How to protect yourself online
In our view, there are a few key rules that offer the most protection online for the least amount of effort.
They are not all the measures you can take, but they are an excellent start – and they apply equally to business owners and to private individuals.
What you should always do
- Make sure you have the latest security updates and patches
From time to time, weaknesses are discovered in programmes running on your computer. These weaknesses can be exploited by virus writers and hackers to gain access to computers that have not been patched. As such, publishers will release 'patches' from time to time to correct these weaknesses.
To check for patches and updates you should visit the publisher's website, typically their 'Download' section. Generally, the latest versions of an operating system family (like Microsoft Windows) or browser (like Internet Explorer, Firefox etc) is the most secure.
Microsoft users can visit: http://windowsupdate.microsoft.com which can automatically check what is required for both your operating system and browser and then download it at your request. - Install anti-virus software
You may already be using anti-virus software but to be effective, the software should be updated on a regular basis with the latest virus definition files. If you are unsure how to do this, you should refer to the program's Help function.
Any file with no extension or a double extension, e.g. wow.jpg.pif is almost certainly a virus and should never be opened. Also, never open an e-mail attachment that contains a file ending with .exe, .pif and vbs as these are commonly used with viruses.
There are many effective programs to choose from, but the most common commercial products include McAfee, Trend Micro, Sophos, Symantec, F-Secure and Jaspers.
It is also possible to obtain free anti-virus protection from Microsoft Security Essentials, Grisoft AVG Anti-Virus, Antivir, ALWIL Avast and ClamWin. However, be sure to visit the genuine site as there are many fake products claiming to protect your computer but which may actually infect it with viruses. - Use a personal firewall
A personal firewall is another small program that helps protect your computer and its contents from outsiders on the internet. When installed and correctly configured, it stops unauthorised traffic to and from your computer.
There are many effective programs to choose from. Common commercial examples include Windows Firewall and Check Point Zone Alarm (free), McAfee Personal Firewall and Norton Personal Firewall. - Use an anti-spyware program
Spyware is the term used to describe programs that run on your computer which monitor and record the way you browse the Internet and the sites you visit. It is sometimes used to monitor your online behaviour to generate market research data. But it can also be downloaded without your consent or knowledge and used to see personal information that you have entered online, including passwords, telephone numbers, credit card numbers and identity card numbers.
Anti-spyware programs currently available include AdAware, Microsoft Defender (free), Spyware Blaster, Spy Sweeper, Sunbelt Software Counter Spy. Again, be sure to visit the genuine site as there are many fake products claiming to protect your computer but which may actually infect it with viruses. - Block spam e-mail
Some spam is annoying but harmless. However, much of it can also be used to launch phishing attacks, inviting you to click on links that will then download malware to your computer or direct you to a fake website. If you receive any e-mail from an unrecognised source, you should delete it without opening it. You should also be able to activate a spam filter which will automatically route all such mail to a separate inbox. Deleting unwanted spam without reading it will also protect you from most phishing e-mails.
HSBC will never send you an unsolicited e-mail containing a link to any of its log–on pages. If you receive one, it will not actually be from the bank and should be deleted immediately. - Be alert to potential fraud
Be aware that there are fake websites designed to trick you and collect your personal information. Sometimes links to such websites are contained in email messages purporting to come from financial institutions or other reputable organisations such as HMRC/IRS. Never follow a link contained in an email – even if it appears to come from your bank. Always use a known web address or a 'Favourite' link to bank pages. - Keep your passwords secure
Your HSBC Internet Banking password, together with your other internet banking credentials, permit access to your bank accounts. When creating passwords, remember the following things:
Keep them to yourself
Do not be tempted to share your passwords with anyone. No one at HSBC will ever ask you for your Internet Banking password. If someone does ask you for it, they do not represent HSBC.
Make them hard to guess
Passwords containing upper and lower case letters, numbers and symbols are far harder to guess. Do not be tempted to use passwords based on your name, your date of birth, telephone numbers, sequential letters or numbers etc.
Vary them
Try to use different password for different services.
Change them regularly
Change your passwords regularly, and contact us immediately if you think someone else knows your Internet Banking password.
Never write them down
If you really need to record your password, then use a code system or transpose some of the letters. - Be careful where you go online
Avoid using Internet Banking (or any other internet services that require passwords) at internet cafés, libraries or any other public sites to avoid the risk of information being copied and abused after you leave. - Always log off
Remember to log off from Internet Banking and close your browser when you have finished your online banking. This will clear all traces of your visit from the computer's memory. - Password-protect your computer
This will prevent other people from using it if it is left unattended or stolen. - Disable the 'AutoComplete' function within your browser
The 'AutoComplete' function on your computer stores information that you have previously entered, eg: addresses and passwords. Typically, the browser's own Help function will tell you how to do disable the function. - Don't use administrator mode
It's a good idea not to use your computer in administrator mode because anyone who gains access to it will then have almost unlimited rights to see stored data or download software – including viruses. It's far better to make a user account and log in with that for day–to–day use. - Secure your wireless network
A wireless network allows you to connect your computer to the internet without having to use a cable. It typically contains a wireless router which uses radio signals to transfer data to computers within the network. Wireless routers come preset to very insecure settings to help users connect to them for the first time – but this also means that other people could access your internet account quite easily. For this reason, you should always consult your manual or online guide to find out how to connect more securely through your wireless network – usually by creating a password. - Take care offline
Remember that you can protect yourself even when you're not using your computer.- Read your statements
Review your bank and credit card statements for any unusual transactions or withdrawals and notify the bank immediately if you suspect any discrepancies. - Keep us informed
Tell us of any changes in your personal details (eg address change). - Keep your paper records safe
Store your bank documents such as statements and cheque books and any other documents, like bills, that contain personal information in a safe place. Always shred them when they are no longer required. - Credit and Bank cards
If you plan to cancel a card (or it expires), immediately destroy the card by cutting it in two, through the account number and the magnetic strip.
- Read your statements
