The internet makes it easy to manage your money from just about anywhere. Unfortunately it’s also a prime hunting ground for fraudsters. Here are some tips, guidelines and things to look out for to help keep yourself safe online.
Online security is extremely important at ASB so we always use the highest industry standards to help keep your banking safe. We also constantly review our security to counter any new threats.
You need to use a unique username and password to log in to FastNet Classic Internet banking. If you (or someone else) tries to access your accounts without these, they will be allowed a certain number of attempts before access is suspended.
We also show the date and time of your last login so you always know that no one else has accessed your accounts. If you choose, you can also use Netcode at login. This means that you’ll be asked to enter a unique code whenever you log in to FastNet Classic.
We only allow secure connections between your browser and our servers when you are banking online. This means that your information is scrambled before it travels over the Internet in a way that only we can unscramble.
ASB has selected two leading providers of certificate services, VeriSign (now from Symantec) and Entrust. You may find certificates from either of these providers on our sites.
FastNet Classic uses an Extended Validation (EV) SSL Certificate. This means that if you're using Internet Explorer 7 and above, your address bar will turn green when you visit FastNet Classic. This makes it easy for you to be sure you’re on the genuine ASB website.
To learn how to tell if a website connection is secure, visit the appropriate help page for your browser, for example:
You can also use Netcode as an extra layer of protection when making payments online.
To improve your security, we have masked the first 12 digits of your credit card and only the last 4 digits will be displayed.
You’ll automatically be signed off from your account if it’s inactive for a set period of time. But it’s even more secure if you log off when you’ve finished your banking.
When you log off, all of the pages you visited in our online banking websites are automatically removed from your browsers cache. This means other users of that computer won’t be able to view your personal or account details by using your browser’s back button or searching the contents of the computer's hard-drive.
Our dedicated security team investigates new technologies, monitors activity and responds promptly to any emerging security issues. We regularly use reputable independent consultants to audit the security of all our systems.
Email is a really handy way to communicate with customers, but we also do everything we can to protect you from email phishing attacks. That’s why we have a very clear policy on how we’ll communicate by email.
Emails from ASB will never:
Our emails will always give you the option to opt out and not receive further communications via email.
Remember: If you have any concerns about an email you receive forward it to our dedicated email scam team on firstname.lastname@example.org.
When you first login to FastNet Classic you’ll need to choose a password that’s easy for you to remember, but hard for others to guess.
Here are some password tips to avoid:
Never write down your password or give it out to anyone.
Remember: ASB will never ask you for your Internet banking password.
It’s also a good idea to change your online password regularly. Just login to FastNet Classic, select ' My Settings' from the menu.
Netcode is an extra layer of security to help make sure it's really you using FastNet Classic Internet banking.
A Netcode is a unique number that can be texted to you (or generated on a Netcode token).
You can set Netcode up for when you login to your online banking or whenever you’re making certain transactions.
See how to register for Netcode now.
You should always logout and close your browser window after you’ve finished using any Internet banking service. You should also logout if you’re leaving your computer – even for a short time.
If you do forget to logout you’ll automatically be signed off from your account if it’s inactive for a set period of time.
If you’re making any financial transactions online, you should look for the letters “https://” at the beginning of the web address.
You can also look for a padlock icon in your browser window. These things show that the communication between your browser and our systems is being encrypted. You can also double-click on the padlock to see the level of security being used.
Emails are like postcards. It’s easy for people to read anything you send. So you should always be careful sending personal information by email.
Emails are also a common way to spread harmful viruses or to trick you into revealing your personal details or Internet banking information. This is called phishing.
When you connect to the internet, you open your computer up to various potential problems. But these simple solutions can help you keep it safe.
Install anti-virus software
Viruses and worms are malicious pieces of software that can attach to your computer and cause all sorts of problems. They can get in through email attachments, you could inadvertently download them from a website or even through software you install from a CD, DVD or USB drive.
Good anti-virus software will help protect your computer against this threat. Even if you already have anti-virus software, you need to regularly update it to stay safe. It’s also a good idea to regularly schedule full system virus scans of your computer. There are a number of reputable anti-virus software products in the market, including: Norton Anti-virus, McAfee, TrendMicro, Kaspersky and AVG.
Many of these companies provide full Internet Security software packages that include everything you need to keep a home computer safe. We recommend visiting their websites, doing your own research and talking to a computer savvy friend to help choose the best one for you.
Get anti-spyware software
Spyware is another type of file that can find its way onto your computer and tell other people what you’re doing online. In its worst form, spyware can be used to access personal information such as bank accounts or credit card details. Like anti-virus software, you should always use up-to-date anti-spyware software to help keep your information safe. Some of the major anti-virus products include anti-spyware. Other free anti-spyware products include: Ad-aware and Spybot.
Use a personal firewall
A personal firewall is your first line of defence between your computer and the outside world. It will help control who can access your computer and also protect you from viruses and any other unwelcome visitors. Modern versions of popular desktop operating systems typically have personal firewall features. Check that they are turned on if you don’t have another firewall product.
If you're on a budget, you can download free or low-cost firewall software from companies like Zone Labs.
Keep your software up to date
One of the most important ways to keep your computer safe is make sure it has all the latest security software updates. These updates are usually free and they’re released regularly to fix holes in a computer's operating system. You can either choose automatic software updates, or regularly check with your software vendor to find out if operating system updates are available.
Keep your browser up to date
The most important software to keep updated is your Internet browser (eg Google Chrome, Internet Explorer, Firefox or Safari). All of these major browsers release security patches and these are important patches that you need to apply. You should also update any other applications installed like Adobe Reader or browser components like Java or Adobe flash, to make sure they have the latest security patches.
Beware of public or shared computers
Be extremely wary of using other computers or public accessible Wifi networks (e.g. in an internet cafe, library or university) to access online banking. It’s impossible to know if they have up to date protection and it’s also easy for other people to watch what you’re doing.
If you must access Internet Banking from a public computer or publicly accessible Wifi network we recommend enabling netcode at sign-on, and changing your Internet Banking password regularly.
Phones and mobile internet
If you have a smart phone you need to take care of the things you download in just the same way as your home computer. You should only install applications from trustworthy sources, always keep your phone software and applications up-to-date and set a PIN or password to protect your phone from unauthorised use.
If you ever think your phone has been compromised by malicious software, call 0800 327 863 to have your internet banking password reset.
Banking on your phone
If you use the mobile version of FastNet you’ll need to enter your access code and password as well as Netcode where applicable. It’s important to keep your access code and password safe – and also a good idea to make sure that you’re not being overlooked when using mobile banking (eg on the bus) or leave your phone unattended. To have added protection on your phone, it's also good practice to have a security PIN on your mobile phone.
Social networking sites like Facebook, Twitter, Google+, MySpace, Foursquare and LinkedIn are a great way to keep in contact with friends and colleagues. But they also give cyber criminals another way of gathering information about you. To protect yourself while using these social networking sites:
Short URLs can be really handy in social media because they’re easy to paste or type. Unfortunately, you have no real idea which site a short URL is linking to. This means there it as opportunity for abuse by cybercriminals and scammers.
ASB has set up a special short URL service (asb.co) so you’ll always know that our short URLs were created by us (eg. http://asb.co/dVr3Y8), but other than those, you should only click on a shortened URL if its sent by someone you trust. If the site you arrive at seems strange, shut it immediately.
More of us are adding GPS information to social media updates so that friends and colleagues can see where we are. This can be fun and very handy from time to time.
But criminals may also be able to use this information to see who is tweeting, where they are, what their interests are and more. It’s then relatively easy to use this information to craft a targeted attack. So always be wary about sharing location information with untrusted sources – and be extremely wary about contacting strangers online.
We work very hard to keep your banking as safe as possible. But here are a few things you can do to keep it safe.
Contact and let us know before you go overseas, so that we know international transactions on your credit card are correct and not suspected as fraudulent transactions.
One of the best ways you can help yourself stay safe online is to know the kind of things you should look out for. Here are some of the more common threats and internet scams.
Phishing is the process of trying to get information by pretending to be a trustworthy organisation. In most cases fraudsters will send a fake company email asking for things like usernames, passwords or credit card details.
These emails can look very real. Sometimes they make offers or money, refunds or ‘essential’ updates to try and get you to act.
Typically a phishing email will ask you to click on a link that takes you to a fake website. Once there, you are prompted to ‘login’ to internet banking or provide personal details. They use this site to capture your information so they can use it fraudulently.
If you think you’ve received a phishing email:
If you think you’ve been taken to a phishing site:
If you think you’ve entered your details in phishing site:
These ‘junk mail’ offers generally involve free or extremely cheap deals that are sent as email. The goal is usually to get money or personal details from you. Some attempt to get you to download keylogger software that can track everything you type and send it on to the scammer.
If you receive a renewal for your Internet Domain name, check carefully that it’s from the correct registrar. Another scam is to send a notice for a domain name that’s very close to yours and hope that you don’t notice the difference.
Trojans are little bits of software that infect a web browser and have the ability to modify pages, transaction content or even insert additional transactions. This can all happen in a completely covert fashion invisible to both the user and host application.
A virus is a software program that copies itself when it’s triggered. Usually that’s when you download it, or open an unusual file. Once triggered, a virus can be destructive and do things like overwriting the files on a computers hard drive. A worm is like a virus that actively looks for ways to spread itself to other computers. This means worms can spread extremely quickly.
Occasionally you may be offered the chance to send and receive money on behalf of someone else. This may well be a money laundering scheme and if you take part you could be breaking the law.
People who get caught up in this type of thing are known as ‘money mules’. Mules can be recruited in many ways including spam emails, recruitment websites and even newspaper ads. Once recruited mules receive funds into their account, which they then withdraw and send overseas, usually minus a commission payment. The mule is the easiest part of the chain to track down and supplying any information to the fraudsters could put them at risk from identity fraud.
A scammer could send you a cheque or an Internet Banking payment for something, but ‘accidentally’ pay too much. They may then ask you for a refund of the difference, which they hope you’ll pay before you discover that the original cheque is worthless.
This is a hi-tech way of copying information from the magnetic strip on your bank cards. Once copied, this information can be downloaded onto another card and used to make purchases on your account.
Skimming devices can be very subtle so the best way to avoid skimming is by:
If someone dishonest gets hold of your old bank or credit card statements they can use that information to steal money. So always keep important documents safe and destroy them (ideally by shredding them) before you throw them out.
This is where someone calls you and says that they are from a reputable company, business and may ask you to login to your computer, as “their system has reported it as having a virus”, or even directly ask you for your card PIN.
They may sound very convincing, so remember:
ASB will never call you directly and ask you to confirm your banking password, or the PIN number to your accounts or Credit Card.
You can read more about scams at the NZ Goverment's Consumer Protection site.