The world's local bank
|
Anti-virus Software
Anti-virus software should be installed on your home computer and/or laptop to scan your email and the files on your computer for potential viruses. If a virus is detected, you are notified immediately and the anti-virus software will prevent the email or file from being sent to you before it’s opened. You should run your anti-virus software frequently to prevent computer infections like viruses, worms, or Trojan Horses from entering your computer system. Purchase a program that automatically upgrades your virus protection on a regular basis. Two popular sources for anti-virus and firewall protection software are McAfee and Computer Associates.
Browsers
A browser is a software application that works with the Internet to provide you with the ability to view, find and interact with websites and web pages. Two popular web browsers are Microsoft® Internet Explorer and Netscape® Navigator. As new versions of the browsers are developed, users are able to experience a full multimedia spectrum, including text, graphics, sound, and video.
Cable Modem
Cable modems provide high-speed Internet access using cable television networks. They use either the traditional coaxial cables or newer fiber optic cables for the transmission of data. Cable modems offer continuous connection to the Internet without having to dial into an Internet Service Provider (ISP) each time you wish to connect to the Internet.
Cookies
Cookies are pieces of information stored directly on the computer you are using and can provide a more efficient and more consistent experience on websites that use them. Cookies contain information about your computer preferences that allow customization of a site for your use. For example, if you visited a site yesterday to conduct business and returned to it today, the ”cookie” would remember your visit and may return a “Welcome Back!” when revisited. Any time HSBC uses a cookie, personal information is encrypted for our use only and protected from third party access.
Credit Monitoring
A credit monitoring program can be purchased through a credit bureau (i.e. Equifax, TransUnion) and helps keep you updated on your credit report and credit status. You may be alerted to changes in your credit or credit inquiries from financial sources, of which you may not be aware. If you suspect illegal activity regarding your credit, you should contact the bank, your creditors and the credit company with which you may have credit monitoring.
Digital Certificates
Like a driver’s license or passport, Digital Certificates allow individuals or organizations on the Internet to verify each other's identity to prevent unauthorized access. A Digital Certificate is a randomly generated set of characters that a computer sends to your browser. The browser on your computer stores this information and uses it as a digital stamp to certify the authenticity of the information sent to you and as a means of establishing identity. You may see a Digital Certificate issuer logo at the bottom of a browser page for your reference.
Encryption
When you apply for credit at HSBC or conduct Internet Banking transactions, the information you enter online is “encrypted” or transformed into a string of unrecognizable characters before being sent over the Internet. This helps to keep the information between the bank's computer system and your Internet browser private. The two most common levels of encryption are 40-bit and 128-bit, both used on popular web browsers such as Microsoft® Internet Explorer and Netscape® Navigator. Your session is in a secured “encrypted” environment when you see "https://" in the web address and/or when you see the locked “padlock” symbol at the bottom right corner of your browser window.
To determine if the browser you are using supports 128-bit encryption perform a Browser Check
Firewall
Firewall software can be installed on business and home computers as a barrier against hackers and viruses. Firewalls are used to filter potentially destructive information or prevent unauthorized access. This is especially important on computers that use a broadband connection to access the Internet (Cable modems or DSL). Since your Internet connection is on when your computer is on, the risk for malicious activity to your computer increases. Two popular resources for firewall protection are McAfee and Computer Associates®.
Keystroke Capturing
Keystroke Capturing or "keystroke logging" is a surveillance tool that is illegally used to record the keystrokes of unsuspecting victims in order to determine password and logon information which can be used for fraud purposes.
Plug-in
A plug-in is a software module that adds a specific functionality to the web browser. For example, plug-ins for Netscape Navigator and Internet Explorer allow the browsers to displays various types of audio and video messages or popular Adobe® Acrobat® (PDF) files.
Privacy Policies
Many companies publish a privacy policy providing customers with information on how the company keeps your information private, how the information is shared and why it’s collected. It's a good practice to read the privacy policy of a company with which you conduct financial transactions. Most privacy policies also explain how you can request removal of your name from promotional mailing lists. Read HSBC’s Privacy Notice.
Secure Sessions
Your online banking sessions and online applications are protected in a “secured” environment, which uses Secure Socket Layer (SSL) technology to encrypt your personal information before it leaves your computer to help ensure that no one else can read it. You will know that you are on a “secured” page when you see the “https://” before the web address. You will also see a padlock symbol in the lower right hand corner of your browser window. Commonly, a closed padlock indicates that your online session is “secured” by encryption to protect your personal information.
Server Authentication
When you logon to Internet Banking or to a site that requires authentication, you usually input a specific Customer ID or User Name and password to gain access to your account information. When you use Internet Banking, the encrypted information passes through a rigorous test on HSBC’s computer systems to ensure proper authorization before your account information is displayed.
Security Holes/Bugs
Security holes/bugs are often faults, defects or programming errors exploited by unauthorized users to access computer networks or web servers from the Internet. As these holes or bugs become known, software publishers develop "patches," "fixes" or "updates" users can download that usually fix the problems.
Security Code
The Security Code is a single-use, numeric value used to access your Business Internet Banking service. A Security Code must be entered along with your Username and Password.
Security Device
A Security Device is a small electronic device, which automatically generates the single-use Security Codes required to logon to Business Internet Banking.
The Security Device will be sent to you when you sign up for Business Internet Banking. It is small and portable so you can carry it on your keychain or inside a pocket or purse.
Server Gated Cryptography
HSBC uses Server Gated Cryptography or SGC, which allows a browser using 40-bit SSL encryption to function as 128-bit encryption for the duration of the online banking session. This keeps your online banking transaction information as secure as possible without requiring you to download an updated browser.
Session Time-outs
For your added online security, HSBC uses a session time-out feature. If your Internet Banking session is idle for a given amount of time, your session ends automatically. This helps ensure that your online session is in a “secured” environment and that the personal information you enter is protected. Commonly, a closed padlock symbol indicates a secured page is being used. Never input personal information on a website form or application that does not display the "https://" before a website address or a "padlock" symbol.
Social Engineering
Social engineering is an identity theft process that relies on human interaction and often involves tricking an unsuspecting individual into providing personal information like bank account details or passwords. Social engineers search dumpsters for valuable information, will memorize access codes by looking over someone's shoulder, or take advantage of people's natural inclination to choose passwords that are meaningful to them but can be easily guessed (children’s names, addresses, or birth dates). The personal information is then used to illegally apply for credit, purchas goods and services or gain access to funds.
Spam
Sometimes companies or individuals purchase email address lists to send ads for products and services. The unsolicited email is defined as “spam,” and it fills up email files and could add additional pop-up windows on your computer screen. You can purchase anti-spam software to filter unwanted email or spam from your email list until you delete it.
Phishing
An increasingly prevalent scam being employed by unscrupulous individuals is phishing.
Phishing involves an email message being sent out to as many Internet email addresses that the fraudster can obtain, claiming to come from a legitimate organization such as a bank, online payment service, online retailer or similar. The email requests the recipient to update or to verify their personal and financial information, including date of birth, login information, account details, credit card numbers, PIN numbers, etc. Some of the email messages include a threat that failure to update or validate will result in, for example, the account being frozen. The objective is to induce unsuspecting recipients, who happen to be customers of the legitimate organization being imitated, to respond to the email and to provide the information being requested.
The email will contain a link that takes you to a spoof web site that looks identical, or at least very similar, to the organization’s genuine site. In some cases, when the link in the email is clicked, the genuine site is accessed, but is overlaid with a smaller window with the spoof site, making it more believable. Clicking on a link may also download malicious software, known as “spyware” onto your PC which will record your use of the Internet and forward this information, and possibly a log of your keystrokes, to the fraudster. The fraudsters will use this financial information to compromise bank accounts, credit cards, etc.
To avoid getting phished you should never respond to email messages that request personal or financial information and never click on a link in such an email. Reputable organizations do not send unsolicited email messages asking their customers to update or verify their personal and security details. If you are in doubt about the legitimacy of the email, or if you think that you have been a victim of a phishing scam, you should contact the organization in question immediately. You should, however, be careful to use the normal method you use to contact the organization in question, rather than use any suggestions included in, or by responding to, the email.
Trojan Horse
A Trojan Horse another type of virus, which is simply a computer program that masks as another program. Trojan Horses are sent as an email file attachment. For example, it may claim to be a game, but once opened, can cause damage to your computer, from erasing files to changing your desktop. It then sends itself to other people in your address book to propagate itself.
Virus
Often through email, file sharing and downloaded programs, computer viruses are sent as email attachments. A virus is a small program that piggybacks on email and program files. For example, a virus might attach itself to a program or a game. Each time the program is opened, the virus runs and can infect other programs or damage your computer. Some viruses move around through email then replicate by automatically mailing to the victim’s entire email address book. Never open an email attachment unless first scanned through anti-virus software.
Worm
A worm virus is a small program that searches through networks to find security holes to replicate itself from machine to machine. Worms use up computer time, space, and speed when replicating, with a malicious intent to slow or bring down entire web servers and halt Internet use.
SSL
Secure Socket Layer (SSL) protocol provides a high level of security for Internet communications. SSL provides an encrypted communications session between your web browser and a web server. SSL helps verify that sensitive information (e.g. credit card numbers, account balances and other financial and personal data) sent over the Internet between your browser and a web server remains confidential during online transactions.
