down-arrow icon

Web security on your computer

Learn about web security and the simple steps to protecting yourself

minus icon plus icon

As technology becomes more sophisticated, so do the capabilities of those who want to do you harm online. Web security is a concern for everybody, particularly if you do things like banking and shopping online.


There are steps you can take to enhance your web security and make sure that you’re doing the best you can to protect yourself from harm. Our guide takes you through key elements of web and computer security so that you can stay safe.


1. Online Banking

Banking online or on your mobile has made everything so much easier. Take a few precautions and it’ll be safer, too.

Never share your online banking login information with anyone 
In particular your full online banking PIN

Make sure you are not being watched
When you enter your passwords or PINs into online accounts in a public place, shield your screen and make sure no one is watching you or trying to distract you. Consider getting a screen privacy protector that hinders what people can see when looking at your screen from an angle

Monitor your accounts on a regular basis
Check for suspicious transactions – if something doesn’t look right, report it

Monitor your list of online payees regularly
Treat any unexpected requests to change or update your payee details with caution and make sure that the request has come from a company or person you trust

Always logout completely from your online banking session
Select the log out button rather than just closing the website or app

Use secure websites (https)
When you enter your login details or personal information, be sure the web page you are viewing offers encryption of your data by checking:

  • The web address (URL) has changed from ‘http’ to ‘https’
  • That a closed padlock icon is present
  • Your browser address window may be green
2. Staying safe using email

Fraudulent Emails

Fraudsters sometimes send emails pretending to be from a reputable company in an attempt to get personal information (username, PIN and credit card number, for example). This is known as phishing.

Some email scams have become much more sophisticated and are personalised to target certain people. These emails are personally addressed, well-written and look and sound professional. This is knows as spear phishing.

Tips

  • Be suspicious of unsolicited emails. Listen to your instincts. If something doesn’t feel right then stop and question it.
  • Never reveal your banking details or other personal information if you get asked by email.
  • Check links in emails are legitimate by ‘hovering’ your mouse over the link to view the web address (URL) without clicking. If it is different to what you were expecting, do not click.
  • Consider having different email addresses for different purposes – one for your bank to use, another for family and friends and perhaps a different address for online newsletters.

How to report a suspicious email

  • Call the sender to check they sent the email. If possible, use a number in a directory or on their website rather than the same number contained in the email.
  • Do not reply to the email, fill out any forms or follow any of the instructions.
  • Do not click on any links as they may try to direct you to fake websites.
  • Do not open attachments as they may infect your computer with malicious software.
  • Forward suspicious emails claiming to be from Post Office Money to 365security@boi.com and then delete.

Your email address can be found from publicly available sources or through randomly generated lists. So, if you get a fake email that appears to be from Post Office Money, this does not mean it really is from us.

3. Password safety and security

Use strong passwords to protect your information and identity. The best security in the world is useless if a fraudster can guess your username and password.

Strong passwords can take years to crack. Weak passwords can be cracked in less than 5 minutes.

What makes a strong password?

More than 8 characters
Having a long and complex password makes it difficult for hackers to decipher

Varied
Random words made up of upper and lowercase letters, numbers and symbols

Unique
Don’t use the same password across accounts, as one successful attack can mean all your accounts could be opened

Easy for you to remember
But difficult for someone to guess (i.e. avoid birthdays)

 

Password suggestions:

Replace letters with numbers and symbols
Use a movie title or character you like, for example SP!D3Rm@n – a variation of Spiderman

A line of a song
One that other people would not associate with you- fly1ngw1Th0Utw!nGs!

A phrase known to you
“Consider yourself at home” and take the first character from each word- CYAH – then combine this with numbers and symbols - C.2!Y64a?H@

 

Tips:

  • Never share your usernames or passwords
  • Never allow web browsers (for example Google Chrome and Internet Explorer) to remember your passwords - you put your information at risk
4. Protecting your computer or device

Protect your devices - mobiles, tablets, laptops or PCs. Safeguard against being infected with malicious software and from potentially serious consequences, like fraud and identity theft.

Make sure you have up-to-date anti-virus software
Schedule regular checks on your computer system

Keep the software on your device up-to-date
Install the latest software update as soon as you get a prompt to update

When downloading apps, go directly to a legitimate source
For example use the official App store or the Play store and be cautious when downloading apps accessed by clicking on a link

Remotely wipe  your smart phone or tablet if it’s lost or stolen
This will prevent sensitive information from falling into the wrong hands

Secure access to your device
Use a strong PIN, password, passcode or fingerprint detection to access your device

Clear all information on your device before selling it
Know how to recognise the signs that your computer may have become infected, like:

  • Applications that don’t work properly
  • Date of last login doesn’t match the date you last logged in
  • System slows down, freezes or crashes
  • Unusual error messages
  • Your browser toolbar changes
  • System performance deteriorates unexpectedly
  • An increase in the number of files on the system when you haven’t added anything
  • Printing does not work correctly
  • Distortion on screen
  • File size changes for no apparent reason

If you suspect that your device may be infected
Do not log on to any online banking channels until any malicious software has been removed.

5. Staying safe online

Consider these simple steps to shop online with confidence.

Is the website safe?

  • Always go directly to the site or access it via a search engine (like Google or Bing) first
  • Never follow links on websites or in emails if you are suspicious
  • Make sure the web address is what you expected (check for incorrect spelling)
  • Be sure the web page you are viewing offers encryption of your data by checking:
    • The web address (URL) has changed from ‘http’ to ‘https’
    • A closed padlock icon is present
    • Your browser address window may be green

Always make sure you are buying only from reputable retailers, whether from personal experience or trustworthy recommendations. If it is not a well-known shopping site, do some research and look for independent reviews rather than trusting testimonials on the site itself.

6. Social Media

Social media has changed the way we communicate, but the more information you post online, the more you put yourself at risk. For example, if a fraudster gets your full birth date and place of birth, they could try to use this information to access your accounts.

What goes online stays online

To protect yourself and your information, take care when using social media.

Privacy and security settings
Learn about and use the privacy and security settings on social networks. They are there to help you control who sees what you post, and to manage your online experience in a positive way. Do not rely on default settings.

Keep personal information personal
Be cautious about how much personal information you give on social networking sites. The more information you post, the easier it may be for a fraudster to use that information.

Make passwords long and strong
See the passwords section for more information.

When in doubt, throw it out
Links in messages, tweets, posts, and online advertising may contain malicious content. Even if you think you know the source, if something looks suspicious delete it. For more information see Identity Theft.      

7. How we protect you

Logging on

  • When you log on to your account, we will ask for your own private and individual User ID and password as well as a personal detail question. This information is encrypted during transmission and will remain a secret as long as you do not share it with anyone.

Access to data

  • Our website is protected by a firewall, which forms a barrier between the outside internet and the internal bank network. This helps to ensure the protection of your information.

Online activity

  • Your name, address and full bank account number will never appear on screen
  • The details of the person you’re paying will appear on screen and in the receipt which you can print off when the bank confirms your instruction to make a transfer or pay a bill

Authorising payments

  • Payments are authorised using a digital certificate and password

Logging out

  • If you haven’t used it for a short while, your banking session will automatically timeout – to restart your session, just re-enter your login details at the login screen