secure online banking

Do not use:

• links in emails or text messages of unknown origin and links on unverified websites
• browser features such as: auto-complete forms, password saving, session saving

 

Verify:

• the certificate before each attempt to log in to the system - this will allow you to check the authenticity of the server

• Carefully read the security notices on the login page, the screens you see after logging in and the messages in your internal mail. There you will find information about current threats or possible attempts at social engineering attacks.
• Report suspicious text messages to the nationwide 24/7 toll-free number CERT 8080 - this will allow you to add suspicious numbers to the blocked calls database.

Bank employees never ask for:

• Your banking login or password,
• installing additional software,
• gaining remote access to your computer/phone,
• your full card number and CVV/CVC code,
• entering your BLIK code, making a bank transfer,
• depositing or withdrawing money at an ATM or bank branch.

 

Report such an incident to the 24/7 telephone number:

+48 22 548 29 40 (call cost at operator rate).

• Use anti-virus or anti-spyware software.
• Keep up with patches and updates recommended by software vendors, including the system and software that secures your computer.
• Install legitimate software from trusted sources.
• Avoid using public, open WiFi networks. Avoid logging into online banking systems from publicly accessible computers, such as at the airport or in a coffee shop.

• Always check that the SMS with the authorisation code matches the transaction you are carrying out (e.g. confirm with billing details - account number/transaction amount).
• If you are authorising with an electronic signature or token, remember to check the transaction details. Make sure they match the transaction you are processing.
• Set safe limits for daily BLIK transactions, payment cards, cash withdrawals and transfers. Attempts at suspiciously large transfers and withdrawals will not be processed.

• Strong password: Contains at least 15 characters, upper and lower case letters, special characters (@#¶&!), numbers (1, 3, 7, 0). It can be a phrase or a sentence.
• The password should only be known to the user and should be kept safe.
• A bank employee will never ask you for your login or password.
• If you log in with a masked password, remember that the bank does not need your full password, except to change your password to a new one. When logging in, enter only selected characters from your password.
• If you log in with an electronic signature, do not share the USB cryptographic key or the cryptographic card containing your keys and the PIN for them with anyone.

 

• Check the dates of your last logins, both successful and unsuccessful. If these dates do not match your activity, you should be concerned. It could mean that someone else has gained access to your account.
• Set up automatic email or SMS notifications for each successful or unsuccessful login, blocked access to the system, and debits over a specified amount. These alerts keep you in control of your account activity.

 

Remember:

Always log out of the service. To do this, click on the 'Logout' icon in the top right-hand corner. Do not close the browser window without logging out of the electronic banking service.

- the app from the official store (Play Store or AppStore).