Basic safety rules
Create strong password
Your password shouldn't be easy to guess or decipher by special programs. Avoid names, surnames, simple words or a string of characters like "12345". The strongest passwords are those that:
- contain more than 8 characters
- are a combination of uppercase and lowercase letters, as well as numbers and symbols.
Do not enter full password
When you are logging into online banking, enter only the characters requested by the system. At one login attempt, you will always receive a certain set of characters – e.g. if you make a mistake and the system will ask you to re-enter the password – the characters sequence will be the same as in the first attempt. This is how it may look:
If you are asked to re-enter your password, make sure both attempts look the same. Do not enter it, if you are asked for a different set of characters in the second attempt. Cybercriminals may want to obtain your login and password. How it may look:
Keep your password only for yourself - we will never ask you for the full password!
Beware of false security certificates
Do not install additional security measures, such as e-security certificates.
When you receive a software download request, e.g. on your mobile – contact the bank. It is a fraud attempt!
By installing the certificate, your phone will get infected. In the installation process, cybercriminals ask for your consent e.g. to viewing and sending text messages. This is how they get access to authorisation codes sent by the bank in text messages, which ultimately means access to your money.
How to stay safe while mobile banking
- Update the operating system in your mobile and Moje ING mobile application. The updates often concern the system and application security and protect them from the appearing threats.
- Avoid public Wi-Fi hotspots. If you do use them, you should only connect with those networks, which are secured with passwords. Switch off the Wi-Fi functionality in your mobile if you do not use it.
- Log in only from your device. Logging in from a third party device is not safe as, for example, some spyware might be installed on it.
- Use QR codes wisely. QR codes from unknown sources may contain malware, so before you scan them make sure they come from a trusted source.
- Beware of false text messages and e-mails. We do not send text messages with links to anti-virus software, updates or any other software whatsoever. Remember to carefully read the authorisation text messages. Check correctness of the transaction data (account number and amount).
- Set a limit for online transactions. You can do it in “Data and settings” in the tab “Security”. It will make stealing bigger amounts of money impossible.
How to stay safe while online banking
- Keep your system updated. This is necessary because of detected vulnerabilities that can be a threat to your computer.
- Use a firewall. The firewall works by controlling and restricting incoming and outgoing network connections.
- Use an anti-virus program. Anti-virus programs scan files on disk. If an infection is detected, the suspicious file is deleted or quarantined.
How to secure your payment card
- Don't give your PIN number to anyone and don't keep it in the same place as your card
- Enable push notifications about transactions in the Moje ING app
- Adjust transaction limits for payments in stores, online and abroad
- Block the card temporarily if something worries you
What is phising and smishing
Scammers want obtain data with which they can log into your banking account:
- SMS code
- phone number for authorization
- PESEL number
- data that verifies you at the bank's helpline, such as the number of currency accounts you have.
How to protect yourself
- Never disclose your login, password or authorization codes to anyone. Only give them out when you log in to Moje ING online and mobile banking or make transfers that require authorization, such as when you call our helpline and we need to verify you.
- Use common sense. Treat with detachment all emails, text messages and phone calls in which someone asks you for your personal data, PIN code or password.
- Follow the other security rules.
What is vishing
This is phishing for confidential data using a telephone call. The criminal impersonates trustworthy individuals or institutions. It is a type of attack based on social engineering. It has its basis in phishing. The name Vishing is a combination of words from the phrase "voice phishing".
How to protect yourself
- If you doubt whether you are actually talking to a bank employee, do not give any of your information. Hang up and call us at +48 32 357 00 69.
- Use common sense. Treat with detachment all emails, text messages and phone calls in which someone asks you for your personal information, PIN code or password.
- Remember, do not use the number provided by the person who calls you. Go to the website of the company or institution and find the phone number there.
How spyware programs work
Adware and spyware applications are computer programs that collect data about you in such a way that you don't notice it. They can also allow fraudsters to view the data you enter: login, password, payment card numbers, etc.
How to protect yourself
- Use antivirus software
- Secure your computer
- Don't plug in devices of unknown origin, such as USB drives
- Follow the rules of safe banking
- If your computer is used by other household members - tell them about the dangers.
How malicious apps work
A malicious app, can intercept your sensitive data - logins, passwords, PIN codes. A fraudster can use it to intercept even your SMS messages - including those with authorization codes from your bank, and can also see you through your webcam.
With the help of such apps, thieves can disable your phone or show you various messages, such as that the operating system is about to be updated.
How to protect yourself
- Get a good anti-virus program on your phone
- Download apps and updates from certified stores, e.g. App Store, Google Play
- If you receive an email or SMS with a link to download an update - don't click on the link. Go to the certified store and check there if an update is available
- Pay attention to the description of the app in the store. When installing and updating, read the contents and messages that the app asks you for
- Follow the rules for safe banking on your phone
Your transfer order is individually analysed by our security systems. After a quick analysis we assess how to authorise the transaction and if your authorisation is necessary.
- PIN authorization
- Mobile authorization
- One time SMS code.
Additional protection against cyber fraudsters
We create your behavioral profile based on how you use our online banking or application. Later, our systems compare your banking behavior with your behavioral profile. If our systems detect worrying differences between the two - that is, they suspect that it is not you, but someone else who has logged into your banking or is using your app on your phone - they will trigger additional security measures (such as identity verification or additional authorization).
In this way, we strengthen the security of your money.
3D Secure - extra protection for your online payments
- Secure card payments online
- Confirmation of transactions in Moje ING mobile app
- For all our debit, prepaid and credit cards
- You use 3D Secure at online stores marked with Verified by Visa or Mastercard SecureCode.