Keeping customer information secure is a top priority for us, but it is also important for you to know how to protect your own security as you go about your day-to-day activities.
- Online and Mobile Banking
The internet has made banking much more accessible and convenient. With online or mobile banking being used every day, there are precautions you need to take to ensure that you enjoy the safest banking experience possible.
- Never reveal your online banking login information to anyoneIn particular your full online banking PIN.
- Ensure you are not being overlookedWhen entering passwords or PINs into online accounts in a public place, shield your screen and ensure no one is overlooking you or trying to distract you.
- Monitor your accounts on a regular basisCheck for suspicious transactions. If you do find anything suspicious, Report it.
- Monitor your list of online payees on a regular basisTreat any unexpected requests to change or update your payee details with caution and verify that the request has come from a legitimate source.
- Always logout completely from your online banking sessionSelect the log out button rather than just closing the website or app.
- Use secure websites (https)When entering login details or personal information, be sure the web page you are viewing offers encryption of your data by checking:
- The web address (URL) has changed from 'http' to 'https'.
- That a closed padlock icon is present.
- Your browser address window may be green.
Email is an excellent communication tool and also a useful way to stay informed about new products and services. However, email is sometimes used to deliver unwanted material. Always be cautious when sending or receiving emails, particularly if you are sending any personal details or arranging financial transactions.
Fraudsters sometimes send emails pretending to be from a reputable company in an attempt to acquire personal information (e.g. username, PIN, credit card number etc.). This is known as phishing. Some email scams have become much more sophisticated and are personalised in order to target certain people. These emails are personally addressed, well-written and look and sound professional. This is knows as spear phishing.
What to look for:Check for misspellings or unfamiliar sender addresses.Unexpected emails which claim to come from a financial institution.Urgent requests and threats.Claims that your account has been compromised.Requests to "Open an Attachment" or "Click a Link".
- Be suspicious of unsolicited emails. Listen to your instincts. If something doesn’t feel right then stop and question it.
- Never reveal your banking details or other personal information if requested via email.
- Check links in emails are legitimate by ‘hovering’ your mouse over the link to view the web address (URL) without clicking. If it is different to what you were expecting, do not click.
- Consider having different email addresses for different purposes; one for your bank to use, another for family and friends and perhaps a different address for online newsletters.
How to report a suspicious email:
- Call the sender to verify they sent the email. If possible use a number in a directory or on their website rather than the same number contained in the email.
- Do not reply to the email, fill out any forms or follow any of the instructions specified.
- Do not click on any links as they may try to direct you to fake websites.
- Do not open attachments as they may infect your computer with malicious software.
- Forward suspicious emails claiming to be from Bank of Ireland to firstname.lastname@example.org and then delete.
Your email address can be obtained from publicly available sources or through randomly generated lists. Therefore, if you receive a fake email that appears to be from Bank of Ireland, this does not mean that your email address, name, or any other information has been gathered from Bank of Ireland's systems.
Examples of Phishing emails and what to look out for:
Telephone fraud is becoming increasingly common. Sometimes fraudsters try to trick you into divulging personal and confidential information, including bank account details, over the phone. This is known as ‘Vishing’. The fraudulent text message equivalent to this is known as ‘Smishing’. Fraudsters may claim to be from a reputable organisation or claim that your account has been compromised and that action is required.
Bank of Ireland will never ask you to transfer money to a new account so ignore such calls or texts.
When in doubt about the legitimacy of a call or text claiming to be from Bank of Ireland, report it and do not act on it unless confirmed to be genuine.
- Criminals who have called your landline can stay on the line for up to 5 minutes, even after you have hung up. Wait at least 10 minutes after hanging up. Then, to ensure that the fraudsters has disconnected, call someone you know before using the phone again or use a different line to report the incident to the Bank.
- Sometimes fraudsters make phone calls, claiming to be from a reputable IT organisation, to offer assistance. Never allow a cold caller to take remote access of your computer.
- Never respond to suspicious text messages or click on links contained within. These links may lead to malicious content. Send a screenshot of the suspicious text to email@example.com and then delete it.
The use of strong passwords is essential in order to protect your information and identity. The best security in the world is useless if a fraudster has access to a legitimate username and password.
Strong passwords can take years to crack; weak passwords can be cracked in less than 5 minutes.
What makes a strong Password?
- More than 8 charactersHaving a long and complex password makes it difficult for hackers to decipher.
- VariedRandom words made up of a combination of upper and lowercase letters, numbers and symbols.
- UniqueAvoid using the same password across multiple accounts. It would only take one successful attack for all your information to be stolen.
- Easy for you to rememberBut difficult for someone to guess (avoid birthdays, pet names etc.).
- Replace letters with numbers and symbolsUse a movie title or character you like. For example SP!D3Rm@n – a variation of Spiderman.
- A line of a songOne that other people would not associate with you- fly1ngw1Th0Utw!nGs!
- A phrase known to you“Consider yourself at home" and take the first character from each word- CYAH. Then combine this with numbers and symbols- C.2!Y64a?H@.
Create your own unique password using these tips (Don’t use these examples!)
- Use finger print detection for mobile devices and use a PIN with more than 4 numbers where possible.
- Never share your usernames or passwords.
- Never allow web browsers (e.g. Google Chrome, Internet Explorer) to remember your passwords- you put your information at risk.
- Public Wi-Fi
Wireless networks have changed the way we use computers and mobile devices at home in the office and on the move. ‘Public’ wireless networks or hotspots mean that we can get online in places like cafés, hotels and parks. While this is very convenient, there is a security risk associated with it.
When you access public Wi-Fi, you can never be sure who has set up the network and, more importantly, you don’t know who is connected to it. Malicious users could intercept anything you are doing online including capturing your passwords and reading private emails.
- Use 3G or 4G instead of public Wi-Fi when entering personal information where possible.
- If you see anything suspicious while using public Wi-Fi, report your concerns to the manager of the organization providing access to the Wi-Fi service.
- Avoid installing any system or application updates on your mobile phone or computer whilst using public Wi-Fi.
- Protecting your Device
There are a number of potential threats online and you need to ensure that you properly protect your devices- mobiles, tablets, laptops or PCs. This will help safeguard against your device being infected with malicious software and from potentially serious consequences such as fraud and identity theft.
- Ensure you have up-to-date anti-virus software in place on your devicesSchedule regular checks on your computer system.
- Keep the software on your device up-to-dateInstall the latest software update as soon as possible. You will normally receive a prompt to update.
- When downloading apps, go directly to a legitimate sourceFor example use the official App store or the Play store. Be cautious when downloading apps accessed by clicking on a link.
- In the event your device is lost or stolen, most smart phones & tablets have a capability to be remotely wipedThis will prevent sensitive information from falling into the wrong hands.
- Secure access to your deviceUse a strong PIN, password, passcode or fingerprint detection to access your device.
- Ensure to clear all information on your device before selling it.
- Know how to recognise the signs that your computer may have become infected (including but not limited to the following):
- Applications that don’t work properly.
- Date of last login doesn’t match the date you last logged in.
- System slows down, freezes or crashes.
- Unusual error messages.
- Your browser toolbar changes.
- System performance deteriorates unexpectedly.
- An increase in the number of flies on the system when nothing has been added by you.
- Printing does not work correctly.
- Distortion on screen.
- File size changes for no apparent reason.
- If you suspect that your device may be infected Do not log on to any online banking channels until any malicious software has been removed.
- Shopping Online
The ability to shop, bank, book travel and make payments online has transformed our daily lives. However, these transactions are sometimes targeted by fraudsters. Most reputable organisations make it as safe as possible for customers to conduct business with them online. Today’s cybercriminals are highly skilled at creating fake websites, and persuading consumers to divulge sensitive information and make payments.
Consider these simple steps to shop online with confidence.
Is the website safe?
- Always go directly to the site or access it via a search engine (e.g. Google, Bing) first. Never follow links on websites or in emails if you are suspicious.
- Ensure the web address is what you expected (e.g. check for incorrect spelling).
When entering login details or personal information, be sure the web page you are viewing offers encryption of your data by checking:
- The web address (URL) has changed from 'http' to 'https'.
- A closed padlock icon is present.
- Your browser address window may be green.
- Always ensure you are buying only from reputable retailers, whether from personal experience or trustworthy recommendations. If it is not a well-known shopping site, do some research and look for independent reviews rather than trusting testimonials on the site itself.
- Social Media
Social media has changed the way we communicate. However, the more information you post online, the more you put yourself at risk of becoming a potential target for fraudsters. For example, if a fraudster obtains your full birth date and place of birth, they could try to use this information to access your accounts.
What goes online stays online
To protect yourself and your information, care must be taken when using social media.
- Privacy and security settingsLearn about and use the privacy and security settings on social networks. They are there to help you control who sees what you post and to manage your online experience in a positive way. Do not rely on default settings.
- Keep personal information personal.Be cautious about how much personal information you provide on social networking sites. The more information you post, the easier it may be for a fraudster to use that information for malicious purposes.
- Make passwords long and strongSee the Passwords section for more information.
- When in doubt, throw it outLinks in messages, tweets, posts, and online advertising may contain malicious content. Even if you think you know the source, if something looks suspicious delete it.
For more information see Identity Theft.
- Card & ATM Safety
As with all financial transactions, please use discretion when using your card or an automated teller machine (ATM).
- Where possible, avoid letting your card out of sight when using it to pay for goods and services.
- When making a contactless payment, ensure you check that the amount you are paying is correct before tapping your card on the payment device.
- Always cover your card PIN when entering it on the keypad.
- Do not choose a card PIN that might be easily guessed e.g. your date of birth, numbers in descending or ascending order, e.g 5432 or 1234, or four of the same numbers 1111.
- Don’t reveal any of your banking details such as your card number, PIN or full password if requested by email or over the phone.
- When shopping online, verify that you have accessed a legitimate website before entering card details. See Shopping Online for more information.
- Be aware of your physical surroundings, ensure no one is trying to distract you or look over your shoulder.
- Check that there are no obvious signs that the ATM has been tampered with or damaged.
- Check that other people in the queue are at a reasonable distance behind you.
- Shield the keypad with your hand to prevent hidden cameras or people from capturing your PIN.
- Never reveal your PIN to anyone.
- Use ATM machines which are in clear view and well lit, if suspicious, walk away.
- If your card is retained by an ATM report it immediately.
- Keep the Bank of Ireland lost or stolen card phone number in your mobile phone contacts.
- Identity Theft
Identity theft occurs when someone steals your personal information and uses it to impersonate you. They can carry out fraudulent activity such as trying to access your bank accounts, opening a credit card account in your name or getting payment from a supplier.
How to reduce your risk of Identity Theft
- Be careful when posting personal information online, including on social mediaThe more information you post online about yourself the easier it may be for a fraudster to steal your identity.
- Never give your card PIN to anyone
- Cancel lost or stolen credit and debit cards immediately
- Lock all valuable documents awayEnsure they are in a secure place.
- Ensure to clear all information on your device before selling it
- Shred confidential informationAlways shred any confidential information such as bank statements or cheque books before you throw them away.
- Inform all service providers promptly when moving addressSet up a mail forwarding arrangement with An Post