General Security Guide Common Fraud Scenario Using Internet Banking Safely

General Security Guide

  • Keep your details safe
  • Be cautious when providing information to others
  • Beware of scam emails or phishing websites
  • Check your bank statements carefully
  • Strengthen the security of your mailbox

Safeguard your personal information and belongings, including ATM cards, credit cards, cheque books, identity documents, passwords, etc. This will protect you from identity theft, online fraud, card fraud, and more.

Keep your details safe

Safeguard your personal information and belongings, including ATM cards, credit cards, cheque books, identity documents, passwords, etc. This will protect you from identity theft, online fraud, card fraud, and more.

Be cautious when providing information to others

Whenever someone request for your personal information, either through phone calls, SMS texts or emails, be cautious and do not respond to these kinds of communications until you have ascertained they are genuine.

Beware of scam emails or phishing websites

Fraudsters may send out scam emails, which may contain attachments or hyperlinks. Do not open them if you are in doubt, as this is a common trick used by fraudsters to install trojans or spyware to intrude your computer for personal information.  

Check your bank statements carefully

You should check your bank statements carefully, if you spot any transactions you do not recognised,contact us immediately.

Strengthen the security of your mailbox

Recommend to strengthen the security of the mailbox. This can prevent fraudsters from stealing your letters containing personal information, such as bank statements, credit cards, or tax assessment notice. If you have not received the scheduled letters in time, please contact the relevant organizations immediately.

 

Back to the top

Common Fraud Scenario

  • Email scam
  • Telephone deception
  • Identity theft

Email scam

Fraudsters may make use of the convenience of emails to deliver fictitious information to disguise potential victims. Email fraud may take several variations such as:

  1. Inheritance or Lottery scam: Fraudsters may claim the victims have been nominated as the successor of a huge amount of inheritance or have won a big prize, however, they have to pay an advanced fee before getting the sum;
  2. Product promotion email: Fraudsters may disguise victims by claiming there is a special promotion, and include some attachments or hyperlinks in the content. Once the victims opened them, the victims' computers may be infected by trojans or spyware, and risk the loss of personal information;
  3. Acting as well-known organizations: Fraudsters may use an email domain which is very similar to that of the real organizations, such as banks, government departments, or large corporations, in which they may request to confirm personal details with the victims, including account number, passwords, etc.;
  4. Acting as trading counterparts: A variation of the above, fraudsters may act as a trading counterpart of a corporation, and request the victims to settle the invoice balance to another account which has not been used before.

Whenever you have received any suspicious emails, it is strongly recommended not to open any attachments or hyperlinks inside, and delete it immediately. Please be cautious if you suspected the identity of the sender. Report to police if necessary.

Telephone deception

Common telephone deception cases may take the following forms:  

  1. Fraudsters contacted the victims, use various reasons to disguise the victims to make a transfer or remittance to a designated account;
  2. Callers claim the victims have won a prize, and request them to redeem at a designated place, when the victims in presence, they may be persuaded to purchase under hard sell tactics;
  3. Callers claim as bank staff and trying to confirm details with the victims, who then collect personal information for identity theft.

Be cautious when received calls from unknown persons, never provide any personal information before assuring the calls are genuine. Report to police if necessary.

Identity theft

Identity theft occurs when fraudsters collect the victims' personal information through various channels without consent, such as through pick-pocketing, stealing the letters from mailbox, etc. They will then pretend as the victims to apply bank account, make withdrawal or transfer, apply loans, unauthorized use of credit cards, etc.

Beware and well protect of your personal belongings and information.

 

For enquiries, please contact our Customer Services Hotline at (852)398 95559.

Back to the top


Using Internet Banking Safely

  • Four Internet Security Measures
  • Protect your Password
  • Important Note
  • Using Internet Banking at safety place
  • Protect your computer
  • HKAB: Security guideline

 

Four Internet Security Measures

Secure Socket Layer (SSL) & Strong Encryption (128 bit)

When using Internet Banking via Internet, all account and transaction information will be encrypted by SSL encryption technology.

Automatic time out

The Internet Banking system has an automatic log-off function. The service will automatically log off after 30 minutes account inactivity so as to prevent unauthorized access of customers account. Automatic time-out function will be valid even if there are transactions in progress.

Personal Identification Number (PIN)

  • Unique Internet Banking number and password is required to access Internet Banking and the account will be locked if incorrect password has been entered 5 times consecutively in order to protect our customers' interest.
  • Our bank or our agents/business partners will never ask for your PIN or passwords by e-mail or any other means. Please do not access your internet banking account through hyperlinks embedded in emails or from other search engines. If you have any queries, please call our customer service hotline at 398 95559.

Digital Certificate

Our bank website has a digital certificate issued by VeriSign Corporation. To ensure that you are connecting with Bank of Communications, Hong Kong Branch, you can find a small 'lock' or 'key' icon (Security padlock), in the bar at the bottom right corner of your Web browser. Double clicking the security padlock, you can verify the website's authenticity by viewing the web certificate issued by VeriSign.

Protect your Password

Keep your password safety and do not reveal your password to anyone else

  • Create a password with a combination of letters and numbers. Do not use the easily guessable password, such as telephone number, birthday, ID number or any personal associated numbers.
  • Do not write down or record the PIN without disguising it.
  • Do not use the same password in accessing other Internet services.
  • Do not reveal your password to anyone else (including our bank staff and police).
  • Do change your password regularly, such as every 30-day. If you suspect your password has been known by someone else, you should change it immediately; if you cannot change your password through internet, please contact our Customer Services Hotline at 398 95559.
  • Our bank or our agents/business partners will never ask for your PIN or passwords by e-mail or any other means. Please do not access your internet banking account through hyperlinks embedded in emails or from other search engines. If you have any queries, please call our Customer Services Hotline at 398 95559.

Important Note

Do click [Logout] button to exit the service upon completion of banking transactions.

  • Never leave your Internet Banking session unattended. Do click [Logout] button to exit the service upon completion of banking transactions.
  • Customers must access to the Internet Banking viawww.bankcomm.com.hkand use your personalized User Name and Password to login.
  • During the Internet banking logon process, the bank will not ask you to provide your personal information or enter any numbers displayed on the web to the security device to obtain security code.
  • Follow this document when conducting Internet banking transactions.
  • Do not disclose your personal information if you have any doubts about the websites.
  • Do not access our bank website through the hyperlinks embedded in emails.
  • Check your account statement, transaction history and account balance regularly, and contact us immediately if you have any doubts about the account transactions.
  • Do not download software from unknown websites.
  • Avoid using the same computer with others, or clear the history if it is unavoidable.

Using Internet Banking at safety place

Do not access Internet Banking Service from public places

  • Do not access Internet Banking Service from public places or from shared computers such as those in cyber cafes. You never know what malicious programs might be installed on the PC you use there.
  • Enter your password and account information under secure environment when you are using Internet Banking.

Protect your computer

Install a personal firewall on your computer

  • Install a personal firewall on your computer. Personal firewall software is designed to prevent hackers from accessing the computer it is installed on. Installing a personal firewall is recommended especially if you are using a broadband connection. When installing such software, follow the manufacturer's recommendations for a 'conservative' accesses control.
  • In order to prevent computer virus invasion, customer is recommended to install anti-virus software and update its version regularly.
  • If any unusual screens pop up and/or the computer responds unusually slow, customers are advised to log out from the Internet banking and scan the computer with the most updated version of virus protection software.

HKAB: Security guideline

To learn more about Internet Trading Security , you can also get more information from the leaflet released by The Hong Kong Association of Banks - "INTERNET BANKING-KEEPING YOUR MONEY SAFE".

Back to the top

 



© Bank of Communications Co., Ltd. Hong Kong Branch (A joint stock company incorporated in the People’s Republic of China with limited liability). All rights reserved.