You, your computer and the internet
May 2004
Practical Tips
Millions of people are now taking
advantage of internet banking and the
convenience of being able to control
their finances at any time, anywhere.
Most banking and investment services
are available online – all you need to do
before you log on is take a few simple
precautions.
Keeping your
money safe
1. You
Be alert – be wary of opening unexpected e-mails
with attachments and never click on a hyperlink in
a suspicious e-mail. Do not visit suspicious websites.
Only download software from trusted sources.
Do not disclose your personal information online
(e.g. HKID, address, bank account/credit card
number, user ID/password) unless the site is both
trustworthy and reputable.
Check the website’s privacy policy statement and
statement on security safeguards before providing
personal data to the website.
3. The internet
Always disconnect from the internet when not using
it.
Do not conduct transactions online unless the
website is both trustworthy and reputable.
4. Internet banking
Select personal identifiers (e.g. user ID/password)
that are easy to remember but difficult to guess –
do not use your birthday, telephone number, names
of family members or common names (such as girls’
or boys’ names and cartoon characters’ names).
Do not disclose your password to anyone (including
bank staff and the Police) and do not record it
anywhere.
Do not use your internet banking user ID or
password for other online services (e.g. e-mail,
internet access).
Never use links in e-mails or internet search engines
to log on to internet banking. Always type the
address into your browser or bookmark the genuine
website and use that to access your bank account.
Banks’ website addresses can be obtained from the
websites of HKAB and the HKMA.
Change your online passwords regularly.
2. Your computer
Take personal responsibility for protecting your
computer – limit the number of people who can
use it and set your own password for your computer
if it has this facility.
www.hkab.org.hk
Install personal firewall software and anti-virus
software. Regularly download updates to your antivirus software, operating system and internet
browser.
Close all browser windows before logging on to
internet banking to protect your financial
information from unauthorised access from another
website.
Disable your browser’s “AutoComplete” function.
On some browsers this function remembers the data
you input. Refer to your browser’s “Help” function
if needed.
Always log off after an internet banking session.
Never access your internet banking website from a
public computer (e.g. cybercafé).
Check your bank balance and transactions regularly
– with internet banking you can do this 24 hours a
day. Notify your bank immediately if you discover
any errors or unauthorised transactions.
Review regularly and follow security tips published
by your bank.
When a website claiming to originate from a
bank looks suspicious to you, contact the HKMA
(hotline: 2878 8222) or the Police.
5. Types of attack
There are various ways in which internet banking
customers are being approached by third parties to
gain access to their banking details. Some of these
methods include:
Fraudulent or spoof websites – where customers
are asked to input their personal information,
mistaking it to be the bank’s genuine website.
Phishing – normally a spam e-mail containing a
hyperlink to a log-on page, which requests online
banking passwords. The page appears to be an
official website but is actually a spoof website.
Trojan software – a malicious code attached or
embedded in software that is planted in a
customer’s PC by a fraudster to access the
customer’s personal information. A form of Trojan
is “key-loggers” which monitor and record the
keystrokes when a person types on the keyboard
(e.g. user ID and password). This information can
be passed back to an unauthorised person.
Follow the advice in this leaflet to protect
yourself.
Banks and the Police will never ask you for your
password or send you e-mails for the information.
If you receive such a request, contact your bank
immediately.
What are personal firewall software and anti-virus
software?
These help block hackers and viruses from getting
into your computer. Anti-virus software needs to be
updated regularly to detect new viruses. Products
available vary in features, support and price (certain
products offer a free version for home use but with
less features and support). More information can be
obtained from vendors and the internet.
Enquiries
For any enquiries about internet banking, please
contact your account-holding bank.
Useful links
• Hong Kong Association of Banks (HKAB):
www.hkab.org.hk
• Hong Kong Monetary Authority (HKMA):
www.hkma.gov.hk
• Information Technology Services Department:
www.infosec.gov.hk/english/general/protect/index.htm
• Hong Kong Police Force:
www.info.gov.hk/police/hkp-home/english/tcd/index.htm
• Consumer Council:
www.consumer.org.hk
Issued by the Hong Kong Association of Banks and endorsed
by the Consumer Council, the Hong Kong Monetary
Authority and the Hong Kong Police Force.
You, your computer and the internet
May 2004
Practical Tips
Millions of people are now taking
advantage of internet banking and the
convenience of being able to control
their finances at any time, anywhere.
Most banking and investment services
are available online – all you need to do
before you log on is take a few simple
precautions.
Keeping your
money safe
1. You
Be alert – be wary of opening unexpected e-mails
with attachments and never click on a hyperlink in
a suspicious e-mail. Do not visit suspicious websites.
Only download software from trusted sources.
Do not disclose your personal information online
(e.g. HKID, address, bank account/credit card
number, user ID/password) unless the site is both
trustworthy and reputable.
Check the website’s privacy policy statement and
statement on security safeguards before providing
personal data to the website.
3. The internet
Always disconnect from the internet when not using
it.
Do not conduct transactions online unless the
website is both trustworthy and reputable.
4. Internet banking
Select personal identifiers (e.g. user ID/password)
that are easy to remember but difficult to guess –
do not use your birthday, telephone number, names
of family members or common names (such as girls’
or boys’ names and cartoon characters’ names).
Do not disclose your password to anyone (including
bank staff and the Police) and do not record it
anywhere.
Do not use your internet banking user ID or
password for other online services (e.g. e-mail,
internet access).
Never use links in e-mails or internet search engines
to log on to internet banking. Always type the
address into your browser or bookmark the genuine
website and use that to access your bank account.
Banks’ website addresses can be obtained from the
websites of HKAB and the HKMA.
Change your online passwords regularly.
2. Your computer
Take personal responsibility for protecting your
computer – limit the number of people who can
use it and set your own password for your computer
if it has this facility.
www.hkab.org.hk
Install personal firewall software and anti-virus
software. Regularly download updates to your antivirus software, operating system and internet
browser.
Close all browser windows before logging on to
internet banking to protec t your financial
information from unauthorised access from another
website.
Disable your browser’s “AutoComplete” function.
On some browsers this function remembers the data
you input. Refer to your browser’s “Help” function
if needed.
Always log off after an internet banking session.
Never access your internet banking website from a
public computer (e.g. cybercafé).
Check your bank balance and transactions regularly
– with internet banking you can do this 24 hours a
day. Notify your bank immediately if you discover
any errors or unauthorised transactions.
Review regularly and follow security tips published
by your bank.
When a website claiming to originate from a
bank looks suspicious to you, contact the HKMA
(hotline: 2878 8222) or the Police.
5. Types of attack
There are various ways in which internet banking
customers are being approached by third parties to
gain access to their banking details. Some of these
methods include:
Fraudulent or spoof websites – where customers
are asked to input their personal information,
mistaking it to be the bank’s genuine website.
Phishing – normally a spam e-mail containing a
hyperlink to a log-on page, which requests online
banking passwords. The page appears to be an
official website but is actually a spoof website.
Trojan software – a malicious code attached or
embedded in software that is planted in a
customer’s PC by a fraudster to access the
customer’s personal information. A form of Trojan
is “key-loggers” which monitor and record the
keystrokes when a person types on the keyboard
(e.g. user ID and password). This information can
be passed back to an unauthorised person.
Follow the advice in this leaflet to protect
yourself.
Banks and the Police will never ask you for your
password or send you e-mails for the information.
If you receive such a request, contact your bank
immediately.
What are personal firewall software and anti-virus
software?
These help block hackers and viruses from getting
into your computer. Anti-virus software needs to be
updated regularly to detect new viruses. Products
available vary in features, support and price (certain
products offer a free version for home use but with
less features and support). More information can be
obtained from vendors and the internet.
Enquiries
For any enquiries about internet banking, please
contact your account-holding bank.
Useful links
• Hong Kong Association of Banks (HKAB):
www.hkab.org.hk
• Hong Kong Monetary Authority (HKMA):
www.hkma.gov.hk
• Information Technology Services Department:
www.infosec.gov.hk/english/general/protect/index.htm
• Hong Kong Police Force:
www.info.gov.hk/police/hkp-home/english/tcd/index.htm
• Consumer Council:
www.consumer.org.hk
Issued by the Hong Kong Association of Banks and endorsed
by the Consumer Council, the Hong Kong Monetary
Authority and the Hong Kong Police Force.