Investec Online

Online Security

Your security is our priority. Please find below some frequently asked Questions & Answers:

What is the importance of online security?

As a premier financial services institution, Investec places the highest priority on the confidentiality and security of clients and their financial transactions. To help make your banking experience easier and more convenient, we offer a facility to manage your financial affairs via the internet. There are inherent security risks associated with internet usage including the threat of viruses and hackers. We will always endeavour to ensure that your interaction with Online Services is as secure as possible. We have invested significant resources to ensure that all internet transactions are secure. This is done by using firewalls and strong encryption technology. Furthermore, we continually review our infrastructure and security measures to ensure that they are up to date and meet our stringent security requirements.
 

What can I do to protect my accounts?


• Make sure your computer is secure
• Update your antivirus product at least weekly
• Caution should be exercised if using Investec Online from public terminals such as Internet Cafes
• Do not open unsolicited emails as these could contain stealth programs and viruses. Investec will never send you an email asking you for personal or sensitive information relating to your account.
• It is also advisable to install a personal firewall product which will help protect your PC while you are online if you are not logging in from an office network.
• Ensure that no-one has un-authorised access to your PC
• Never disclose your Passwords to anyone
• Change your Passwords regularly and avoid familiar numbers (birthdays, phone numbers)
• Make sure your Operating System and Browser have the necessary security updates
• When accessing the Service, you should make sure that your passwords will not be kept in any form (by your browser or any other software) in such a way that other users of the same workstation can gain access to the service
• Always log out using the log out button before closing the browser

How secure is www.investeconline.ie?


We use advanced 128-bit encryption technology, which allows information to be transmitted securely between your web browser and our servers, while preventing any third party from understanding the encrypted information; however this encryption will not protect your PC from key logging software or “spyware”. We have deployed state-of-the-art software to protect our internal systems and your sensitive data.

What is encryption?


Encryption is a way of converting a meaningful message between two computers into a message that cannot be interpreted, understood or viewed by anyone other than the intended recipient. We use this technology to ensure that all information between you and Investec remain confidential. We have implemented encryption by using industry standard “site certificates”. When using Investec Online please look for the padlock symbol in your browser to verify that the communication is secure.

How long does it take before a Session Times-Out?

If you leave your computer without signing-off from the Service, we will terminate your access to the Service to help protect against unauthorised access. This time-out will occur automatically if there is no activity for 8 minutes. We ask that you please ensure that you always log out using the log out button before closing the browser.

What are key loggers?


Investec Bank offers clients a safe and secure environment in which to do Online Banking. Staying true to our
commitment, we take this opportunity to highlight the importance of protecting your data from key loggers. Keystroke loggers, commonly referred to as key loggers, record all keystrokes entered on a computer through your keyboard. On occasion, criminals intercept data captured by key loggers and use this data, for example passwords, to commit fraud online. There are two types of key loggers, software and hardware. Software key loggers can either be installed directly on to the PC or delivered within an email message. As a precautionary measure against online criminals, keep your data protected when using software key loggers by updating your anti-virus and firewall software regularly. Ensure that you update the virus definitions and the security signatures as often as possible. There are a number of reputable anti-virus and firewall vendors available, including Norton and McAfee who have combined their anti-virus
and firewall into one easy-to-use product.

• Norton Internet Security and Anti-virus
• McAfee PC Security Suite

There are also a number of free antivirus products available for home use such as AVG from GriSoft. It is important to update the virus definitions as well as the security signatures as often as possible. As an added security measure, products such as Lavasoft and Ad-Aware notify you of any ‘spyware’ by scanning your computer on a regular basis. Hardware key loggers are installed on the cable between your keyboard and computer. Retrieving data from this key logger is difficult and more advanced as the physical unit has to be removed to use the data. Protect your data by being more aware of who has access to your computer. Avoid using public computer terminals for your online communication, it is very easy to install spy ware on these public terminals and enabling them to masquerade as you and access your accounts. Do not open email and attachments from sources you do not know. These emails could contain virus payloads which can install themselves automatically on your PC.


What is “phishing”?


Phishing is a practice where fraudsters send emails at random, which claim to come from a genuine company that is operating on the internet. The purpose is to trick customers of that company into disclosing information using a bogus website operated by the fraudsters. Usually, the emails tell you that it is necessary to “update” or “verify” your customer account information and they encourage you to click on a link in the email which takes you to the bogus website. Any information you enter on the bogus website will be captured by the criminals for fraudulent purposes. Investec will never send you an email asking you for personal or sensitive information relating to your account. To verify that you are at the correct site refer to the point on Site Certificates

What are “Trojans”?


Trojans, which take their name from the term “Trojan Horse”, are a type of computer virus that can be installed on your computer without your knowledge. Trojans are sometimes capable of installing a key logger, which captures all the keystrokes entered on a computer keyboard. Some Trojans seek to capture passwords entered on certain websites, by capturing keystrokes or taking screen shots of the sites you visit. This information is then sent to fraudsters over the internet. Usually fraudsters will send out emails at random, encouraging you to click on a link in the email and visit a malicious website where the Trojan is installed. The emails are not only related to internet banking. They try to trick you into visiting the malicious website using a variety of excuses.

How to check your site certificates


If you wish to check the site certificate in your browser, this can be done by clicking on the padlock icon. From there you can view the site certificate. Ensure that that certificate has been issued to www.investeconline.ie

General advice for home computers


As most viruses are transmitted via attachments to emails, be very cautious when you receive emails, especially from unknown people. If you know the sender of an email but are not expecting the email, ask the sender if they meant to send it before you open any attachments. Their computer may be infected with a virus that has automatically sent itself to you. If an email “appears” to come from your internet provider or Microsoft, be very cautious. Hackers are easily able to “spoof” an email to make it look like it comes from somebody else. Microsoft never sends updates via email. Viruses (or virii) can also be transmitted via mechanisms such as MSN-Messenger, Yahoo-Chat and Kazaa. Again do not trust any files that are sent to you. Change your passwords regularly and do not use words like your pet's name, partner/children's name or your hobby– (they are all easy to guess). Install a personal firewall (see firewall section) and have an up-to-date anti-virus program to capture any viral programs that may be sent to you. Keep your computer updated (Microsoft Windows has numerous security bugs, which Microsoft issues fixes or patches for). Go to Microsoft updates and keep automatic updates enabled. If you receive an unwanted email saying “reply to unsubscribe”, ignore this. The sender often uses this to confirm your email address is valid – and send you more emails.

Protect yourself against viruses


The most common way to receive a virus is via an attachment to an email. Attachments may appear to be word documents, spreadsheets or pictures but often contain malicious viruses. We scan all emails using multiple anti-virus products to ensure they are not infected. If you use email at home, you should use an anti-virus product to protect yourself. There are many anti-virus products and some are available for home users free of charge.

• www.mcafee.com
• www.symantec.com
• www.grisoft.com
• www.bitdefender.com

With any anti-virus product, it is important to keep it up to date to protect against new viruses that are released. At present, the hacking community release at least one new virus every day. Most commercial products (e.g. McAfee and Symantec) have a mechanism to update themselves automatically. The free products normally need to be updated manually.

Install a firewall


Hackers also infect home computers by connecting to the computer while you are surfing the internet. The best way to protect your computer from unauthorised connections from the internet is to install a personal firewall or use a firewall built into the operating system There are several options on the market, again some free, some commercial. The commercial options are, however, not necessarily better.

• www.mcafee.com
• www.symantec.com
• www.blackice.iss.net
• www.zonelabs.com
• www.sygate.com

The firewall sits between your computer and the internet and acts as a security guard, restricting what can enter and leave your PC. At first, the firewall may ask you what you want to allow in or out, but soon learns to make these decisions independently. The most important point is never to allow anyone from the internet to connect to your computer.

Clean up your machine


Once you have installed an anti-virus and a firewall, you are able to use certain products to clean your computer and remove any spy programs that have been installed. Various websites use small programs to track your activity, and use the information to target you with advertisements. Ad-aware (from http://www.lavasoft.de/) or Spybot S&D from http://www.safernetworking.org/ (removes all the tracking programs and cookies, restoring your privacy.
If your computer has been infected in the past, hackers often install backdoors (or Trojans) to allow them to take over your machine again. The Cleaner (from www.moosoft.com) detects and removes all known Trojans. This is a commercial product (US$30) but you are able to download a free trial. Finally go to www.grc.com and follow the “shields up” links to see how your machine looks from the internet. This site scans your computer to show you how hackers see your PC. This shows how vulnerable you are if you do not have a firewall installed.

In summary


• Install an anti-virus program
• Install a firewall
• Clean up and remove all the spyware that hackers could have installed

Get safe online


For further information on safe use of the internet please follow the link below
http://www.getsafeonline.org

This document is meant for general education purposes only and does not reflect Investec’s recommendation or support of any specific product or service. Unfortunately Investec cinvannot provide support for your home or personal computers.