The internet makes it easy to manage your money from just about anywhere. Unfortunately it’s also a prime hunting ground for fraudsters. Here are some tips, guidelines and things to look out for to help keep yourself safe online.
Online security is extremely important at ASB so we always use security good practice to help keep your banking safe. We also constantly review our security to counter any new threats.
You need to use a unique username and password to log in to FastNet Classic Internet banking. If you (or someone else) tries to access your accounts without these, they will be allowed a certain number of attempts before access is suspended.
You may be presented with our reCAPTCHA security feature during this process. This is to discourage people trying to guess passwords or compromise your accounts.
You can also increase your security by requiring a Netcode at log in. When you log in, you'll be sent a Netcode, either through an SMS message, or from your Netcode token. You will need to enter that code when you log in, along with your username and password. It's another way to ensure that no one can access your ASB accounts without your knowledge.
We only allow secure connections between your browser and our servers when you are banking online. This means that your information is scrambled before it travels over the Internet in a way that only we can unscramble.
ASB has selected a leading provider of certificate services, Entrust. You may find certificates from this provider on our sites by clicking on the padlock in the address bar.
ASB has chosen the leading security certificate provider, Entrust, to give us the most up to date security solutions for our website. You may see their certificate displayed on our site.
For added security, use Netcode as an extra layer of protection when you're making payments and transactions online.
To improve your security, we have masked the first 12 digits of your credit card and only the last 4 digits will be displayed. This is an extra precaution to keep your information secure.
We'll automatically log you out after a certain amount of inactivity. But if you're finished, it's safer to make sure you log out manually.
Once you've logged out, all the pages you visited in our online banking websites are cleared from your browser's cache. This way no one can find your information through your browser's history or computer's hard drive.
To avoid your passwords being used without authorisation, never save them in your browser if you are ever prompted to do so.
Our dedicated security team investigates new technologies and threats, monitors activity and responds promptly to any emerging security issues. We regularly use reputable independent consultants to audit the security of all our systems.
To protect your security and privacy, please do not share any personal or sensitive information on Twitter or Facebook. We may ask you to Private or Direct Message us with information if required.
If you are contacting us through Twitter, make sure to follow us (@ASBBank) to receive Direct Messages from us.
ASB uses email to keep you informed and up-to-date with what's happening with your accounts. To protect our customers from phishing and scam emails, we have a very clear policy on how we communicate via email.
Phishing emails will often try to get personal or account details from you. This is why ASB:
Our emails will always give you the option to opt out and not receive further communications via email.
Remember: If you have any concerns about an email you receive forward it to our dedicated email scam team on email@example.com.
When you first login to FastNet Classic you’ll need to choose a password that’s easy for you to remember, but hard for others to guess.
Here are some password tips to consider:
Never write down your password or give it out to anyone.
Remember: ASB will never ask you for your Internet banking password.
Netcode provides a way to double-check that it's really you making certain online transactions from your accounts. It's a randomly created code, a bit like a temporary PIN, that we text you. Use Netcode for extra security when logging into FastNet Classic internet banking, authenticating a payment or transferring money overseas.
You should always logout and close your browser window after you’ve finished using any Internet banking service. You should also logout if you’re leaving your computer – even for a short time.
If you do forget to logout you’ll automatically be signed off from your account if it’s inactive for a set period of time.
If you’re making any financial transactions online, you should look for the letters “https://” at the beginning of the web address.
You can also look for a padlock icon in the address bar. These things show that the communication between your browser and our systems is being encrypted. You can also click on the padlock to see the level of security being used.
Emails are like postcards. It’s easy for people to read anything you send. So you should always be careful sending personal information by email.
Emails are also a common way to spread harmful viruses or to trick you into revealing your personal details or Internet banking information. This is called phishing.
When you connect to the internet, you open your computer up to various potential problems. But these simple solutions can help you keep it safe.
Install anti-virus software
Viruses and worms are malicious pieces of software that can compromise your computer and cause all sorts of problems. They can get in through email attachments, you could inadvertently download them from a website or even through software you install from a CD, DVD or USB drive.
Good security software will help protect your computer against this threat, whatever your operating system. Even if you already have anti-virus software, you need to regularly update it to stay safe. It’s also a good idea to regularly schedule full system virus scans of your computer. There are a number of reputable anti-virus software products in the market, including: Norton Anti-virus, McAfee, TrendMicro, Kaspersky and AVG.
Many of these companies provide full Internet Security software packages that include everything you need to keep a home computer safe. We recommend visiting their websites, doing your own research and talking to a computer savvy friend to help choose the best one for you.
Get anti-spyware software
Spyware is another type of file that can find its way onto your computer and tell other people what you’re doing online. In its worst form, spyware can be used to access personal information such as bank accounts or credit card details. Like anti-virus software, you should always use up-to-date anti-spyware software to help keep your information safe. Some of the major anti-virus products include anti-spyware. Other free anti-spyware products include: Ad-aware and Spybot.
Use a personal firewall
A personal firewall is your first line of defence between your computer and the outside world. It will help control who can access your computer and also protect you from viruses and any other unwelcome visitors. Modern versions of popular desktop operating systems typically have personal firewall features. Check that they are turned on if you don’t have another firewall product.
If you're on a budget, you can download free or low-cost firewall software from companies like Zone Labs.
Keep your software up to date
One of the most important ways to keep your computer safe is make sure it has all the latest security software updates. These updates are usually free and they’re released regularly to fix holes in a computer's operating system. You can either choose automatic software updates, or regularly check with your software vendor to find out if operating system updates are available.
Keep your browser up to date
The most important software to keep updated is your Internet browser (eg Google Chrome, Internet Explorer, Firefox or Safari). All of these major browsers release security patches and these are important patches that you need to apply. You should also update any other applications installed like Adobe Reader or browser components like Java or Adobe flash, to make sure they have the latest security patches.
Beware of public or shared computers
Be extremely wary of using other computers or public accessible Wi-Fi networks (e.g. in an internet cafe, library or university) to access online banking. It’s impossible to know if they have up to date protection and it’s also easy for other people to watch what you’re doing.
If you must access Internet Banking from a public computer or publicly accessible Wi-Fi network we recommend enabling Netcode at sign-on, and changing your Internet Banking password regularly.
Phones and mobile internet
If you have a smart phone you need to take care of the things you download in just the same way as your home computer. You should only install applications from trustworthy sources, always keep your phone operating system and applications up-to-date and set a PIN or password to protect your phone from unauthorised use.
If you ever think your phone has been compromised by malicious software, call 0800 327 863 to have your internet banking password reset, or change it yourself through FastNet internet banking or the mobile app.
Banking on your phone
If you use the mobile version of FastNet you’ll need to enter your access code and password as well as a Netcode, if enabled. It’s important to keep your access code and password safe – and also a good idea to make sure that you’re not being overlooked when using mobile banking (eg on the bus) or leave your phone unattended. To have added protection on your phone, it's also good practice to have a security PIN on your mobile phone.
Social networking sites like Facebook, Twitter, Google+, Foursquare and LinkedIn are a great way to keep in contact with friends and colleagues. But they also give cyber criminals another way of gathering information about you. To protect yourself while using these social networking sites:
Short URLs can be really handy in social media because they’re easy to paste or type. Unfortunately, you have no real idea which site a short URL is linking to. This means there it as opportunity for abuse by cybercriminals and scammers.
ASB has set up a special short URL service (asb.co) so you’ll always know that our short URLs were created by us (eg. http://asb.co/dVr3Y8). If you receive an email that looks like it's from ASB, bust suspicious looking URLs, report it to firstname.lastname@example.org. If you accidentally click a suspicious link, change your banking password immediately by calling us at 0800 327 863.
More of us are adding GPS information to social media updates so that friends and colleagues can see where we are. This can be fun and very handy from time to time.
But criminals may also be able to use this information to see who is tweeting, where they are, what their interests are and more. It’s then relatively easy to use this information to craft a targeted attack. So always be wary about sharing location information with untrusted sources – and be extremely wary about contacting strangers online.
We work very hard to keep your banking as safe as possible. But here are a few things you can do to keep it safe.
Contact and let us know before you go overseas, so that we know international transactions on your credit card are correct and not suspected as fraudulent transactions.
One of the best ways you can help yourself stay safe online is to know the kind of things you should look out for. Here are some of the more common threats and internet scams.
Phishing is the process of trying to get information by pretending to be a trustworthy organisation. In most cases fraudsters will send a fake company email asking for things like usernames, passwords or credit card details.
These emails can look very real. Sometimes they make offers or money, refunds or ‘essential’ updates to try and get you to act.
Typically a phishing email will ask you to click on a link that takes you to a fake website. Once there, you are prompted to ‘login’ to internet banking or provide personal details. They use this site to capture your information so they can use it fraudulently.
If you think you’ve received a phishing email:
If you think you’ve been taken to a phishing site:
If you think you’ve entered your details in phishing site:
These ‘junk mail’ offers generally involve free or extremely cheap deals that are sent as email. The goal is usually to get money or personal details from you. Some attempt to get you to download keylogger software that can track everything you type and send it on to the scammer.
If you receive a renewal for your Internet Domain name, check carefully that it’s from the correct registrar. Another scam is to send a notice for a domain name that’s very close to yours and hope that you don’t notice the difference.
Trojans are little bits of software that infect a web browser and have the ability to modify pages, transaction content or even insert additional transactions. This can all happen in a completely covert fashion invisible to both the user and host application.
A virus is a software program that copies itself when it’s triggered. Usually that’s when you download it, or open an unusual file. Once triggered, a virus can be destructive and do things like overwriting the files on a computers hard drive. A worm is like a virus that actively looks for ways to spread itself to other computers. This means worms can spread extremely quickly.
Occasionally you may be offered the chance to send and receive money on behalf of someone else. This may well be a money laundering scheme and if you take part you could be breaking the law.
People who get caught up in this type of thing are known as ‘money mules’. Mules can be recruited in many ways including spam emails, recruitment websites and even newspaper ads. Once recruited mules receive funds into their account, which they then withdraw and send overseas, usually minus a commission payment. The mule is the easiest part of the chain to track down and supplying any information to the fraudsters could put them at risk from identity fraud.
A scammer could send you a cheque or an Internet Banking payment for something, but ‘accidentally’ pay too much. They may then ask you for a refund of the difference, which they hope you’ll pay before you discover that the original cheque is worthless.
This is a hi-tech way of copying information from the magnetic strip on your bank cards. Once copied, this information can be downloaded onto another card and used to make purchases on your account.
Skimming devices can be very subtle so the best way to avoid skimming is by:
If someone dishonest gets hold of your old bank or credit card statements they can use that information to steal money. So always keep important documents safe and destroy them (ideally by shredding them) before you throw them out.
This is where someone calls you and says that they are from a reputable company, business and may ask you to login to your computer, as “their system has reported it as having a virus”, or even directly ask you for your card PIN.
They may sound very convincing, so remember:
ASB will never call you directly and ask you to confirm your banking password, or the PIN number to your accounts or Credit Card.
You can read more about scams at the NZ Goverment's Consumer Protection site.