The world's local bank
Your steps
There is much that you can do to protect yourself online. Some are simple, others may require a little time invested or help from someone else.
If nothing else, please follow these five “golden rules”
- Make sure you have the latest security updates and patches
- Install anti-virus software
- Use personal firewalls
- Read our password advice
- Use an anti-spyware program
Please also read the detailed information below:
- Keep your details and identity secure
- Keep your password secure
- Keep your computer secure
- Keep your Internet Banking session secure
- Keep your email secure
- Protect yourself – even when you're offline
Keep your details and identity secure
Identity theft is the act of stealing or using an individual's personal information without their knowledge or consent, for example, to illegally apply for credit, make purchases, or gain access to funds. Since the statements or bills related to the fraudulent accounts are often sent to a different address, victims may not become aware of the increased debt until, for instance, they are tracked down by creditors or are turned down when they apply for credit. Identity theft can take months to detect and even longer to clear.
Reduce your risk and protect your personal information in all your financial dealings, whether over the Internet or during your normal banking activities, by following these tips:
Top Tips
- Take care where you go online from
If you can, try to avoid using Internet Banking, or any other Internet services which require the use of critical passwords, at Internet Cafés, Libraries, and other public sites to avoid the risk of information being copied and abused after you leave.
- Get wise to online fraud
Be aware that there are phoney web sites designed to trick you and collect your personal information. Sometimes links to such web sites are contained in email messages purporting to come from financial institutions. Try, whenever possible, to use a known web address, or use a Favourite, to link to bank pages.
- Change your passwords
Always change passwords that may have been compromised.
- Contact your bank if you think someone else knows your Internet banking password
- Password protect your computer
Use a password on your computer to prevent unauthorised individuals from accessing your information. If you are unsure how to do this, you may need to ask someone.
- Disable the 'AutoComplete' function within your browser
This will help prevent others from seeing personal information. On Internet Explorer, for example, the ‘AutoComplete' function remembers data you have input, sometimes including passwords. Typically, the browser's own Help function will tell you how to do disable the 'AutoComplete' function.
- Buy from well known companies – and only provide bank information during secure sessions.
Keep your password secure
Passwords are the key to your online account information, to accounts at online stores and a host of other online activities. Your HSBC Internet banking password, together with your Internet banking ID, permits access to your bank accounts. For this reason your password should be unique and very well protected.
Top tips
- Keep them to yourself
Do not be tempted to share your passwords with anyone.
- Be unique
Try and create passwords that are unique and not easy to guess.
- Use letters, numbers and symbols
Passwords containing upper and lower case letters, numbers, and symbols are far harder to guess.
- Be different
Avoid using the same password for different services.
- Don't be personal
Do not be tempted to use passwords that can easily be guessed e.g. your name, your date of birth, telephone numbers, pet's name.
- Never write them down
If you really need to record your password then use a code system, e.g. transpose some of the letters.
No one at HSBC will ever ask you for your Internet banking password. If someone does ask you for it – they do not represent HSBC.
Keep your computer secure
The Internet offers hackers the opportunity to access your system. In fact, although the web's a great way to find the demos, downloads, and music you may want, it's when you are doing this that you could be most at risk. There are a number of steps you can take to protect yourself.
Make sure you have the latest security updates and patches
From time to time, vulnerabilities are discovered in operating systems and internet browsers. Before the publisher can release a security patch to correct these weakness, they can be exploited by virus writers and hackers to gain unauthorised access to those PCs that have not yet been patched.
To check for patches and updates you should visit the publisher's website, typically in their Download section.
Microsoft users can visit: http://windowsupdate.microsoft.com which can automatically check what is required, and then suggest that you download it.
Use and regularly update anti-virus software.
You may already be using anti-virus software but to be effective the software should be updated on a regular basis with the latest “virus definition” files. If you are unsure how to do this, you should refer to the program's own Help function.
There are many effective programs to choose from, but the most common commercial products are from McAfee, Symantec (Norton) and Sophos.
It is also possible to obtain free anti-virus protection. A search for “free anti-virus” on Google will provide a list of the most popular.
Use personal firewalls
A firewall is another small program that helps protect your computer and its contents from outsiders on the Internet. When properly installed, it stops unauthorised traffic to and from your PC.
There are many effective programs to choose from. Common commercial examples are from Zone Labs , Symantec (Norton), McAfee and Computer Associates.
The widely recognised market leading free firewall is “Zone Alarm” from Zone Labs and there are many others to choose from. Zone Alarm is now used on over 20,000,000 PCs and has been awarded the PC World 2003 "World Class Award" for Best Firewall.
Read our password advice
Keep your password secure
Passwords are the key to your online account information, to accounts at online stores and a host of other online activities. Your HSBC Internet Banking password, together with your Internet banking ID, permits access to your bank accounts. For this reason your password should be unique and very well protected.
Keep them to yourself
Do not be tempted to share your passwords with anyone.
Be unique
Use passwords that are unique and not easy to guess.
Use letters, numbers and symbols
Passwords containing upper and lower case letters, numbers, and symbols are far harder to guess.
Be different
Avoid using the same password for different services.
Don't be personal
Do not be tempted to use passwords that can easily be guessed e.g. your name, your date of birth, telephone numbers, pet's name.
Never write them down
If you really need to record your password then use a code systemor transpose some of the letters.
No one at HSBC will ever ask you for your Internet banking password. If someone does ask you for it, they do not represent HSBC.
Change your passwords
Always change passwords that may have been compromised.
Contact your bank if you think someone else knows your Internet banking password.
Use an anti-spyware program
Spyware is the term used to describe programs that run on your computer for the purpose of monitoring and recording the way in which you browse the web and the internet sites you visit. For example, spyware can combine information about your online behaviour with that of many other users in order to generate market research data. This information can be bought and sold by companies interested in improving the way websites are designed and how the internet is used.
You may or may not wish for your internet usage to be monitored in this way. In addition, just as spyware can be used to improve the online experience it can also be used to extract personal information that you have entered, including passwords, telephone numbers, credit card numbers and identity card numbers.
Spyware is often loaded onto a PC as part of a free download of another service - for example a service that claims to improve the performance of your PC. Sometimes your agreement to the download is requested in the small print, but spyware may also be loaded onto your PC without your agreement or knowledge.
Spyware is not the same as a virus in that it only records what you do rather than altering how your machine works. Because of this, anti-virus software is not effective in identifying and removing spyware; you will need to download and run a specialised anti-spyware program.
Anti-spyware security software currently available include McAfee, Spybot Search and Destroy, AdAware, Spyware Eliminator, Spyware Doctor and Microsoft antispyware. We strongly recommend that you install and use a reputable anti-spyware product to protect yourself against spyware on your PC.
Please visit www.banksafeonline.org.uk for further independent information on this topic.
Top Tips
- Don't share computers
Disable your computer's 'File and Printer Sharing' capabilities to help prevent unauthorised access. Use your computer's Help function for instructions.
- Filename extensions
Most operating systems use filename extensions . For example, a word document ends with .doc and a photo image may end with .jpg
By default some operating systems do not show these extensions. Whilst this presents cleaner looking file names, it also provides viruses with a means to hide. Use your computer's Help function (Index and then “display”) for steps needed to display file extensions.
Any file with what appears to be a double extension – e.g. wow.jpg.pif is almost certainly a virus and should never be opened.
- Be wary of opening any unexpected email messages with attachments
A common way for a virus to spread is via email. Some viruses send copies of themselves to everyone in the infected PC's address book. This means it could appear to come from someone you know.
Never open an email attachment that contains a file ending with .exe, .pif, .vbs as these are commonly used with viruses.
Keep your Internet Banking session secure
You should ensure that you and your family are aware of potential pitfalls and know the best way to deal with them. There are two key areas to focus on.
Logging in
Ensure you enter your correct password(s) without the details being inadvertently disclosed to someone who may be looking over your shoulder.
Logging off
Always remember to log off from the Internet Banking session and close your browser when you have finished your online banking. This will clear all traces of your visit from the PC's memory.
Top tips
- Memorise the keys to your access
Your Internet banking ID and password are your keys to accessing our online services. Only the right combination of these allows you access.
- Don't use links to access our site
Always enter the web address or use a Favourite. Do not use a link as this may take you to a phoney web site that may look exactly like ours.
- Avoid using shared computers for Internet banking
Try to avoid using shared public PCs, such as those in Internet cafes, to access Internet banking.
Keep your email secure
Generally, email that is sent or received through a regular email address (e.g., yourname@hotmail.com) is not secure or encrypted to protect the content. Therefore, any personal information you include in an email is at risk of being intercepted by unauthorised individuals. Do not send your Internet banking ID and/or passwords by email to anyone – ever.
Top tips
- Never send sensitive information by email
Don't answer any unexpected email messages requesting personal information.
- Be wary of opening any unexpected email messages with attachments
A common way for a virus to spread is via email. Some viruses send copies of themselves to everyone in the infected PC's address book. This means it could appear to come from someone you know.
Never open an email attachment that contains a file ending with .exe, .pif, .vbs as these are commonly used with viruses.
Any file that appears to have a double extension is almost certainly a virus and should be deleted. Use your computer's Help function for further instructions.
- Review who you use as your Internet Service Provider (ISP)
Apart from varying prices, ISPs now offer a range of services that include virus protection against infected incoming email messages.
Protect yourself – even when you're offline
Even when you are offline, there's much that you can do to protect yourself. This centres on keeping private information strictly private.
Top Tips
- Keep your details safe
Don't be tempted to share your User IDs, passwords or any unique personal identifiers/details with someone else.
Nor should you supply personal information to anyone over the phone or to a web site unless you have satisfactorily verified the identity of the recipient of such information. HSBC would never ask for Internet passwords over the phone.
You should memorise your passwords; do not keep any records of them in your wallet or purse.
- Read your statements
Review your bank and credit card statements for any unusual transactions or withdrawals and notify the bank immediately if you suspect any discrepancies.
- Notify your bank of any changes
Tell us of any changes in your personal details (e.g. address change).
- Store your bank documents such as statements and cheque books in a safe place
- Credit and Bank cards
If you plan to cancel a card (or it expires), immediately destroy the card by cutting it in two, through the account number and the magnetic strip.
- Keep yourself and your property safe and protected to minimise your risk of theft
Be careful of any personal information you discard. If you can, destroy receipts, pre-approved credit card applications, bank statements and any bills that contain personal information.
Useful tools
Increase font
Decrease font