Online Banking

Online banking is a very secure and convenient way to access your bank’s services. However, you need to be wary of fraudsters trying to gain access to your account. This is usually by trying to dupe you into handing over security information such as your username, passwords or your memorable information.

How to bank safely online

Never login to your bank website through a link in an email, even if the email appears to have come from your bank. Type the web address into your browser yourself.


The login pages of bank websites are secured through an encryption process, so a locked padlock or unbroken key symbol should appear in your browser window when accessing your bank site.

The beginning of your bank’s internet address will change from ‘http’ to ‘https’ when a secure connection is made.


  • Be wary of any unexpected or suspicious looking pop-ups that appear during your online banking session.
  • Stop and think about the process you normally go through to make a payment to someone – be suspicious if it differs from the last time you used it.


  • Fraudsters sometimes try to trick people into making a real payment by claiming “it’s just a test”.
  • Never give anyone your login details in full either by email or over the phone – your bank will never request these in this way.
  • Check the online banking security options your bank provides; some offer free anti-virus and browser security software.
  • Check your bank statements regularly and contact your bank immediately if you spot any transactions that you didn’t authorise.
  • When sending money via your online bank account, always double check the amount you are sending as well as the account number and sort code you are sending it to.
  • Make sure your bank has your up-to-date contact details.
  • Browsers often come with security features built in. Make sure they are activated.

Customer security checks

Different banks use different systems or authentication devices to prove that you are the genuine customer when accessing online banking services or making online banking payments. Some may issue you with a key-fob device that produces a one-time passcode.

Others may provide you with a pocket-sized card reading device that you insert your debit card into, which also produces a one-time passcode. This is also known as two factor authentication (2FA). These passcodes can then be used as one of the security steps needed to login to your online banking website or to authorise a payment.


Should I have one?

Not all banks offer these types of authentication devices. This does not mean that their online banking product is any less secure than those that do. All banks employ different types of security procedures to keep their customers safe, many of which aren’t visible to the customer but work away in the background to protect you. Check with your bank directly to understand if they offer authentication devices as part of their online banking offering.

What to do if you think you are a victim of fraud

  • If you spot unauthorised transactions on your online bank account, contact your bank immediately.

If you are a victim of fraud you have legal protection which means that you will not be liable for any losses unless you have acted fraudulently or without reasonable care.

Mobile Banking

How to bank safely on your mobile device
If you bank online and have a mobile device with an internet browser you should be able to access your bank’s website just as you would if you were accessing it on a traditional computer.

If you use a smartphone you can usually download a dedicated app (application) provided by your bank. Apps provide a similar but alternative way of accessing your online bank account and are designed for ease of use and convenience. An app is a small piece of software designed for use on smartphones and tablet devices.

However, you should always follow the advice below when downloading a piece of software onto your smartphone, especially if it is an app that requires internet access when you use it.


Here are some essential tips:

Mobile banking: If you use an app to access your online banking, only use the official app provided by your bank. If in doubt, contact your bank to check.
App stores: Only download apps from official app stores, such as Apple iTunes, Android Marketplace, Google, Play Store and BlackBerry App World. Free apps are great but downloading them from unofficial or unknown sources could lead to your device becoming infected with a virus.

Update: Keep your smartphone’s operating system updated with the latest security patches and upgrades. These will normally be sent to you from your operating system provider.

Smartphone security controls: Think carefully before removing any security controls from your mobile device.

This is known as ‘jail-breaking’ or ‘rooting’ your device which will weaken the security of your device and expose you to additional risks. Some banks may restrict or prevent you from using their service from a mobile device if it has been jail-broken or rooted.

Passwords: Do not give your mobile banking security details, including your passcode, to anyone else and don’t store these on your device. For added security you should set up a password or PIN to lock your mobile phone or tablet device.

Anti-Virus: Just like on your computer, there are anti-virus tools available for your mobile device. Consider using a reputable brand of software. Some banks offer customers free anti-virus software for their mobile phones, so check your bank’s website for more information.

Text messages and emails: Be wary of clicking on links contained in a text message or email. Don’t respond to unsolicited messages or voicemails on your phone. Your bank will never email you or send you a text message that asks you to disclose your PIN or full password.

What to do if you think you have been a fraud victim

If you spot any unauthorised transactions on your online bank account, contact your bank immediately.

If you are a victim of fraud you have legal protection which means that you will not be liable for any losses unless you have acted fraudulently or without reasonable care.

Protecting Your Computer

Whatever you use the internet for it is vital that you take a few basic steps to ensure that your computer is protected against the latest threats. Just as you protect your house with locks on windows and doors and maybe also a burglar alarm, it is essential that you protect your computer by using up-to-date anti-virus software, doing regular scans of your computer to check for viruses, installing a personal firewall as well as downloading the latest security updates for your web browser and operating system.

The three essential steps to protect your computer are:

  • Use anti-virus software and keep it up-to-date on a regular basis.
  • Install and learn how to use a personal firewall.
  • Download the latest security updates (or patches) for your web browser and operating system.

Most operating systems and internet browsers already come with various security features such as firewalls, automatic security updates and website filters. You should enable these security features. You should also consider installing additional security tools, designed to provide your computer with extra protection, such as anti-spyware and browser security software.

None of these tools alone can guarantee 100% protection all of the time but together they will considerably reduce the chances of your computer becoming infected and fraudsters capturing your sensitive information.

What is anti-virus software?

Anti-virus software is designed to prevent your computer from becoming infected withmalicious software (malware) such as viruses and Trojans. It will scan your computer and alert you if it finds any malware. If your computer does become infected, the software will attempt to remove the infection.

What anti-virus software should I use?

There are lots of different anti-virus products to choose from. None can guarantee 100% protection but they do increase your security considerably and reduce the chances of your computer becoming infected.

Some banks offer their customers free security tools such as anti-virus and browser security software. It is highly recommended that you download and use these tools. Refer to your bank for more detail on what they provide.

Why do I need to keep my anti-virus up-to-date?

Just like in the real world, fraudsters are always looking to use new techniques to help them steal something. The internet is no different. Keep your anti-virus software up-to-date to help detect and prevent new strains of malware from infecting your computer.

Watch out for Rogue Anti-Virus Software Scam

Beware of ‘rogue’ anti-virus/scare ware. This scam involves fake security pop-ups warning you of an infection on your computer. This is done to trick you into downloading malicious software which prevents your computer from running properly; you are then asked to make a card payment to have it fixed.


The fake pop-ups can look very genuine and may contain familiar wording to real anti-virus software. If you come across this scenario but are unsure whether it is genuine or not, don’t click on the pop-up, run a full scan on your computer using the anti-virus software you purchased.

Personal firewall

A personal firewall (also referred to as a desktop firewall) is a software application used to monitor and control the inbound and outbound internet traffic from a computer in order to prevent unauthorised access from intruders.

Unlike a standard firewall on your computer’s operating system, a personal firewall is able to filter outgoing connections as well as inbound. It can be set to your own personal security level preferences and will alert you of any suspicious or malicious activity, inbound or outgoing.

Public wi-fi hotspots

Public wi-fi hotspots are a very convenient way to access the internet while outdoors however, the way in which you connect to them can also be very risky. Accessing your online banking services over an unsecured public wi-fi spot is not recommended.


Here are some simple measures that you can take to stay safe whilst using public Wi-fi:

1. Pick the most secure network
Wi-fi security settings can vary, if you have a choice of connections it is recommended you connect to the one with the highest security settings such as WPA2, followed by WAP and WEP.


Most operating systems are able to show you the security level before you connect.

2. Set network location to “Public”
After connecting to public wi-fi, set your operating systems network location to a ‘Public Network’.

Your operating system may prompt you with a pop-up that has the option to do this. This security feature blocks others from accessing your files and other areas of your device.


3. Use a Virtual Private Network (VPN)
If you are regular user of public wi-fi, consider using a VPN. This creates a secure connection/tunnel between your computer and the internet.

It will prevent others from potentially snooping and intercepting your communication to a website. There are a number of free and commercial VPN products available.

4. Use HTTPShttps
It is safer to visit sites that use HTTPS as any sensitive information provided on these sites is sent in an encrypted format. This prevents criminals from intercepting the data. Look for the HTTPS or green address bar with a padlock displayed on the internet browser.


5. Use a firewall
Make sure your operating system (e.g. Microsoft Windows) firewall is enabled; the best option would be to use a personal firewall.

Browser security products

Passwords are a common way to prove your identity on websites, email accounts, online and mobile banking, as well as for social media. Using strong passwords, and looking after them carefully, is an essential part of protecting yourself from fraud.

Many websites and apps use passwords in conjunction with your username. On sites with extra levels of security, such as your online banking service, you may also use an additional form of identification such as a PIN or memorable information.

Using a weak password means you could be at risk of a criminal accessing your account to commit fraud or another crime. This could include a fraudster getting into your bank account, stealing your personal information or sending emails in your name.

How to choose a password

Creating a strong password doesn’t need to be complicated. Try using one of these methods:

  • Choose three random words and join them all together. Add numbers, symbols and a combination of upper and lower case letters to make it more complex. This is particularly necessary for those accounts requiring more than just letters.
  • Select a line in a song or a phrase you know that wouldn’t be obvious to other people. For example “life is a mystery, everyone must stand alone”, and take the first character from each word to get ‘liam,emsa’. Then add numbers, symbols and a combination of upper and lower case letters to make it more complex.

Bear in mind that some punctuation marks may be difficult to enter on foreign keyboards.

When you set a password, never:

  • Use the word ‘password’, your username, your actual name or business name
  • Choose the names of family members or pets, or any birthdays.
  • Use numerical sequences, for example 12345678
  • Choose words that would be easy to work out with a little background knowledge about you, like your favourite football team or author.
  • Pick just a single, common word, as these can be easy guessed by hacking software.

How to look after your password

With lots of different passwords for lots of different websites and accounts, it’s really important that you look after them all carefully.

  • Never disclose your full passwords to anyone, whether it’s over the phone, on email or by text. No bank, or reputable firm, will ask you to do this.
  • If you think someone knows your password, or has gained access to your account, change it immediately.
  • Use a different password for each website or account. Just using a single password means a criminal only has to crack one to access everything.
  • Don’t enter your password when others can see what you are typing.
  • Don’t just recycle password – for example password2, password3. Create a new password each time.

If you must write down your passwords to remember them, ensure you encrypt them in a way that is only understandable to you and no one else. Online password vaults or safes are also available, but always do your research first and ensure the one you choose is secure and reputable.