• Online Security

Online Security

Background

Back to the top

As a global financial institution, ING is always concerned about security. The growth of the Internet has offered greater flexibility for all of us, but it also brings new risks that we must be aware of and guarded against. ING provides the following general information to address any concerns that you may have around online security.

ING makes every effort to provide optimal security to your data and to all transactions; for us protecting our clients is just good business. However hard we work there are still some risks online, and you can take some action to protect yourself. Here we provide some information to help you to protect yourself.

Latest Key Security Issues

Back to the top

From time to time we will provide information on security related issues that we feel you should be aware of. These security updates will be presented on this page.

Phishing

A phishing attack is an online fraud technique which involves sending official-looking email messages with return addresses, links and branding that all appear to come from legitimate banks, insurance companies, retailers, credit card companies, etc. Such emails typically contain a hyperlink to a spoof website and mislead account holders to enter customer names and security details on the pretence that security details must be updated or changed. Once you give them your information it can be used on legitimate sites to take your money.

It is important that you should be alert to any emails asking for your information; see more on "ING's Standard Practices" below.

Advance Fee Fraud

You may have already heard of 'advance fee fraud', where emails offering large sums of money are sent to thousands of email addresses, but a modest 'fee' is required in order to cover legal fees, account opening or customs charges.

Sometimes the money offered is a result of a lottery for which you have never bought a ticket. Sometimes the money is held in an account overseas but the account owner cannot access it, they promise a percentage of the money in return for your help. In both cases, you may be requested to pay various fees in advance.

Do not respond to these emails. They are part of a fraud and you will not receive any of the promised money.

ING's Standard Practices

Back to the top

ING may communicate with clients by email on occasion, so how can you tell which emails are from us, and which are fraudulent?

  • ING will address you by name in emails that require response from you through email or any action from you over the internet.
  • ING will not embed hyperlinks in emails that directly take you to sites where you must enter your security information.
  • ING will not send you emails asking you to update, verify or confirm your security details e.g. PIN, bank account number, ID Card number and passport number.

If you are in doubt about the legitimacy of any email that you have received purporting to be from ING, you should contact ING immediately. For contact details, please refer to the section "Contact Information" below.

Verifying Websites

Back to the top

You should pay close attention to the URL (website address) of the site you are visiting to make sure it is actually the site you believe it to be. Clients must be sure that the website they are visiting really belongs to ING.

You should also check that the website you are going to access for your account information or to perform a transaction is a secured website.

Secure Sites

The URL will begin with https://

If the URL begins with https, a small padlock will appear on the lower bar of the browser after the page is fully loaded.

Security Certificates

Double-click on the padlock icon to see the details of the security certificate. The certificate shows the owner of the website. Check that the details and validity are correct. Be sure that the URL on the certificate matches the URL of the webpage that you are visiting.

ING works with well known certification authorities such as Verisign, Global Sign and Thawte.

If you have any doubts about a website, you should contact ING as soon as possible to verify it.

Protect Yourself

Back to the top

Take care of your personal information

Your account / customer number, policy number, PIN, memorable date and customer identification number are the keys to your account. Never write them down, give them to anyone else or include them in an email. Remember that protecting your Customer Number, PIN and security details is your responsibility.

Protect your computer

  • Update your computer by installing the latest software and patches, to prevent hackers or viruses exploiting any known weaknesses in your computer
  • Install and update virus protection, to protect against viruses corrupting your computer and to prevent hackers installing Trojan viruses on your computer
  • Install and update anti-spyware tools
  • Install and update personal firewalls
  • Use only programmes from a known, trusted supplier

Beware of spam emails

  • Use a spam filter to avoid even seeing these messages.
  • Never respond to a spam message, otherwise your email address is then recorded as live and the spam will increase.
  • Should you read a spam message, please remember: if it sounds too good to be true, it probably is too good to be true.

Select a secure password

  • A secure password is one that is easy for you to remember, but difficult for others to guess. Do not use plain words, birth dates, names of children or pets; these could be discovered by others.
  • A good password should contain at least eight characters to make the probability of the password being guessed sufficiently unlikely. It always helps to vary the types of characters in your passwords, making them more difficult to guess as well, i.e. using numbers, capital letters, and special characters like ~!@#$%^& and *.

Keep your online section secure

  • Be cautious about accessing your account information or performing sensitive transactions on public computers; make sure you use public computers at a reputable provider - if the PC is not properly secured, hardware and software can be modified to capture keystrokes and other data that could disclose your personal information regardless of the security provided by the website.
  • Ensure that others are not looking at your keyboard over your shoulder when you enter your PIN or password, or access your personal information. This is particularly important at public internet access locations.
  • Do not check the box that asks your computer to "remember your passwords" or use other auto fill features of your browser. That defeats the security of passwords.
  • When you have finished with any secure online session (such as accessing your account information), always remember to Log Off and close your browser window, particularly when using public internet access services.

Protect yourself against spyware

  • Spyware is a software that is downloaded and installed on your PC without your informed consent. It can cause various levels of damages from nuisance of pop-up windows to disclosure of confidential information (such as your passwords and Social Security Number).
  • To protect yourself against spyware, please take the following actions:
    • Do not install software or shareware from unknown/untrustworthy sources as they might be infected with spyware.
    • Do not visit potentially risky/untrustworthy websites as it can contain spyware that can be downloaded without your consent to your PC.
    • Install trustworthy Anti-spyware products and keep it updated to block spyware.

Reference Sites

Back to the top

Contact Information

Back to the top

For enquiries, or reporting on suspected phishing cases relating to ING, please email us at workbench@ingplatform.com.