Phishing is a type of fraud that aims to acquire your Internet Banking ID or Credit Card details.
Fraudsters contact you with various pretexts and try to acquire your important personal information such as your credit card numbers, PINs, account details or other information. The fraud is committed online via junk e-mails or pop-up windows. A phishing scam received via e-mail generally seems to be sent by secure sites such as popular websites or by your bank or credit card company. However, they are sent by fraudsters who send millions of e-mail messages.
Phishing Fraudsters particularly aim to acquire the Credit, Debit/ATM Card Numbers/CVVs (Card Security Code) and PINs as well as user codes and PINs used to sign in for internet banking transactions.
How to Avoid Phishing Scams?
Actions taken by ING Bank to provide you with secure Internet Banking Services:
1. Your transactions are secured by us with the Single-Use Security System, a security system based on single-use PIN that automatically becomes invalid after it has been used once.
2. We provide you with the opportunity to determine your limits per transaction for Money Transfers.
3. Our ‘Account Restriction’ application enables you to restrict your accounts in a way that your account can be displayed in your Personal Internet Branch but no financial transaction is allowed or your account is not displayed at all.
4. The “Authority Definition” application enables you to select one of the four authority levels and change your selection afterwards.
5. Our “Date/Time Restriction” application allows you to determine the date and time intervals when you wish to use Internet Banking, or when your Personal Internet Branch will not be activated.
6. A warning message is displayed when you enter the wrong user code or PIN. We provide you detailed information about when and with which IP address the erroneous logins are made. When you enter the wrong PIN three times, your PIN is automatically blocked. You can get a new PIN through Telephone Banking or from our branches.
7. With the “IP Restriction”, you can determine a permanent IP address or an IP range via which you can connect our Internet Branch and restrict access to your Internet Branch from different IP addresses.
8. Virtual Keypad is used by our bank for your PIN logins. Therefore, your PIN which is your most valuable personal information is protected from malicious programs such as key-loggers.
9. We use “secure login”. (Our Internet Branch is not opened as a standard http login but as a secure https login.) While using an https protocol, a closed padlock will appear in the bar at the bottom of your browser. When you double-click on this padlock, a certificate window will pop and you should see the address “esube.ingbank.com.tr” under the “title” field.
10. We renew our technology. We constantly update and support our technology with security patches in order to protect it from outside threats. (Your information is stored in the system by several firewall shields, and our system is constantly scanned against the most up-to-date virus software.)
11. If your Internet Banking Login is left open without making any transactions for 3-4 minutes, we confirm whether or not you want to continue your Internet Banking transactions by opening a pop-up window instead of automatically signing you out.
12. A 128 bit-encryption program is used for our Internet Branch. In addition to the encryption over the browser, the security and safety of our customers and our bank is supported by encryption over the server.
What you should do:
1. ING Bank never asks for your personal information or PIN by e-mail. Please immediately contact your bank if you receive such requests.
Do not click on the links in phishing e-mails as displayed above and immediately delete those messages. If you click on the address extensions and enter your information in those bogus sites please contact the nearest ING Bank branch or our Telephone Banking at 0850 222 0 600.
2. Whenever you want to use our Internet Branch, type www.ingbank.com.tr on the address bar.
3. Do not use the links received by e-mails or links on other sites, including search engines.
4. Confirm that the messages sent to your e-mail are genuine. Immediately delete the messages received from unknown people and never reply to them.
5. When making online transactions, ensure that the web page you are using is secure. Control whether or not the address written in the address bar on top of your browser is “https://” The letter “s” indicates that the page is secure and processes with various encryption methods. Additionally, the closed padlock icon at the bottom of your internet browser means that you are on a secure and encrypted webpage. In case of suspicious situations, double click on this padlock and control whether the popping certificate window includes the statement “www.ingbank.com.tr”
6. If you encounter internet addresses that include numerical characters, check before using them.
7. Never make online transactions on unsecure Networks.
8. Use the most up-to-date antivirus software and continuously scan your computer against viruses. Do not forget to download the security patches of your operating system and update your antivirus software.
9. Use complex and different PINs for all your accounts and e-mail addresses, and change those PINs periodically.
10. You can protect your PIN from key-loggers by using the virtual keypad. Attackers might take control of your computer with some “small” software and use it during bigger attacks whenever they want. Obtain anti-spywares in order to avoid various spywares such as key-loggers. Update those programs continuously and control your computer periodically.
11. One of the most important ways to protect your computer from such risks is to have a Firewall program. Firewall software builds a barrier between your computer and malicious users. Firewall controls the data and documents sent to you by various channels, including e-mails, and it prevents inconvenient or suspicious data entries.
12. Do not open e-mail messages sent by unknown people; avoid opening any .ini and .exe files and links sent to you by various channels such as IRC or e-mails for any reason whatsoever.
13. Do not share your PINs with anyone.
14. Do not use PIN combinations that could easily be guessed such as your birthday, repeated numbers (11111) or sequential numbers (123456). Change your username and PINs periodically. Such periodic changes will enhance your security.
15. When downloading any programs, do not accept the installation before carefully reading the license agreements. Freewares generally bring small spywares along with them. After downloading the program or file, scan the file against viruses before installing the program.
16. Try not to use multi-user environments such as internet cafés for your banking transactions.
17. Do not share your PINs and personal information with third persons, including our Bank’s personnel. Do not note or save your PINs and usernames anywhere.
18. Make sure that nobody sees your username and PIN when you log in.
19. Keep the documents that include your personal information in unshared and secure areas, particularly if you are using file sharing programs
20. Nearly all browser programs may remember your profile data to facilitate use. This structure is called Auto-Complete and poses risks for users, if different users are using the same computer. Turn off the Auto-Complete function of your browser program particularly in computers used by multiple users such as at schools, offices etc.
21. Thoroughly examine the breakdown of your debit and credit card statements in order to prevent fraudulent purchases. Provided that you detect any expense that does not belong to you, report it to our bank even if the amount is very small. You can also check your statements over our Internet Branch.
22. Check your account activities, and contact our Telephone Banking at 0850 222 0 600 or our branches in case of abnormal situations. 23. After completing your transactions in Internet Branch, do not close the page by clicking the Close (x) button, but use the “Logout” button. 24. Use the additional security applications of our Internet Branch such as Single-use Security System, Authority Identification, IP Restriction, Account Restriction, Date/Time Restriction etc.