Security

1. Use different passwords for different systems. Your Ancoria online banking password should not be used for another online service.
2. Do not be tempted to use a password that can easily be guessed such as your name, children’s names or birth dates.
3. Use a mixture of numbers, symbols and letters of upper and lower case to strengthen your password.
4. Never share your security details with a third party, not even Ancoria Bank. The Bank will never ask you to disclose security details. It is important to keep your account and security details safe.

Social engineering refers to the manipulation of individuals to gain unauthorized access to computer systems, networks, or sensitive information. It involves exploiting human psychology, trust, and interaction rather than relying solely on technical means. Attackers may impersonate trustworthy individuals, such as technical support personnel, or other trusted parties in order to deceive their victims and manipulate them into divulging sensitive information, such as online and email passwords, banking account details, other personal information, or performing actions that compromise security. Popular Social Engineering techniques are Phishing (email), Smishing (SMS) and Vishing (phone). More information about these you can find below.

Tips:

• Take notice of any unusual behavior where:
• • Immediate action or assistance is require.
  • An offer too good to be true.
  • Asking for personal information.
• If you receive an urgent request for funds from a friend, give them a call and confirm the request.
• Always verify the legitimacy of such requests by independently contacting your bank through official channels.
•  

Criminals use fake emails and fake websites to trick you into giving away your passwords and bank details. For example, they might send you an email that looks like it comes from us and it might contain a link to a website that looks like Ancoria Bank online banking. When you try to log on, they can steal your password. This is called phishing. Be suspicious of any email that creates a sense of urgency, has bad spelling or contains attachments.

Tip: If you are unsure whether an email request is legitimate, check with us first. Never use links in an email to connect to a website unless you are absolutely sure they are authentic. Instead, open a new browser window and type the link directly into the address bar.
Forward suspicious emails claiming to be from Ancoria Bank to info@ancoriabank.com.

Smishing is a type of fraud that occurs through text messages (SMSs). Similar to phishing, fraudsters send text messages pretending to be from your bank or another trusted entity, asking to provide personal information or click on malicious links.

Tip: Be wary of unexpected messages and avoid sharing sensitive data through text messages. Ancoria Bank will never send text messages containing links.

This involves an attempt over the phone by a fraudster to lure you into surrendering private information that will be used for identity theft and financial crime. The fraudster usually pretends to be bank staff or other legitimate business.

Tip: Be wary of unsolicited approaches by phone, especially if asked to provide any of your personal information. Ancoria Bank will never call you to ask for your online security details (e.g. password).

Malicious software such as a virus or trojan, that installs on your computer without your knowledge, attempting to steal personal information such as your online banking login details.

Tip: Protect your computer by installing security software, such as antivirus, that is always kept up to date, and run regular scans and system updates.

A fraud that occurs when a business receives a fraudulent email claiming to be from an existing supplier, advising of new bank details for payment. This information is usually associated with an unpaid invoice that the fraudster may have found on the victim’s computer or it was created from scratch with characteristics collected from a real invoice.

Tips:

• Be careful with changes. Always verify any request to change account details by calling the supplier directly using the contact details you already have verified, not the ones in the request. If your supplier is from one country but you receive a change of account to another country be very suspicious. Something is definitely not right.
• Treat all requests as suspicious. Be wary of requests from suppliers to change contact details, like phone numbers.
• Don’t rush. Don’t change any details until you’re sure the request is genuine, even if it seems urgent.
• Confirm payments. After making a payment, check with the recipient to make sure they received it.

The One Time Password (OTP) is the unique code that is sent to your mobile and acts as a once-off authorization password when performing particular transactions on myAncoria, such as funds transfers or online registration. OTP fraud involves scammers tricking you into revealing your unique code by contacting you by phone or sending you an SMS, claiming that they represent the Bank.

Tips:

• Never share your OTP with anyone. Just like with passwords, the Bank will never ask for your OTP.
• Double-check before entering the OTP by examining the website address (for web) or the legitimacy of the app (for app on your mobile). myAncoria on the web is: https://my.ancoriabank.com/ and the official myAncoria app can be downloaded from Google Play (Android) or Apple Store (iOS) or Huawei App Gallery only.
• Report any suspicious activity to the Bank.

A romance scam is a type of fraud where criminals create fake profiles on dating websites, social media, or other platforms, to establish romantic relationships with victims. Once trust and emotional connections are built, the scammer manipulates the victim into sending money or sharing personal information.

Common signs of romance scammers:

• They express strong, often intimate emotions.
• They claim to need money for emergencies, such as hospital bills, to start-up a new business or travel to visit you.
• They try to convince you to continue communicating through personal email or instant messaging.
• They plan to visit you, but always postpone because of some “emergency”.