Security tips to protect your Internet banking
1. Use trustworthy computers
Make sure that the computer system is only used or administrated by people you trust. Never conduct banking transactions using untrustworthy computers.
2. Use security-optimised operating systems and browsers
Only use properly maintained computer systems – the latest security updates for the operating system should be installed regularly in any case. Naturally, the same applies to your browser. Enable automatic updates and phishing filters in the Internet browser. Contact your software service representative or supplier for additional information.
3. Password protection
If multiple people have access to a computer, the computer should be protected by a password so that it cannot be used by unauthorised people. The screen saver should also be protected with a password so that unauthorised people cannot gain access to the computer in the user’s absence.
4. Do not store the user password/PIN or TANs on the computer
Keep your confidential bank information in a safe place. Because data on a computer can be stolen, we expressly advise against saving this information on a computer.
5. Antivirus programs and firewall
Every computer should be equipped with a current virus scanner with regular automatic updates to protect against spyware, viruses, and Trojans and with a firewall to protect the computer system. This software must always be active in the background in order to recognise viruses in a timely manner before they can start performing their harmful actions.
It is important that the signature database, which contains the information about the viruses, is always up to date. Most programs can be configured so that this database is regularly updated automatically in the background when the computer has an active Internet connection without the user having to take any action.
6. Current updates
The operating system and the browser should always be kept up to date with the latest security measures. Manufacturers provide so-called patches or service packs for this purpose, the majority of which can be installed automatically.
7. Always enter the bank’s Internet banking address (URL) manually
Never click links from e-mails or other websites that (supposedly) lead to the Schoellerbank AG Internet banking portal. The use of bookmarks also poses a risk because they can be manipulated by hackers.
8. Check the Internet banking page
Carefully read and write down the Internet banking address of Schoellerbank AG so that you recognise it immediately the next time you log in. Always make sure that the connection is secure and encrypted. This is indicated by the padlock icon and based on the fact that the address shown in the address bar starts with “https://”. If you suspect that the connection is not secure, verify whether encryption is enabled by checking the digital security certificate. This can be done by clicking the padlock icon in your browser. You can check the validity of the security certificate here. If the address bar only contains “http://...”, this is definitively NOT a legitimate Internet banking page of Schoellerbank AG.
All secured pages start with https:// – all other web pages only have http://. Therefore, always check this part of the address before starting a transaction.
9. Avoid file-sharing programs
Apart from the legal problems associated with downloading music files (or other files whose content is protected, such as software), file-sharing programs are a primary channel for the distribution of computer viruses and Trojans.
10. Be careful when using e-mail
Unknown sender: Delete e-mails from unknown or untrustworthy sources. Do not open/execute attachments to such e-mails under any circumstances!
Links: Never click links sent in e-mails because they can be falsified, i.e. the address shown may be different than the address that is actually opened. Therefore, always manually type links into the address bar of the browser.
Check content: Check the content of e-mails purported to be from known or trustworthy sources for inconsistencies (e.g. English text from German-speaking companies; unusual, unintelligible formulations that generally instruct you to disclose private information, etc.). Here as well, it is better not to open attachments that may cause damage.
11. Check account statements regularly
Check your account statements for irregularities on a regular basis.
THE MOST COMMON METHODS OF FRAUD
Phishing
Phishing refers to a fraudulent method of obtaining confidential data using falsified e-mails and websites. The customer receives an e-mail purported to be from his/her bank in which he/she is prompted to update his/her personal access credentials.
However, the link contained in the e-mail leads to a falsified website (which often looks deceptively real at first glance). On this page, the customer is asked to enter his/her user data such as passwords, PIN codes, TANs, etc. This makes it easy for scammers to obtain and use confidential data.
Please note that we will NEVER ask you to provide your personal access credentials, PIN/password, and/or TAN by e-mail or telephone UNDER ANY CIRCUMSTANCES. The TAN (transaction number) is a security feature that is only used for the authorisation of your payment orders and is not required for logging in!
Spyware
So-called Trojans attempt to discover and forward personal information such as credit card numbers, personal identification numbers, and passwords after making their way onto your computer via an e-mail attachment. The process usually remains unnoticed by the user.
Computer hacking
In this case, someone gains access to your computer via the Internet and snoops through the files on your computer.
Warning about fraudulent activities related to mobileTAN
Various media have recently issued warnings about fraudulent activities related to “mobileTAN”.
Online banking customers receive a falsified warning via e-mail in which they are prompted to provide their personal telephone number to complete a security update.
The online banking customer then receives a text message with a “security update”, which is actually malware (a Trojan) that attempts to steal personal customer data.
In this context, we would like to note once again that Schoellerbank will never ask you to complete a security update via your mobile phone.
If you receive such an e-mail, please contact your customer advisor or the electronic banking hotline at 0800/692265.
FAQs on the topic of security
Here you can find explanations of the most important terms.
What is phishing?
The neologism “phishing” refers to a fraudulent method of obtaining confidential data using falsified e-mails and websites. The customer receives an e-mail purported to be from his/her bank (or a reputable company) in which he/she is prompted to update his/her personal access credentials.
However, the link contained in the e-mail leads to a falsified website (which often looks deceptively real at first glance). On this page, the customer is asked to enter his/her user data such as passwords, PIN codes, TANs, etc. This makes it easy for scammers to obtain and use confidential data.
How can I protect myself from phishing e-mails?
If you receive a phishing e-mail, delete it immediately. Do not click any links contained in the e-mail and do not provide data under any circumstances because such e-mails do not originate from your bank. Schoellerbank never requests confidential data such as your PIN, TANs, etc. by e-mail or telephone!
What are keyloggers?
Keyloggers are malware that record keyboard input and transmit it to the hackers.
What does spyware mean?
Spyware (keyloggers, Trojans) is incorporated into websites, e-mails, or e-mail attachments. As soon as an object infected with spyware is opened, the spyware installs itself on your computer without your knowledge. It is frequently used by data thieves to obtain confidential access credentials.
What is a Trojan?
Trojans (Trojan horses) are malware that install themselves on inadequately protected computers and run in the background – usually unnoticed. Most Trojans are designed to steal sensitive data and transmit it to the data thieves.
What are hackers?
Hackers are attackers who attempt to use targeted attacks to infiltrate a system in order to collect, modify, or delete data. Common targets for hackers include wireless networks (Wi-Fi) – if they are inadequately protected.
How can I protect my computer against viruses, Trojans, and other threats?
Never execute programs from unknown sources on your computer (e.g. from unknown websites or from e-mails).
A personal firewall and current antivirus software are essential components for every computer with Internet access. This software must always be kept up to date. The latest updates can generally be installed automatically from the manufacturer site for the antivirus software. You should also run the most recent versions of the operating system and the browser software.
Contact your computer dealer or an IT security specialist in order to make your computer secure for the Internet.