Tips for Protecting Yourself Online

Tips for Protecting Yourself Online

Attention: open in a new window. Print

There are steps you can take to protect yourself and make sure you don’t fall prey to attempts to take your money.

In this section we give you helpful hints and tips to protect yourself online.


Top 5 tips

  1. Keep passwords, PINs and any other security information secret including covering your card PIN when using ATMs, or Internet Banking in a public place. Bank of Sydney will never ask you to provide your PIN to an Bank of Sydney staff member.
  2. Protect all your other personal information, including destroying your bank statements securely, collecting your mail promptly and not providing your details to anyone you do not trust.
  3. Keep your computer safe by having up to date security software, checking you are only using trusted sites for purchasing items and not opening emails you’re not sure about.
  4. Keep your computer browser (e.g. Internet Explorer, Firefox), and product software (Microsoft Office/Adobe flash, etc) up to date. Software providers frequently develop updates and patches to address new and developing security threats.
  5. Report anything you are suspicious of immediately, especially if you think your card has been stolen, a suspicious transaction is on your bank statement, or your mail has been accessed by someone.


When using the Internet, including Internet Banking, always try to use hard-to-guess passwords.

Passwords will only keep outsiders out if they are difficult to guess! Don't share your password, and don't use the same password in more than one place. If someone should happen to guess one of your passwords, you don't want them to be able to use it in a number of places.

Remember the 5 golden rules of passwords.

1.       Do not choose a password that is easily identified with you (for example, your date of birth, telephone number or your name or any part of it).

2.       A Bank of Sydney Internet Banking password should have a minimum of eight characters, be as meaningless as possible and use uppercase letters, lowercase letters and numbers e.g. xk28LP97.

3.       Change passwords regularly, at least every 30 days.

4.       Do not give out your password to anyone! Be wary of unsolicited calls or emails requesting personal information or card numbers. Bank of Sydney would not ask you to disclose PIN’s or password information.

5.       Do not write your password down even if it is disguised.

Care should always be taken in unknown areas such as Internet cafes and hotels. Ensure you take steps to prevent others from viewing your Customer ID or password. Also be watchful for people who may be watching you type or watching your mouse move around the screen

Let us know immediately if you believe your password has become known or used by someone else. Call us on (13 95 00) to have your password reset.


Hoax Emails

What should I do if I receive a hoax email?

1. Delete the email. If you receive a hoax email, delete the email immediately. Do not click on any links and do not open any attachments in a hoax email. Bank of Sydney will not send you an email or SMS asking you to verify or provide your account details, financial details, or login details. Bank of Sydney’s email and SMS policy is set out below.

2. Report the incident. All hoax email incidents should be reported, call us (13 95 00)

3. Scan your computer for viruses. Many hoax emails contain viruses or Trojan Horses (key logger), which are downloaded to your computer when you open any attachments or select any included links. If you have clicked on any items within the email, run a complete virus check of your computer. Bank of Sydney recommends that you perform virus scans on your computer regularly.

4. Reset your Internet Banking password. After scanning your computer and ensuring it is free of viruses or Trojans, reset your Internet Banking password.

Email and SMS policy

Bank of Sydney will not send you an email or SMS asking you to verify or provide Account Details, Financial Details, or login details for Internet Banking or Mobile Banking.

We send emails, and these often contain hyperlinks. However, if we send you an email with a hyperlink, the link will take you to a page on our website, where you can find out more before logging in, applying or downloading.


Log in through the correct site

  • Only log in to Internet Banking by using the Internet Banking Login link on the top right of our web site.
  • While bookmarking webpages is convenient, it may mean that you are not accessing the most up to date page. Remember to manually type our website address - into your Internet browser.
  • Never access Internet Banking from a link in an email. If in doubt, contact us.
  • When using Internet Banking look for the "Closed Padlock" symbol at the bottom or top right corner of your web browser
  • When using Internet Banking, check to see that you are correctly accessing our secure site by looking at the address bar at the top of your browser. Check to see that the web address begins with "https://". Web addresses that begin with "https://" are secure sites (unsecured sites start with "http://"). ^
  • Look for the closed padlock symbol at the bottom or at the top right corner of your web browser. You can double-click the padlock symbol to view the server security certificate details.

The certificate informs your browser that the web site you are connected to is in fact our website and not a "fake" site. The closed padlock images appear below. 


Log out after using Internet Banking

Always log out completely from Internet Banking and close the browser session after you have finished.

We recommend that you do not access Internet Banking via public access computers, eg Internet cafes, universities, hotels etc.

As an additional precaution, the Internet Banking system has been set to automatically log out after 5 minutes if your banking session remains unattended.


Protecting your computer

Install a Firewall

We recommend you install a 'firewall' to protect your computer from unauthorised access over the Internet. A firewall is a software program that filters all Internet traffic between your computer and the outside world. It works to either block or permit Internet traffic to and from your computer. You can use the firewall to protect your home or business computer and any personal information it holds from offensive websites, spam and unauthenticated logins by potential hackers.

Control Spam

Spam is all unsolicited electronic mail sent out in bulk to individuals that have not consented to receive it. "Spammers" use email addresses harvested from websites or procured by various means without the owners' consent.

You can protect yourself from spam in a number of ways:

Use filters

A filter is a kind of software that sorts incoming emails and rejects those it considers spam.

Spam filters can be very useful but are not perfect. Sometimes they block genuine messages. On other occasions they fail to identify real spam. Because of this, a good approach is to divert emails that have been identified as spam to a 'spam folder'; this way you can manually review the diverted messages to check for any that are genuine.

Protect your Email Address online

Spammers have typically used two techniques for gathering email addresses: 'dictionary attacks' and 'harvesting'. 

A dictionary attack occurs where a spammer sends out bulk emails to large numbers of possible addresses in the hope of locating a real email recipient.

Harvesting refers to the process whereby a spammer finds your email address from a publicly available source, for instance where you have registered a domain name or just posted a message on a bulletin board. If you do supply your email address, try to limit the scope of subsequent communications (e.g.: by ticking a box to indicate that you do not want to receive any further offers or information).

While both of these techniques are now outlawed under the Spam Act 2003, you should still exercise caution.

Also, consider using different email addresses for different purposes. This will help to limit the amount of unwanted mail you receive to your main email address.

Protect your Email Address when publishing it on your website

If you want people to be able to get in touch with you through your website, you can limit the risk of spam by using separate, dedicated email address or setting up an online form for visitors to complete (rather than giving them your personal email address).

Update Virus/Spyware Protection

New viruses are constantly appearing; viruses range from harmless pranks that merely show an annoying message, to programs that can disable or destroy a computer altogether.

·         It's important that everyone who uses a computer is aware of proper security practices. Protect your computer with up-to-date antivirus software. You should regularly update your computer system with the latest anti-virus software.

·         Avoid opening, running, installing or using programs/files you have obtained from a person or organisation that you do not know or can't trust, especially unsolicited email containing file attachments.

·         Scan new programs/files/attachments for viruses before opening, running, installing or using them.

·         Ensure you have the latest available updates and anti-virus definitions for your anti-virus software. Unless your software is kept up to date it will quickly become ineffective at preventing virus infection.

·         You should regularly scan your computer with current anti-virus software to ensure your system is not infected by a virus.

·         Deleting cookies from your browser can help spyware related problems

Keep your computer software up to date

Virus writers and hackers look for vulnerable areas of software programs to gain unauthorised access to PCs. Publishers of software programs provide updates from time to time to solve vulnerabilities that are discovered in their programs. The publisher will normally release a security upgrade as a 'patch' to your existing program.

You should check your computer security on a regular basis and download the latest security updates. To check for updates and patches you should visit the publisher's website, typically in their 'Download' section.

Use the latest version of your Internet browser. We use 256-bit technology in data encryption to protect your personal information. To take advantage of this feature you'll need to ensure you are using the latest version of your Internet browser.

Disable Password AutoComplete settings on your Internet browser

AutoComplete functions remember your personal information and passwords.

We recommend you consider disabling the password auto completion function in your browser. For example, in Internet Explorer by clicking on Options > Internet Options. Select the Content tab, click AutoComplete and deselect the 'Use AutoComplete for user names and passwords on forms box. You can also clear any stored passwords in this section.

In addition, do not download any computer software that remembers and pre-populates any of your access details required to login to Internet Banking.


Keep track of your records

If you print or save copies of your account records or transactions, make sure these are kept in a secure location.

If you suspect that an unauthorised transaction has occurred, please contact us immediately on (13 95 00).


Shopping Online

Shopping online can be a convenient and easy way to shop, but there are also pitfalls to be aware of. To help you we’ve put together some tips for online shopping:

·         Check whether the online store you’re buying from is reputable. To do this you can ask for more information before you use them or check out what other shoppers say on review sites.

·         Never email your financial details. Email isn’t a secure way of transmitting financial information like your bank details or credit card numbers.

·         If you are making payments through an online stores’ website, look for signs that the website protects your data. You should look for a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure") on the web page where you enter your credit card or other personal information.

·         Make sure the computer you use for online shopping has the latest anti-virus software and firewall protection.

·         Keep paper copies of all online receipts, this will make it easier to check your account.