團險專區 > 網路安全

Background
As a global financial institution, ING is always concerned about security. The growth of the Internet has offered greater flexibility for all of us, but it also brings new risks that we must be aware of and guarded against. ING provides the following general information to address any concerns that you may have around online security.
ING makes every effort to provide optimal security of your data and of all transactions; for us protecting our clients is just good business. However hard we work there are risks online, and you can take some action to protect yourself. Here we provide some information to help you.

  1. Latest key security issues
  2. ING’s standard practices
  3. Verifying websites
  4. Protecting Yourself
  5. Contact Information

Latest Key Security Issues
From time to time we will provide information on security related news items that we feel you should be aware of. These security updates will be presented on this page.


Phishing

A phishing attack is an online fraud technique which involves sending official-looking email messages with return addresses, links and branding that all appear to come from legitimate banks, retailers, credit card companies, etc. Such emails typically contain a hyperlink to a spoof website and mislead account holders to enter customer names and security details on the pretence that security details must be updated or changed. Once you give them your information it can be used on legitimate sites to take your money.

It is important that you are suspicious of emails asking for your information; see more on ING’s standard email practices below.


Advanced Fee Fraud
You may already have heard of ‘advanced fee fraud’, where emails offering large sums of money are sent to thousands of email addresses, but a modest ‘fee’ was required in order to cover legal fees, open an account or pay customs charges. Sometimes the money offered is as a result of a lottery for which you have never bought a ticket. Sometimes the money is held in an account overseas but the account owner cannot access it, they promise a percentage of the money in return for your help. In both cases various fees have to be paid.

Do not respond to these emails. They are part of a fraud and you will not receive any of the promised money.

We place this warning here because we are aware that the criminals carrying out these frauds do on occasion use the name of ING or an ING subsidiary as part of this scam.


ING’s standard practices
ING may communicate with clients by mail on occasion, so how can you tell which mails are from us, and which are fraudulent?

  • ING will address you by name in any emails.
  • ING will not embed hyperlinks in emails that take you to sites where you must enter your security information.
  • ING will never ask for you to confirm your details by email.
If clients have any doubt about any email they have received purporting to be from ING they should contact us.


Verifying Websites
Clients must be sure that the site they are entering really belongs to ING, and is a secure site; Check that your website is secure, The URL will begin with https://


If https, the secure lock icon, a small padlock will appear on the lower bar of the browser.


Click on the padlock icon to see the details of the security certificate. The certificate shows who owns the site; it should be your bank. Check that the details and validity are correct.
We work with well known certification authorities such as TWCA


If customers have any doubts about a website they should contact us.


Protect Yourself

Take care of your personal information

Your account numbers, customer Number, PIN (password), memorable date and customer identification number are the keys to your account. Never write them down, give them to anyone else or include them in an e-mail. Destroy documents containing personal information securely, and be very cautious in posting personal details to social networking sites on the internet, as criminals can use this information to commit fraud. Remember that protecting your Customer Number, PIN, passwords and security details is your responsibility.


Take care of your computer

  • Update your computer by installing the latest software and patches, to prevent hackers or viruses exploiting any known weaknesses in your computer
  • Install and update virus protection, to protect against viruses corrupting your computer and to prevent hackers installing Trojan viruses on your computer
  • Install and update anti-spyware tools.
  • Install and update personal firewalls.
  • Use only programmes from a known, trusted supplier.
  • Use password to prevent unauthorized use of your computer.
  • Disable automatic processing of email attachments in the Internet email software.
  • Always scan files by anti-virus software before executing them.

Avoid using programs which enable you to automatically get or preview files.


Beware of Spam Emails
Use a spam filter to avoid even seeing these messages.

  • Never respond to a spam message, your email address is then recorded as live and the spam will increase.
  • Should you read a spam message remember: if it sounds too good to be true, it probably is too good to be true.

Select a secure password:

  • A secure password is one that is easy for you to remember, but difficult for others to guess. Do not use plain words, birth dates, names of children or pets; these could be discovered by others.
  • A good password should contain at least eight characters to make the probability of the password being guessed sufficiently unlikely. It always helps to vary the types of characters in your passwords, making them more difficult to guess as well, i.e. using numbers, capital letters, and special characters like ~!@#$%^& and *.
  • Use different passwords for different purposes i.e. do not reuse passwords.
  • For security reason, you are advised to change the initial password after the first access. It is also advisable to change your password on a regular basis.

Keep your online section secure

  • Be cautious about accessing to your account information or performing sensitive transactions on public computers; make sure you use public computers at a reputable provider - if the PC is not properly secured, hardware and software can be modified to capture keystrokes and other data that could disclose your personal information regardless of the security provided by the website.
  • Do not open other Internet browser sessions and access other websites while you are assessing to your account information or performing sensitive transactions through the Internet.
  • Ensure that others are not looking at your keyboard over your shoulder when you enter your PIN or password, or access to your personal information. This is particularly important at public internet access locations.
  • Do not check the box that asks your computer to "remember your passwords" or use "auto complete" function of your browser. That defeats the security of passwords.
  • When you have finished with any secure online session (such as accessing to your account information), please remember to log-off and close your browser window, and clear your browser's cache files so that your personal information is not stored in the computer, particularly when using public internet access services.

Contact Information

For enquiries, or reporting on suspected phishing cases relating to ING, please call our Customer Service Center.
ING Life Insurance Company Limited       0800011686