|
If you receive
messages requesting information or giving instructions to visit a website,
install software or follow a procedure, ignore them and report it immediately
to the BCR at telephone number 2284-6600 from the Customer Service Center
or at email: ServiciosBancaElectronica@bancobcr.com.
- Protect yourself from Phishing (false messages): See
- Beware of Spyware (spy software):
See
- Do not be deceived by the "Social
Engineering": See
|
1- Beware of false sites, calls and text
messages ("Phishing", "Vishing",
"Smishing").
"PHISHING" is the creation of fake sites on the
Internet (identical copies of an actual site). It sends users an email claiming to be a related
company, such as, your bank with a threatening or motivating messages:
" Your
login has expired, please login and change your password: if you do not, the
BCR is not responsible."
" You have been
included in the "one million colones"
contest; please, enter and activate your participation."
E-mail message includes a link to
"click", which takes users to the false site.
Another way is to create identical sites with similar addresses instead
of www.bancobcr.com,
as: www.bancbcr
(note the lack of the "o" in Bancbcr) or www.bancodecostarica.com; this in
hopes that the user mistakenly types these addresses, accessing the fake site in
which your password is captured.
Besides fake sites, scammers
use other two deceiving techniques known as "Dishing" and "Smashing" which consist
of making phone calls or sending text messages to request and convince users
to hand over confidential information such as account number, PIN, access
key, security code and others with which they can carry out fraud.
Precautions:
- The BCR electronic banking website is www.bancobcr.com.
- When you enter the site, type the address in the Internet browser, and verify it is well typed.
- Never click on a link received by email.
- Never give anyone confidential information such as account number, PIN,
access key, security code, neither by phone, text messaging, fax, in person, or by any other means; there is no justification for someone to request this information. The BCR will NEVER ask for this information.
- Keep an updated record of your accesses to the Virtual Office/Online Branch
(access log), and each time you access it check date and time of the last
connection in order to detect unauthorized access.
How to act?
If you
mistakenly entered a fake site or gave your password, enter the official site
of the BCR and block the user by entering the password incorrectly more than
3 times.
If in
addition to the password you gave your PIN number or other information,
immediately call the BCR and request blocking and cancelling your card since
with that information someone may get access online again, even if you have
locked your account.
If there is any suspicion, please call the Customer Service Center
Telephone 2284-6600 (24 hours)
Up
2- Beware of spy software
"Spyware".
Spyware
is a system distributed over the Internet, it installs in user computer
without their consent, and can read information stored in it and send it via
Internet to websites controlled by unscrupulous people.
It
captures information such as passwords to be sent to someone on the Internet.
How the
software can be installed without the knowledge or consent of the customer?
The software works like a computer virus, can be received in an email,
acquired by accessing a website, or when installing free software that
apparently performs a function and actually does another.
Precautions:
- Do not perform banking transactions from public access computers, such as
Internet cafes, restaurants,
libraries, airports,
or others, if you are unsure that they have adequate security systems.
- Install on your computer an antivirus and spyware system, and keep it updated.
- Install a personal
Firewall or intrusion
detection and prevention system. If your computer has Windows XP operating
system; it already has a basic system that can be activated. To learn how to do it, you can review the following guides:
In English:
http://www.microsoft.com/windowsxp/using/networking/learnmore/icf.mspx
- Avoid downloading systems or applications of doubtful origin, such as free
software with mass mailings.
- Avoid entering unknown sites or dedicated sites to prohibited activities (pornography, hacking, etc).
- Do not open mail attachments received from unknown persons or known ones that you did not expect.
Up
3- Do not be deceived by the "Social
Engineering ".
Social
Engineering is a form of deception used by people with a high degree of convicing techniques; they select and study a victim
(home, work, family, tastes, and preferences) to convince them to provide
information.
Features:
- These people have the natural gift of persuasion.
- They pose as Bank employees who are conducting a survey or offer prizes.
- They will give you personal details of your accounts and numbers.
- They pose as a Manager,
or Chief Executive.
- They dress very elegant.
- They report be referred by another employee.
- Try to
make friends, they are friendly, to get more information.
Precautions:
- BEWARE.
- Do not release information or perform procedures under pressure.
- Follow procedures.
Do not offer yourself to open banking accounts for third parties, or
lend your accounts to make transfers that are not strictly personal; you may
be cooperating in the commission of a crime.
REMEMBER:
The BCR will
never ask you by email, telephone, mailing, or personally personal
data, passwords, or confidential numbers that are secret and only for personal
use.
Up
|
