Security Home Page

Together we are strong!

At ProCredit, the containment of and avoidance of cyber attacks is one of our highest priorities. By investing in the latest technology and implementing regular technical controls, we ensure that our clients’ online banking information is protected and secure. In addition, we provide our clients with detailed information and tips on how to stay safe when doing online banking to prevent them from becoming fraud victims.

We implement technical and organisational measures that ensure the highest possible level of security in order to protect our clients and their data.

Infrastructure

• Employing the latest technologies to detect and prevent cyber intrusions, e.g.:
  Implementing controls that prevent unauthorised access by individuals or networks (firewalls, intrusion prevention systems, data encryption at rest, etc.).
• Protecting the connection between the client’s device(s) and our applications by means of Secure Socket Layer (SSL) encryption, for example when a client is logging in, filling out an application, or registering for online services.

E-banking

• Payment authorisations are protected by Multi-Factor Authentication for every transaction initiated from a Business Current Account.
• Automatic logout of a client’s online banking session after a period of inactivity of 5 minutes to prevent unauthorised use of the client’s account by third parties.
• Monitoring activities for potentially fraudulent activity.
• E-Banking access is automatically blocked after five incorrect PIN entries.

You can also block access to your e-Banking account yourself online by going to “My control panel/Settings” and entering your current e-Banking PIN.

Note: Unblocking is only possible via submission of a written request to the bank to reinstate e-Banking access.

Remember:

• Keep your current contact details up to date with the bank so that we can contact you.
• Contact the bank immediately if your account has been accessed without your consent or if you lose your PIN.

Any organisation or individual can be a victim of cyber criminals: they are becoming increasingly sophisticated in their attempts to lure people into clicking suspicious links, downloading email attachments, or connecting with them on social media, which are often used as gateways to stealing sensitive information.

To make sure that your online banking information is highly protected, there are a number of measures you can take to shield yourself from common types of cyber attacks.

Effective passwords

Prevention is crucial when it comes to identity theft. For this reason, strong password combinations are highly recommended. Here are some suggestions for creating safer and stronger passwords:

• Select passwords which cannot easily be guessed. Avoid using last names, birthdates or anniversaries, or common nicknames, and avoid using the same password for multiple websites.
• Do not write down and post user IDs, passwords or other sensitive information where they can easily be seen by others.
• Change your passwords frequently and do not share user IDs or passwords with anyone else, not even with family members.

Keep your device secure and your software up to date

• Use anti-virus and anti-malware software, and keep it current.
• Ensure that your device’s operating system and software is updated on a regular basis.
• Scan any software downloaded from the internet for viruses before installing it.
• Think carefully before removing any security controls from your mobile device, as doing so can weaken the security of your device and expose you to additional risks.

Social engineering attacks and prevention tips

A social engineering attack is an attempt to trick someone – via social media – into revealing sensitive information (e.g. a password) or downloading and executing files that appear to be benign but are actually malicious. To do this, the hackers may contact individuals or even attempt to strike up a friendship on social media so as to gain their confidence and trust. Once the information has been stolen it can be used to commit fraud and attack systems or networks.

Remember: If you have doubts about the validity of an email, text or phone call that seems to come from ProCredit Bank and/or if you think that you may have disclosed confidential information, please report it to us immediately by calling the following number [+49 69 719 129-100] or emailing us at deu.kundenservice@procredit-group.com.

Criminals use a variety of social engineering attacks to steal information, such as:

Phishing

Phishing is a technique in which fraudsters attempt to acquire sensitive information by masquerading as a legitimate business or reputable person in an electronic communication, such as email, text messages (SMS), phone calls, or instant messages. Often they will present a link or an attachment that looks like a valid, trusted resource, but which is actually a malicious site that will steal and record any information you enter into it, such as your password.

Here are some tips on how you can protect yourself:

• Always type the bank’s website into your browser or use bookmarks rather than clicking links contained in messages, even if you feel the message is legitimate.
• Banks will never email you to request that you “confirm” or “update” your password or any personal information by clicking on a link and visiting a website.
• Try to independently verify any details given in the message directly with the company.
• Treat all unsolicited messages with caution, and never click on links in such messages to visit unknown websites.
• Phishing emails usually have some sense of urgency or authority involved. Be sure to check for misspellings, incorrect company logos, or strange-looking email addresses.
• Utilise an email SPAM filter to help prevent phishing emails from being delivered in the first place.

Remember: Never disclose your personal information, including banking information (e.g. password, PIN, etc.). For security purposes, ProCredit Bank will never ask you for this information via phone or email.

Website spoofing

Criminals use website spoofing techniques to make a fraudulent website look exactly like a legitimate website. The purpose is to make people believe that they are interacting with a trusted legitimate company or person, and then misleading them into sharing sensitive information or dropping malware into their computers.

Here are some tips on how you can protect yourself:

• Be alert: Look carefully at the web address (URL) of websites. A website may look legitimate, but the URL may use a variant spelling or a different domain.
• Ensure that there is a padlock symbol before the URL. Websites that are legitimate have a padlock symbol or green bar to the left of the website URL address to indicate a secure website.
• Do not click links on social networking sites, pop-up windows, or non-trusted websites. Links can take you to a different website than their labels indicate. Typing an address into your browser is a safer practice.
• Only give sensitive information to websites using a secure connection. Be sure to verify that the web address begins with https:// (the “s” stands for “secure”) rather than just http://.
• You can check the Security Certificate of the ProCredit Bank website by clicking on the padlock that appears in your browser. Avoid using websites when your browser displays certificate errors or warnings.

Remember: Never log on to your online banking account by clicking on a link in an email. Always access internet banking by typing the bank’s address into your browser or use bookmarks. When in doubt, contact ProCredit Bank at: deu.kundenservice@procredit-group.com

Don’t let your guard down!

Locking your mobile device
Protect your smartphone or tablet device just as you would protect your computer.
Protect your digital wallet by using a passcode, fingerprint or facial recognition to unlock your phone screen.

Monitor your account activity
Check your account activity frequently to detect fraud at an early stage. We advise you to check your e-Banking account on a weekly basis. Report any suspicious or fraudulent activity to ProCredit Bank immediately.

Bank smart when on the move
Avoid using mobile banking or sending sensitive emails or texts over public or unsecured Wi-Fi networks.

Be extra careful if you are using a device that is not your personal device and over which you have no control. ProCredit Bank advises you to avoid using such devices since you never know if these devices have any malicious monitoring programs installed on them.

Clear your cache regularly
It is a best practice for you to delete all the information stored on your computer after an online banking session. Every time you access the internet, your browser automatically saves a copy of the web pages you have visited or the passwords you have provided to websites. Please refer to your browser’s documentation on memory/disk caching.

Additional proactive measures:

• Download apps only from official app stores: Apple iTunes and Google Play Store. Downloading free apps from unofficial or unknown sources could lead your device to become infected with a virus.
• Make sure that you always follow your bank’s terms and conditions.
• Be distrustful if any suspicious or unexpected pop-ups appear during an online banking session. -When in doubt, please contact ProCredit Bank directly.
• Never leave your computer unattended when logged into internet banking.
• Ensure that you log out properly when you have finished an online banking session.