Computer

How to protect a computer

Do not login to the computer as an administrator, unless it is necessary. Malware can cause enormous damage on the administrator's account. Login to your computer as a common user.

An antivirus program is fundamental, no discussion. An antivirus program can detect malware but also software applications which appear legitimate, but contain a harmful code. If the antivirus program informs you that the website is infected, do not ever open it. Always observe the instructions of the antivirus software.

Update antivirus software. A non-updated antivirus program will not protect your sufficiently, as it is not able to detect new types of viruses which are created every day and are more and more sophisticated.

Check your computer regularly by running the antivirus program. We recommend checking all contents of your computer at regular intervals (e.g. once a week). Checks may also be automatic.

Do not download contents from the Internet illegally.Attackers love using attractive films or music which they disseminate for free via the online storage services. And they often add a virus to the package.

Use only a legal version of the operation system. Legally acquired software is, besides other things, provided with updates supplied directly by the producer. Non-updated software is not able to prevent attacks of new viruses, nor is it able to protect sensitive data.

How to protect your internet banking certificate

Více

How to protect your internet banking certificate

The certificate is the key to the bank. It must be protected in the same way as the keys to your flat or car.

Use the certificate only on the computer you know. If you have to use a computer you do not know, use anonymous browsing (the browser does not store any data about you to the history), one-time browsing (link to Help?), or after you log out from the internet banking, delete the history of browsing.

Set a strong password for your certificate. The password should have at least 8 characters. It must not be a word that has any meaning Attackers decipher passwords using dictionaries and they are able to quickly decipher any word they may contain. You may increase the intensity of your password using numbers and other characters, such as punctuation or a combination of lower and upper case letters.

Back-up the certificate. Save your certificate as a file with the suffix *.p12 in safe storage, e.g. in a personal USB disk. Then delete the file from your computer. Never save your certificate to shared internet storage sites (e.g. www.ulozto.cz). Keep your USB in a safe place.

How to protect your passwords and PINs

Never disclose your password and PIN. Never. To nobody. Neither bank, nor police or the closest family member has any right to know such data.

Do not record your password or PIN anywhere. If you write your password or PIN anywhere, you risk that somebody will find this note and misuse the data. The same error is to save the PIN and password to your mobile phone. Simply remember the PIN and all passwords and destroy all documents (the envelope with the assigned PIN).

Overview of threats

Hacker Attack

What risks lurk behind the internet?

The goal of scammers is to smuggle malware into your computer or telephone. Thanks to that they may acquire sensitive data (certificate, password, PIN, data on payment card) which they then trade and use for stealing money from your account. Their methods are not technically sophisticated, exactly the opposite. They mainly try to confuse the user and win his trust. What should you be careful about?

It has happened. What now?

Did you open a harmful attachment or respond to an e‑mail or enter your password or a card number?

Contact your bank immediately and block your bank card. Client Bank Card Helpline of Komerční banka: +420 955 512 230.
Clean your computer and change all the passwords for the services you use.
For mobiles, perform factory reset or contact the manufacturer's service line.

Harmful attachments

You received an e‑mail with an attachment in PDF file format for downloading. Although the attachment sounds trustworthy, its extension is different. Beware! If a file masquerades as PDF, but it ends with the extension .exe, it may be malware!

What to do? Always pay attention to the extension of attachments. Do not open suspicious attachments and delete the e‑mail.

Illegal software and media

Attackers know what people like. New music, films, games, handy software applications, and preferably immediately and for free! This is what they offer to people and as a bonus they add a virus to the package.

What to do? To have the new Hollywood blockbuster absolutely for free and watch it today is very tempting, but nonetheless we recommend that you not to succumb and not to download illegal content.

Social networks

On social networks we like to boast or complain about things, we insert photos of our kids, pets... in this manner we can give attackers valuable information about ourselves. Even here, the rule applies: Think twice, click once!

What to do? Never disclose sensitive data, such as passwords or PINs on social networks.
Be careful about who you add as your friends.
Protect your privacy and carefully set your profiles on all the social networks you use.

Found USB disks or CDs

You have found a nice USB key pouch in the café. What do you do? If you immediately insert it into your notebook to examine it, you are making a grave mistake! Attackers try their luck and bet on human curiosity!

What to do? If you do not know the legitimate owner of the USB or CD, it's better not to insert it into your PC at all.

Phishing

Fraudulent e-mails or payment gates!

Phishing is a very insidious technique of scammers who want only one thing from you – your bank card number or access data to your internet banking. They can attack you on different sites on the Internet, they often masquerade as legit on-line payment gates or your bank's website. It is a scam!

It has happened. What now?

Somewhere you entered the number of your bank card or the password to your internet banking and you are not sure if it is not a fraud?

Contact your bank immediately and block your bank card. Client Bank Card Helpline of Komerční banka: +420 955 512 230.
Clean your computer and change all the passwords for services you use.
For mobiles, perform factory reset or contact the manufacturer's service line.

Scam e‑mails

Attackers disguise e‑mails as official communications from a bank or other institution (governmental authorities, telephone service providers etc.). But mostly there is something wrong about them:

The message may contain grammatical errors, and strange sentence structures. Bank and office employees, however, always stick to grammatical rules!
The e‑mail contains a fabricated reason why you should immediately enter the number of your bank card or password to internet banking. However, banks do not under any circumstances request such data from you!

What to do? Do not fill in the data about the card, do not click and delete such an e‑mail immediately!

Social networks

On social networks a "friend" can ask you for a small friendly loan which you can provide via your bank card. After you click the attached link, a website will open which will appear as a legitimate payment gate. Just enter your bank card data and that's all! Your bank card is in the hands of con artists!

Fraudulent payment gate

Secured payment gate

What to do? Never respond to similar requests.
Be careful about who you add as your friends.
Protect your privacy and carefully set your profiles on all the social networks that you use.
Generally, rely on verified payment gates only.

Internet

Various websites, typically websites of betting and gaming companies (e.g. SYNOTTIP, FORTUNA, BWIN), often include an attractive advertisement, such as: "Register your bank card and obtain super bonuses". Stay alert! Although the advertisement may look trustworthy, it is a typical example of phishing.

Sample of fraudulent website

What to do? Never enter any bank card data.

What to do if...

...I have a suspicion that the website which purports to be internet banking is not internet banking at all?

Check the address bar in the browser if the internet address of internet banking is correct. Click the lock icon and information about the certificate which protects secure connection will appear. Komerční banka uses a "verified certificate" for internet banking, you can see information about the certificate in the detail.

Information about the certificate

If you are on a fake website, never ever enter sensitive data.

...I have my certificate stored in the browser, is it somehow possible to delete it? E.g. in the case of sale of the computer, if it is sent to a repair shop etc.?

A certificate can be deleted using the function on the login page of internet banking, when you click the icon Remove in the Certificate Administration. However, the certificate will remain valid, it is only deleted from the relevant computer. It may remain on your computer as a back-up or it is inserted in other browsers on the computer. You can also remove the certificate by deleting temporary internet files, i.e. history deletion.

...I want my computer secured?

Use solely legal and updated software. Set an access password on your computer and never work with administrator rights, unless it is absolutely necessary, e.g. for the installation of antivirus software. Never install unknown or illegally acquired software, it can often been a source of infection. Use antivirus software applications. Komerční banka provides its clients with a plug-in to Trusteer Rapport antivirus software which provides efficient protection against misuse of your personal data and from dangerous fake websites (phishing).