https://www.getsafeonline.org/ The Metropolitan Police also issues guidance on the different types of scams that can occur. A PDF version is available here: https://www.met.police.uk/littlemedia Reporting internet crime to the National Fraud and Cyber Crime Reporting Centre: http://www.actionfraud.police.uk Be aware of unsolicited phone calls that say they’re from your bank. While your financial institution may require you to answer a security question, they will never ask for passwords or PIN numbers (they may ask for certain letters or numbers from them, but never the whole thing). If in doubt, do not be afraid to hang up and then call your bank back via a telephone number that you have independently confirmed as being valid.
It’s always best practice to connect to your bank using computers and networks you know and trust. But if you need to access your bank online from remote locations you might want to set up a VPN (Virtual Private Network) so that you can establish an encrypted connection to your home or work network and access your bank from there. Look for a small padlock icon on your browser and check the address bar – the URL of the site you are on should begin with ‘https’. Both act as confirmation that you are accessing your account over an encrypted connection.
It is good practice to always log out of your online banking session when you have finished your business. This will lessen the chances of falling prey to session hijacking and cross-site scripting exploits. You may also want to set up the extra precaution of private browsing on your computer or smart phone, and set your browser to clear its cache at the end of each session.
We offer the facility for customers to set up text or email notifications to alert them to certain activities on their account. For example, if there is a failed log in attempt then we will send a message to your mobile. Or each time a withdrawal is requested from a notice account we will send an email to notify you. Such alerts could give quick notice of suspicious activity on your account.
It should go without saying that monitoring your bank statement each month is good practice as any unauthorised transactions will be sure to appear there. With online banking you have access 24/7 so take advantage of that and check your account on a regular basis. Look at every transaction since you last logged in and, if you spot any anomalies, contact your bank immediately.