Security Awareness

What is online Fraud?

When someone poses as a legitimate company to obtain personal data and fraudulently conducts transactions on your existing accounts is online fraud. This is often called “phishing” or “pharming” the most common methods of online fraud are fraudulent emails, websites, and pop-up windows, or any combination of these.

No reputable business will ever email you requesting that you update your personal information, including account or credit card numbers, system passwords or customer identification numbers via a link to their site.

What is Phishing?

Phishing is a scam where Internet fraudsters request personal information from users online. These requests are most commonly in the form of an email from an organization with which you may or may not do business. In many cases, the email has been made to look exactly like a legitimate organization’s email would appear complete with company logos and other convincing information. The email usually states that the company needs you to update your personal information or that your account is about to become inactive, all in an effort to get you to click the link to a site that only looks like the real thing. If you click on the link to go to the phony website and enter all of your information, you’ve just been the victim of a phishing attack. The fraudsters have just captured all the necessary information to access your accounts online.

What is Pharming?

Pharming is an activity criminals use to redirect users from legitimate websites to fraudulent ones where confidential information such as credit card and bank account numbers are requested.

What is Pretexting?

You receive a phone call from someone who claims to be contacting you from your financial institution. They speak to you about your accounts and personal information in a way that suggests they must be legitimate. However, this person is actually an identity thief who has uncovered some information about you and is looking for more.

Browser Security

Turn Off Auto-Complete

Make sure that the browser is set so that it does not remember your passwords. You can set that option in the settings from one of the menus. The exact location of those settings is different for each browser.

Type Your Banking Site’s Address Directly

Don’t visit your banking web site from links. Always type the web address into the browser’s address bar yourself. This will help reduce the chance of phishing scams where people are redirected to sophisticated fake banking web sites that can look exactly like the real thing. Bookmark your Bank’s website address and use this to access the website.

Closing Your Banking Session

Always log out of your account when you are done, and also be sure to close the browser to remove additional information that may be stored in the browser

Check security symbols

When sharing personal information on a website, always look for the padlock symbol in the browser status bar. If this is not present the transmission will occur over a less secure connection.

Check the website URL

Normally the URL begins with the letters “http”. However over a secure connection the address should begin with “https”.

E-mail Security

Avoid opening any suspicious emails requesting your account information and/or password or mails from unknown senders. If you have opened any suspicious email, do not open any attachment or link it may contain, delete it.

General

After successfully logging into Online Banking, be sure to check the timestamp for the last successful login & the last login date. Ensure you protect your system by having a Firewall, which protects your PC against intrusion, an Antivirus and Adware/Spyware software program with an auto update feature. Review your account transactions regularly.

SECURITY TIPS

Protecting Your Credit / Debit Card

• Never let anyone else use your credit card / debit card
• Immediately sign the back of the new card as soon as it is received
• Always destroy your old, expired cards by cutting them up
• Keep your card in a safe place and treat it as carefully as you treat cash and/or any other financial instrument
• Carefully discard receipts from card transactions and ATMs once you have checked these against your account statement. This will help prevent others acquiring information about you and your cards.
• Make sure you get your card back every time you use it
• Never send your credit card number via e-mail
• Keep your personal information, including mobile phone number, up-to-date so we can contact you if an unusual transaction is detected
• Obtain SMS alert facility, so that you can keep a track on all yours as well as your add-on card holder’s transactions then and there
• Check your statements regularly, it is easy to do with Online Services
• Let us know immediately on +94 11 5 800 800 if you’ve lost your Card, or think it may be stolen. We will then be able to cancel the Card and prevent fraudulent transactions.

Protecting Your Card PIN / Passwords

• Never keep your PIN in your wallet, purse or diary, or record it in a way that others could understand
• Do not tell anyone else your PIN, password or security information
• Always try to cover your hand when entering your PIN at an ATM to prevent others seeing your number
• Do not choose a PIN that is easily associated with you, ex: –  your birth date, phone number or parts of your card number
• If you become aware of, or suspect your card or your PIN has been lost, stolen or disclosed, you should notify us immediately on +94 11 5 800 800

Tips on Password Security

• Create strong passwords
• Don’t use words that can be found in a dictionary
• Don’t use the same password for every site
• Do use a mix of upper- and lower-case letters, numbers, and at least one symbol
• Use Different Passwords
• Do not write down Passwords
• Do not store Passwords on Storage Devices
• Do Not Send Passwords through Email

Tips to Shop Wisely Online

Using your Card online is safe and convenient as long as you follow a simple rule. When shopping online, only use “secure” web pages when you enter your Card details. A web page is secure if there is a locked padlock in the lower right-hand corner of your browser or if the address starts with ‘https’, where the ‘s’ stands for secure. Also, it is your responsibility to practice safe computing (e.g. encryption, virus scanning software, firewall, anti-spyware software and other similar safeguards)

• When using your card to purchase on-line, look for reputable Internet stores.
• Check that the on-line merchant or store has a return and refunds policy
• If you have to use a password to access a service, make sure this isn’t easily identifiable and don’t disclose it to anyone
• If you make an on-line purchase, print out a copy of the transaction for your records. This will make it easier to check against your credit card statement
• Contact Union Bank call center on  +94 11 5 800 800 as soon as possible if an unrecognized charge or charges appear on one of your statements

Tips for using Online Banking

• Union Bank will never ask Card members to supply personal information or card account details via email / phone.
• Never accept or transfer money if you don’t know its source.
• Beware of people/organizations who are asking you to receive funds on their behalf and then transfer it to a named address.
• Beware of phone applications that can steal your personal information from the phone and disrupt your SMS messages.
• Do not install or download applications on your mobile phone from unauthentic websites. Always download from the relevant play store and look for the publisher name.
• Always keep an updated antivirus on your phone and computer to protect your information.

Tips for Using ATMs

• Observe your surroundings before using an ATM
• Take a friend with you – especially at night
• Do not allow a stranger to assist you while using an ATM.
• Have your card out and ready to use
• Shield the screen and keyboard so anyone waiting to use the ATM cannot see you enter your PIN or transaction amount
• Put your cash, card and receipt away immediately. Count your money later, and always keep your receipt
• If you see anyone or anything suspicious, cancel your transaction and leave immediately
• If anyone follows you after making a transaction, go to a crowded well-lit area and call the Police
• When using a drive-up ATM, make sure all passenger car doors are locked and windows are up
• Do not leave your car unlocked or engine running when you get out to use an ATM
• While many ATM’s are available 24 hours a day, some may be open only during local business hours. To be on the safe side, plan your withdrawals ahead of time
• Look out for unfamiliar fixtures on ATMs. These fixtures will not appear to be part of the normal ATM, or are attached to the slot where you insert your card. If you notice something suspicious don’t use it and report it to the Bank immediately

Tips for when using the cards overseas

• When you are planning a holiday make sure, you inform your bank on your travel plan along with the updated contact details.
• Obtain SMS alert facility so that you are aware about all transactions made from your card.
• Keep receipts of all transactions performed during your overseas stay, so that you can verify your transactions upon receiving the statement
• Do not keep card and pin together
• Always carry some spare cash with you, in case of an emergency
• Make sure you have the emergency 24-hour telephone numbers for your cards with you, so you can report any theft or loss immediately

How to Dispute a transaction on your Debit Card

• If you notice any unidentified or unauthorized transaction on your debit card, you may call the bank customer service hot-line for further information on the transaction. If you are still not convinced, you may request to dispute the transaction.
• Any transaction that you disagree with, must be communicated to the bank within 20 days of the Account Statement generated date. Any transaction notified to you by the bank via SMS alert is deemed as a transaction acknowledged by you.
• Resolving your dispute may involve a charge-back with the respective merchant and the Acquiring Institute. Such charge-back is bound by the rules and timeframes set by VISA network organization.
• If you agree to have performed the transaction, but you require the transaction to be canceled, or believe that a credit is due to you from the merchant, obtain all supporting documents that would support your dispute case. Always attempt to directly resolve the transaction dispute with the merchant you transacted with, prior to complaining the same to the bank.