By acquiring access to your security details, a third party can view your account information and use it for illegal purposes. Be aware that protecting your security details is your responsibility.
What can you do to protect your security details?
- Always use the ING I-Dentity Card and ING I-Dentity Reader, or use mToken with mPIN (via Inside Business App).If you use other readers, your (m)PIN may be retrieved and misused.
- Your (m)PIN is strictly confidential and for personal use only. ING employees will never ask for your (m)PIN via e-mail, or by telephone, text message (SMS), or otherwise. Your (m)PIN is the key to your account. Never disclose your (m)PIN to others!
- Never write down your user ID and (m)PIN. Make sure nobody is watching when you key in your (m)PIN or your user ID on the screen.
- If you have lost your ING I-Dentity card, and/or your smartphone with the IB App installed on it, or if you suspect a third party knows your (m)PIN, please inform ING immediately to prevent misuse. To report theft or loss, you can contact your helpdesk, or contact the 24/7 available security desk Alarm and Communication Centre ING +31(0)88 464 2224 (local rate / for InsideBusiness users).
Phishing: be suspicious of a fraudster’s attempt to acquire your security credentials
A phishing attack is an online fraud technique used by criminals which involves sending official-looking e-mail messages with return addresses, links and branding that all appear to come from legitimate banks, retailers, credit card companies, etc. Such e-mails typically contain a hyperlink or QR code to a malicious website and mislead account holders to enter user ID and security details under the pretence that security details must be updated or changed or in order to prevent blocking of your bank account. Your (personal) information and credentials can be used to steal account information or create fraudulent transactions. Never click on the hyperlinks in such e-mails.
It is important that you remain suspicious of anyone asking for your security or account information. ING staff will never enquire after your security credentials by any means. Never give your security credentials to others!
Be careful when using the internet
More and more often criminals use internet websites to persuade you into revealing confidential information, or to tempt you into downloading and running malicious software. Always be aware of this risk when you are working on the internet. Any file you download from the internet may be infected by a virus, even if it is just a funny movie, a nice picture or a good PDF paper or article. Starting downloaded executables and so-called freeware may compromise the security of your computer. Never install software that you have downloaded or received via e-mail unless you are certain of its origin and integrity. In case of doubt, contact your system administrator or IT helpdesk.
Starting and closing ING internet banking services
Starting ING internet banking:
- Check the URL in the address bar of your browser. This should say: https://insidebusiness.ingwb.com or www.ingwb.com/insidebusiness-trade. If this is not the case, do not continue; you do not have a secure connection with ING. Please contact ING’s helpdesk.
- Once you are logged in, check whether the displayed last login date and time is in line with your actual last login. Any discrepancy in this is an indication of fraudulent use of your credentials and must be reported to the bank immediately.
- Click on the 'closed padlock’ icon in the address bar of your browser. Information on the secure connection should be shown. Check whether the Secure Socket Layer (SSL) certificate has been issued to ING.
Ending an internet banking session:
- When you are finished with your banking activities, always close the active session properly by clicking on ‘Log out’. Otherwise your connection is still active and can be misused.
- If you have downloaded and/or opened a document, a copy will have been stored on your hard disk. Make sure you clear your browser cache afterwards.
- Close all browser windows.
- Remove your ING I-Dentity Card from your ING I-Dentity Reader immediately after closing ING internet banking. Store it in a safe place to prevent any potential misuse.
Do not leave your computer unattended
If you leave your computer unattended while you are logged in to ING internet banking, others can take advantage of the situation. Do not leave your computer unattended, or lock your computer if you leave your desk.
Check before you sign a transaction
Check the amount and beneficiary of the transaction before authorising. If you process a large number of transactions via ING internet banking, we recommend the use of an accounting or ERP system. Within ING internet banking applications, the validity of the transactions can be verified by using the ‘hash check’ functionality. When authorising your order, you can check if it has been modified in ING internet banking. You can request a so called ‘hash check’ when importing transactions. This is an extra method of checking whether your file was modified (the check provides no guarantee). You can contact your helpdesk if you need more support with using this functionality.
Prompt checking of correspondence
Always check news, advice and recommendations sent to you by the channel and immediately notify the bank for any discrepancies.