Online Security

  • Our online banking websites are encrypted to protect your information
  • They are also protected by a firewall (a barrier between the internet and our internal bank network)
  • A secure browser is needed to access account information and transact

Logging on and Timing out

When you log on to Bank of Ireland 365 online, we’ll ask you for:

  1. A private and individual User ID
  2. 3 random digits from your 365 login PIN
  3. A personal detail question

This information is encrypted and will stay private if you don’t disclose it.

  • For Business online customers, your last log on details will show when you log on. This means you’ll know if someone else has accessed your account online
  • If you’re inactive for a while, your online banking session will automatically time out

Two Factor Authentication

  • You need a Two Factor Authentication to add or edit a payee on 365 online
  • We’ll text a code to your registered mobile phone, or send via post if you prefer

Protecting your business with Bank of Ireland KeyCode

  • Business On Line uses the award-winning* Bank of Ireland KeyCode
  • KeyCode generates unique, one-off codes you can use to log on to Business On Line and authorise payments and payees
  • It replaces your logon passwords and means you don’t need a Digital Certificate or Java

Bank of Ireland KeyCode offers the following security benefits:

  • You need a secure PIN to access the KeyCode app. This One Time Code is generated per transaction and expires when used, or after 60 secondsM
  • KeyCode doesn’t store any information
  • KeyCode only works on your registered device, along with your corresponding Business On Line User ID
  • The app is registered to the individual User
  • The Business On Line Administrator can lock a User’s profile (for example, if the User go on holidays, etc.)
  • When you download KeyCode, the app works offline with no need for an internet connection

Read more about Bank of Ireland KeyCode here

Daily Control limit

  • The Administrator and your relationship manager will set a Daily Control Limit (DCL) on your Business On Line profile
  • This limit means your profile is less likely to be exposed to fraud
*Winner of ‘Best Information Security Initiatives (Corporate/Institutional)’ in Western Europe, Global Finance Best Digital Bank Awards 2017

Read about ways in which fraudsters have attempted to gain information from individuals and what you can do to help prevent yourself falling victim from these or similar scams.

  • Romance scams

    The UK has seen a rise in people falling victim to Romance scams during Lockdown. The rise comes as more people have turned to online dating during 2020 due to social distancing restrictions. The purpose of this Fraud Alert is to inform Bank of Ireland UK customers about Romance scams and how to protect yourself, your friends and family from Romance scams this Valentine’s Day.
     
    New data from UK Finance reveals a 20 per cent increase in bank transfer romance fraud between January and November 2020 compared to the previous year, with the total value of these scams rising by 12 per cent to £18.5 million. The average loss per victim reported to UK Finance members was £7,850, highlighting the significant impact this type of fraud can have on victims’ finances.
     
    What is a Romance scam?
     
    A Romance scam is when a person is duped into sending money or gifts to a fraudster because they believe they are in a genuine relationship and are sending them to their ‘partner’.
     
    Romance scams usually start with people meeting online; through dating websites or social media. Fraudsters often use fake profiles and spend a lot of time getting to know the victim to convince them that they are in a genuine relationship. Once the fraudster believes they have gained the victim’s trust they will ask for money or gifts that seem genuine; the fraudster could say they need money for emergency medical care, or to pay for travel costs if the victim lives overseas. There are numerous reasons, but the key is that money is requested, yet neither party have ever met.
     
    What to look out for
     
    When you are dating someone online, look out for the below alarm bells:

    • Requests for money or gifts from someone you have never met in person.
    • Requests for your personal data (e.g. a copy of your passport to arrange travel).
    • Does the person’s profile look genuine? You can complete a reverse image search to find if their profile picture has been taken from somewhere else.

    When your friends or family are dating someone online, look out for the below warning signs:

    • Being secretive about their relationship.
    • Sending money or gifts to someone they have never met in person.
    • Committing to someone very quickly, when they have not met in person.

    Protect yourself

    • Be cautious when providing your personal information. The more information you provide about yourself the easier it is for a fraudster to steal your identity.
    • If you notice any of the above alarm bells don’t be pressured into transferring your money, or spending your money to buy gifts.
    • Never reveal your banking information to anyone, including your account details, online banking information, card number & pin.

    No matter how long you’ve been speaking to someone online and how much you think you trust them, if you have not met them in person it’s important that you do not:

    • Send them any money
    • Allow them access to your bank account
    • Transfer money on their behalf
    • Take a loan out for them
    • Provide copies of your personal documents such as passports or driving licenses
    • Invest your own money on their behalf or on their advice
    • Purchase and send the codes on gift cards from Amazon or iTunes
    • Agree to receive and/or send parcels on their behalf (laptops, mobile phones etc.)

    We encourage you to #Take Five by following the below steps:

    • Never disclose security details, such as your PIN or full banking password
    • Don’t assume an email or phone call is authentic
    • Don’t be rushed – a genuine organisation won’t mind waiting
    • Listen to your instincts – you know if something doesn’t feel right
    • Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud
    If you think you have been a victim of a Romance scam, do not feel ashamed or embarrassed – you are not alone. Contact us immediately on:

    • Northern Ireland
      Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
      365 Online: 0345 7 365 555
    • Great Britain
      365 Online: 0345 7 365 333
    • Republic of Ireland
      365 Online: 1890 365 200/ 0818 365 365
    • Abroad
      365 Online: +44 345 7365 555

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    To report suspicious Bank of Ireland related emails or texts, send the suspicious email or text to 365security@boi.com

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • COVID-19 Vaccine Scam Alert

    The purpose of this alert is to warn Bank of Ireland UK customers of a new scam circulating where fraudsters are using the COVID-19 vaccine rollout as an opportunity to try to steal your data.

    Summary

    Bank of Ireland UK have been informed that there is a new scam text message circulating in which fraudsters are posing to be from the NHS. The text message informs the recipient that they are eligible to apply for the COVID-19 vaccine and asks them to click on a link. The link takes the recipient to a fake NHS website and prompts them to enter their bank account details (including sort code, account number and card number) to verify their address. Please remember that the NHS, or your doctor would never ask you for this type of data.

    An example of the scam text message is shown below.

    Covid Fraud Alert

    We would like to remind our customers to remain vigilant against fraud. The above image is an example of a fraudulent text message that has been sent to an individual, however fraudsters will try to trick people by sending different variations of the same scam. Fraudsters also use different means of communication, other ways fraudsters may try to contact you is by email or telephone.

    How to protect yourself

    Suspicious texts (Smishing)

    Fraudsters may send texts pretending to be from a company you trust. They target mobile users by sending texts with links to fraudulent websites to trick you into providing your online banking details or card details.

    You should never:

    • Click on or open suspicious links and attachments.
    • Use a phone number provided in the text which could be fake.
    • Respond to unsolicited text messages.
    • Share your banking details, including your full online banking PIN, or other personal information if requested via text message.

    If you have clicked on a suspicious link, call us as soon as possible on the phone numbers provided below.

     

    Suspicious emails (Phishing)

    Fraudsters sometimes send emails pretending to be from a company you trust, usually asking you to click on a link or open an attachment. The emails may seem genuine and convincing but are designed to trick you into sharing your personal information, such as your username, full PIN or credit card number. They will often make urgent threats and try to scare you into providing your details.

    You should never:

    • Click on or open suspicious links and attachments.
    • Respond to unsolicited emails.
    • Share your banking details or other personal information if requested via email.
    • Use a phone number provided in the email which could be fake.

    If you have clicked on a suspicious link, call us as soon as possible on the phone numbers provided below.

     

    Suspicious calls (Vishing)

    Fraudsters may contact you be telephone pretending to be calling from a company you trust. Be vigilant if you receive a phone call out of the blue. The fraudsters may claim that your account has been compromised and ask you for your bank card or bank account details.

    You should never:

    • Give away personal or banking information. No matter what story you are told, if it seems a bit odd or out of the blue, don’t give away your passwords, personal details or banking details.
    • Use a phone number the suspicious caller gave you.

    If you have accidentally shared your banking information over the phone and you are worried, call us as soon as possible on the phone numbers provided below. Fraudsters can stay on the line after you have finished the call, so either use a different phone to report the incident or wait a few minutes and then call someone you know first, so that you can be sure the fraudster has disconnected completely.

    Further information

    To find out more about fraudster Tactics, and what you can do to protect yourself please refer to the Fraudster tactics section of our website.

    Report Fraud

    If you suspect suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or telephone call, please contact us as soon as possible on the below contact numbers:

    Northern Ireland
    Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
    365 Online: 0345 7 365 555

    Great Britain
    365 Online: 0345 7 365 333

    Republic of Ireland
    365 Online: 1890 365 200/ 0818 365 365

    Abroad
    365 Online: +44 345 7365 555

     

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    To report suspicious Bank of Ireland related emails or texts, send the suspicious email or text to 365security@boi.com

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

     

  • People’s Energy Data Breach

     

    The purpose of this alert is to inform Bank of Ireland UK customers of the People’s Energy Data Breach.

    Summary

    Bank of Ireland UK have been advised that on 16 December 2020 People’s Energy discovered that it had a data breach. The hackers had stolen the data of approximately 270,000 current and previous customers. The data stolen included customer names, addresses, date of birth, telephone numbers, tariff and energy meter IDs. It has been reported that hackers did not obtain the financial details of these customers.

    We understand that People’s Energy has notified all of its impacted customers and any enquiries should be made directly with them.

    We would like to remind our customers to remain vigilant against fraud. Even though bank details were not stolen in this instance, customers of People’s Energy will be more vulnerable to Vishing or Phishing fraud, where the stolen details are used by the criminals to target victims and scam them into giving out their bank details.

    Suspicious calls (Vishing)

    Be vigilant if you receive a phone call out of the blue from someone claiming to be from your bank, credit card company or another company you trust. They may claim that your account has been compromised and ask you for your bank card or bank account details. Remember: Bank of Ireland UK will never ask you to transfer money out of your account.

    What to look out for:

    • Unexpected calls claiming to be from your bank, credit card company or well-known company that you trust.
    • Being asked to confirm your password, full login PIN or bank account number.
    • Urgent requests and threats.
    • Claims that your account has been compromised or there is something wrong with a payment.
    • Requests to transfer money out of your account, for example using a money transfer service.
    • The fraudster might tell you the first four digits of your card number and ask you to confirm the rest.
    • Being asked if you made a recent transaction at a well-known store, such as a supermarket. The fraudster is only guessing this information to sound more believable.
    • Claims that some payments have already been made from your account to a foreign country and that they can ‘stop’ any more going through.
    • Please note, the Bank, Police or any other genuine organisation will never ask for your help in investigating crime. If you are contacted with a similar request, please end the call immediately and call us, preferably from a different phone, to inform us of the suspicious call.

     

    Suspicious emails (Phishing)

    Fraudsters sometimes send emails pretending to be from your bank, credit card company or another company you trust, usually asking you to click on a link or open an attachment. The emails may seem genuine and convincing but are designed to trick you into sharing your personal information, such as your username, full PIN or credit card number. They will often make urgent threats and try to scare you into providing your details.

    What to look out for

    • Check for misspellings or unfamiliar sender addresses.
    • Unexpected emails which claim to come from a financial institution.
    • Urgent requests and threats.
    • Claims that your account has been compromised.
    • Requests to “Open an Attachment” or “Click a Link”.

     

    Further information

    To find out more about fraudster Tactics, and what you can do to protect yourself please refer to the Fraudster tactics section of our website.

     

    Report Fraud

    If you suspect suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or telephone call, please contact us as soon as possible on the below contact numbers:

    Northern Ireland
    Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
    365 Online: 0345 7 365 555

    Great Britain
    365 Online: 0345 7 365 333

    Republic of Ireland
    365 Online: 1890 365 200/ 0818 365 365

    Abroad
    365 Online: +44 345 7365 555

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    To report suspicious Bank of Ireland related emails or texts, send the suspicious email or text to 365security@boi.com

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

     

  • Scam phone calls and fake text messages from fraudsters pretending to be from Bank of Ireland UK (BOIUK)

    Fraudsters are contacting BOIUK customers either by phone (vishing) or by text (smishing) and gaining enough personal and bank information to make fraudulent payments from customer’s accounts.

    Scam Phone calls (Vishing)
    Fraudsters are calling BOIUK customers pretending to be from a BOIUK fraud department. They claim that your account has been compromised and ask for your personal data, bank card or bank account details.

    What you can do

    • Don’t give away personal or banking information. No matter what story you are told, if it seems a bit odd or out of the blue, don’t give away your passwords, personal details or banking details.
    • If you receive a suspicious call, hang up and don’t call back any number the caller may have given you. Remember: Bank of Ireland will never ask for your full login PIN or full banking details over the phone.
    • If you have accidentally shared your banking information over the phone and you are worried, call us immediately on one of our numbers listed below. Fraudsters can stay on the line after you have finished the call, so either use a different phone to report the incident or wait a few minutes and then call someone you know first, so that you can be sure the fraudster has disconnected completely.

    Fake Text messages (Smishing)
    Fraudsters are sending fake text messages to BOIUK customers pretending to be from us, the text messages can appear in your existing message feed with BOIUK, so they can be hard to identify. The text messages could have a link to a fake BOIUK website, or it could provide you with a fake telephone number to call. Customers are being asked to remain vigilant against fraud.

    Remember, Bank of Ireland UK will never:

    • Send you a text or email with a link directly to the login page of our online banking channels to confirm banking details or ask you to update their banking details
    • Ask you to click a link in an email with an urgent warning about suspicious activity on your account
    • Ask you to transfer money out of your account to protect you from fraud
    • Ask you to tell us any ‘one-time password’ or code that you have received from us by text
    • Ask you to share or send us your full six-digit 365 PIN, four-digit card PIN or Business On Line credentials
    • Ask you to send us back your bank card

    For more information on how to protect yourself please refer to the Protect yourself link in our website.

    Examples of smishing
    Please see below some examples of smishing

    For more smishing examples please refer to our gallery of phishing and smishing examples here.

    Report Fraud
    If you suspect suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or telephone call, please contact us as soon as possible on the below contact numbers:

    Northern Ireland
    Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
    Freephone (Business accounts): 0800 032 1288 (24 hours, 7 days a week).
    365 Online: 0345 7 365 555
    Business Online: 0345 309 8123

    Great Britain
    365 Online: 0345 7 365 333
    Business Online: 0345 309 8124

    Republic of Ireland
    365 Online: 1890 365 200/ 0818 365 365
    Business Online: 1890 818 265

    Abroad
    365 Online: +44 345 7365 555
    Business Online: +353 1 440 6445

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    Business Online Opening hours: Monday-Friday 8am-6pm. Closed Saturday, Sunday, Bank and Public holidays.

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

    To report suspicious Bank of Ireland related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com

  • Invoice Redirection Fraud (Business banking)

    We have seen an increase in Invoice Redirection fraud in 2020.

    Invoice Redirection fraud is where fraudsters pretend to be a supplier or service provider for your business in order to trick you into changing bank account payee details. They contact you to tell you that their bank account details have changed and to ask you to send all payments to a new account. This is an account controlled by the fraudster.

    What to look out for

    • The fraudsters may write to your company’s finance or payments department either on forged headed paper or by email, pretending to be one of your suppliers.
    • Typically, they tell you that their account details have changed.
    • The payee account may be located either in the UK or overseas.
    • The fraudster may ask an employee in your company to either send a pending payment to the new account or, alternatively, to ensure that all future payments are sent to the new account.

    What you can do

    If a company requests a change of payment details, always follow these simple verification steps before making payments:

    • Verify the change by contacting a known contact in the company directly, using contact details held on record, or by using a phone number displayed on the company’s website. Links or contact details contained in the email or letter requesting the change could be fraudulent. Don’t use them.
    • Fraudsters may change an email address to make it look as though it has come from someone you are used to dealing with. Always check email addresses carefully.
    • Regularly review supplier records to ensure they are up to date.
    • Ensure that your employees are aware of this type of threat and how to avoid it.
    • Contact us immediately if you receive a suspicious email or letter relating to payments or the Police if you think you have been the victim of fraud.

    We encourage you to Take Five by following the below steps:

    1. Never disclose security details, such as your PIN or full banking password
    2. Don’t assume an email or phone call is authentic
    3. Don’t be rushed – a genuine organisation won’t mind waiting
    4. Listen to your instincts – you know if something doesn’t feel right
    5. Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud

    To report online fraud, suspicious activity on your account, or if you have provided personal information in response to a suspicious email, text or phone call.

    Call us on:
    Northern Ireland
    Freephone (Business accounts): 0800 032 1288 (24 hours, 7 days a week).
    Business online: 0345 309 8123
    Great Britain
    Business Online: 0345 309 8124
    Republic of Ireland
    Business Online: 1890 818 265

    Abroad
    Business Online: +353 1 440 6445
    Business Online Opening hours: Monday-Friday 8am-6pm. Closed Saturday, Sunday, Bank and Public holidays.

    To report suspicious Bank of Ireland related emails or texts (both personal and business customers), send the suspicious email or text to 365security@boi.com.

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • Investment Scams with high interest returns

    In the current low interest rate environment fraudsters are seizing the opportunity to take advantage of people by offering high interest returns on various investments particularly crypto-currency. Fraudsters can be very convincing, they may have created a professional and legitimate looking company website, but please always #Takefive when considering investing your money and remember, if it’s too good to be true it probably is.

    Common investment scams

    Fraudsters target victims in several different ways so please always remain vigilant to prevent yourself becoming a victim of investments scams. Two common ways we have seen people become a victim of an investment scam in the current low interest rate environment are:

    1. Fraudsters are posing as legitimate firms and offering high interest returns. People fall victim to these scams when they are researching products with better returns; such as investments, bonds & bitcoin, they come across the fraudulent company online and invest their money with them.
    2. Fraudsters contact people offering an investment opportunity by telephone call, text message, email, letter or home visit. Often the fraudster will put you under pressure to commit to the investment opportunity quickly.

    What to look out for

    • The fraudster usually pressurises you into acting quickly and without thinking.
    • The fraudster instructs you to make an urgent payment.
    • The fraudster sends you a text message with a link to their fake website.
    • The fraudster may promise an insurance or protection, saying your capital will be protected.

    What you can do

    Please always #takefive before investing your money into a new investment opportunity, some things you can do to check it the company you are investing with are legitimate are:

    We encourage you to Take Five by following the below steps:

    1. Never disclose security details, such as your PIN or full banking password
    2. Don’t assume an email or phone call is authentic
    3. Don’t be rushed – a genuine organisation won’t mind waiting
    4. Listen to your instincts – you know if something doesn’t feel right
    5. Stay in control – don’t panic or make a decision you’ll regret.

    Report Fraud
    If you get a suspicious call or email, especially after sending a tweet to us, or if you notice any suspicious activity:

    • Terminate the call without providing any personal details or financial information.
    • Do not respond to or click on any links in suspicious texts or emails.
    • Never provide your full banking PIN to anyone.
    • Report your concerns to 365security@boi.com (include the phone number, a screenshot of the text if possible, or forward the email).

    You can also contact us on one of the emergency numbers below (do not use a phone number given to you in the text or email as this could be fake):

    Northern Ireland
    Freephone (Personal accounts): 0800 121 7790 (24 hours, 7 days a week).
    Freephone (Business accounts): 0800 032 1288 (24 hours, 7 days a week).
    365 Online: 0345 7 365 555
    Business Online: 0345 309 8123

    Great Britain
    365 Online: 0345 7 365 333
    Business Online: 0345 309 8124

    Republic of Ireland
    365 Online: 1890 365 200/ 0818 365 365
    Business Online: 1890 818 265

    Abroad
    365 Online: +44 345 7365 555
    Business Online: +353 1 440 6445

    365 Opening hours: Monday-Friday: 8am-8pm, Saturday: 9am-5pm, Bank and Public holidays: 10am-5pm, Sunday: Closed.

    Business Online Opening hours: Monday-Friday 8am-6pm. Closed Saturday, Sunday, Bank and Public holidays.

    If we need to contact you about a potential fraud on your account, we will do this via a secure channel including, but not limited to, SMS or email.

  • Investment scam

    We have become aware on the 7th July of an investment scam circulating where fraudsters are contacting customers by telephone and email, claiming to be from Bank of Ireland UK offering information on investments. Bank of Ireland UK does not offer investment services. The callers are offering a range of bonds from many well-known investments providers primarily, but not limited to, Tesco Bank. The fraudsters have added features to their emails and documents in an attempt to make them look genuine; for example the fraudsters have added a link in their email signature to the genuine Bank of Ireland UK website and have included our genuine FCA registration number.

    Please always remain vigilant and check independently the authenticity of any company that have approached you to make investments of any type. You can check the FCA Warning List for firms to avoid. Learn more by visiting the FCA website for guidance on how to avoid investment scams.

    Here are two examples of the emails that were sent to potential victims:

    Report Concerns

    If you get a suspicious call or email, especially after sending a tweet to us, or if you notice any suspicious activity:

    • Terminate the call without providing any personal details or financial information.
    • Do not respond to or click on any links in suspicious texts or emails.
    • Never provide your full banking PIN to anyone.
    • Report your concerns to 365security@boi.com (include the phone number, a screenshot of the text if possible, or forward the email).
    • You can also contact us on one of the emergency numbers below (do not use a phone number given to you in the text or email as this could be fake):

    Great Britain & Northern Ireland
    Freephone: 0800 121 7790 (for 365 & Credit Card customers)

    Great Britain & Northern Ireland
    Freephone: 08000 321 288 (for BOL & Global Market customers)

    Republic of Ireland
    Freephone: 1800 946 764 (Personal and Business)

    Everywhere outside Republic of Ireland, Great Britain & Northern Ireland
    Not Freephone + 353 5677 57007

    We encourage you to Take Five by following the below steps:

      1. Never disclose security details, such as your PIN or full banking password
      2. Don’t assume an email or phone call is authentic
      3. Don’t be rushed – a genuine organisation won’t mind waiting
      4. Listen to your instincts – you know if something doesn’t feel right
      5. Stay in control – don’t panic or make a decision you’ll regret.

  • Coronavirus related scams

    Fraudsters are exploiting the spread of COVID-19 coronavirus to facilitate various types of fraud and cyber crime.

    Reports were made by victims that attempted to purchase protective face masks from fraudulent sellers and also coronavirus-themed phishing emails in an attempt to trick people into opening malicious attachments or revealing personal and financial details.

    Watch out for scam messages:
    Don’t click on the links or attachments in suspicious emails, and never respond to unsolicited messages and calls that ask for your personal or financial details.

    Shopping online:
    If you’re making a purchase from a company or person you don’t know and trust, carry out some research first, and ask a friend or family member for advice before completing the purchase. If you decide to go ahead with the purchase, use a credit card if you have one, as most major credit card providers insure online purchases.

    For more information on how to shop online safely, please visit: https://www.actionfraud.police.uk/shoponlinesafely

    Protect your devices from the latest threats:
    Always install the latest software and app updates to protect your devices from the latest threats.

    For information on how to update your devices, please visit:

    https://www.ncsc.gov.uk/guidance/securing-your-devices

    For information about Coronavirus please visit:
    https://www.nhs.uk/conditions/coronavirus-covid-19/

Archive


  • Fraud prevention philosophy

    What is our approach to fraud prevention?

    Keeping customers’ accounts secure is a top priority for us, but it is also important for you to protect yourself from fraudsters. The safety of our colleagues and customers is always a top priority for the bank. Our Security teams work round the clock to ensure our bank is a safe place to work, with plans, processes and controls in place to protect our customer’s finances.

    What controls do you have in place / How do we protect you?

    Online Security

    Our websites are encrypted to protect your information.
    Please use a secure browser to access account information and transact.
    Our websites are protected by a firewall (a barrier between the internet and our internal bank network).

    When you log on to Bank of Ireland 365 online, we’ll ask you for:

    • A private and individual User ID
    • 3 random digits from your 365 login PIN
    • A personal detail question

    This information is encrypted and will stay private if you don’t disclose it.

    Two factor authentication

    • You need a Two Factor Authentication to add or edit a payee on 365 online
    • We’ll text a code to your registered mobile phone, or send via post if you prefer

    Protecting your business with Bank of Ireland award-winning* KeyCode. It has many features and benefits including:

    • Unique, one-off codes you can use to log on to Business On Line and authorise payments and payees
    • You need a secure PIN to access the KeyCode app. This One Time Code is generated per transaction and expires when used, or after 60 seconds
    • KeyCode only works on your registered device, along with your corresponding Business On Line User ID
    • The app is registered to one individual user.

    Daily Control Limit

    • The administrator and your relationship manager will set a Daily Control Limit (DCL) on your Business On Line profile
    • This limit means your profile is less likely to be exposed to fraud.
    • Winner of ‘Best Information Security Initiatives (Corporate/Institutional)’ in Western Europe, Global Finance Best Digital Bank Awards 2017



  • Customer education and awareness

    What do you do to educate your customers to ensure they are fully aware of the latest fraud trends / advice?

    We reach our customers in several ways:

    Online & Social Media
    A wide range of Security and Fraud information is available within our Security Zone area on Bank of Ireland UK website. It’s specifically designed to highlight current scams and types of fraud along with measures you can take to help protect yourself.

    We have information about Fraud Alerts on a range of topics including Data Breaches, Phishing, Money Mules, Boiler Room Scams, and CEO fraud.
    We are supporters of the national Take Five campaign that offers straight forward and impartial advice to help everyone to protect themselves from preventable financial fraud.

    Educational content is sent within statement emails and our members are provided with fraud prompts on the Internet Bank and Banking App.
    We regularly post on the Social media platforms material concerning fraud.

    We also provide general guidance on How to Protect Yourself Online with information about Anti-virus software, operating systems, browsers and firewalls.

    Our ATMs carry fraud warnings particularly to guard against prying eyes when entering a PIN.

    Branch
    All our branches have fraud education material available and staff are trained to ask the right questions to help detect scams when processing payments. Branch colleagues are trained to identify fraud and victims of fraud, and provide bespoke advice including invocation of the Banking protocol. There are frequent communications delivered to branch colleagues raising the awareness of fraud and scams.

    All Bank of Ireland UK colleagues have to complete annual mandatory training which covers a broad spectrum of fraud education.



  • Contact

    How and when we would contact our customers

    We will contact our customers using email, phone calls, text messages and by letter. Customers should always take the necessary precaution to ensure they are talking to who they think they are.

    We also utilise various security controls and offer guidance for identifying malicious contact on our website.

    Examples of the controls / guidance we offer include;

    One-time passcodes – When we need to verify who you are, we’ll send a unique code to the mobile you gave us when you opened your account.
    The text will state exactly what the code is for, like creating a new payee. You shouldn’t tell anyone what this code is other than a Bank ABC colleague. If someone asks for the code but for a different reason than is stated in the text message, you shouldn’t answer them.
    If you get a one-time passcode message you’re not expecting, give us a call on 0345 309 8099

    Text Alerts – If we notice something suspicious or need to get in touch with you, we may send you an alert either by email or text message.
    While we may ask you to reply to messages, we’ll never:

    • Include a link to a log in page
    • Ask for your complete security number, password, or card number
    • Ask you for answers to your security questions

    If you’re not sure whether a text or email is genuine, give us a call on 0345 309 8099

    How and when can our customers contact us regarding fraud/ fraud prevention?

    If you believe you are a victim or fraud, or you require any fraud prevention advice customers can contact us 24 hours a day. Our contact numbers can be found here.



  • How we collaborate with the rest of the industry

    Industry initiatives/ collaboration

    • We are members of UK Finance and take an active part in all Industry Fraud initiatives.
    • We are members of CIFAS – The UK Fraud Prevention Service.
    • We contribute to the funding of the DCPCU. The DCPCU is a national police unit formed between the City of London Police, the Metropolitan Police Service, UK Finance and the Home Office.
    • We share fraud intelligence with the rest of the banking industry and law enforcement to protect our customers.
    • We are a signatory to the Take Five Charter which provides our customers with up to date advice on fraud prevention.
    • We are a participant of the Banking Protocol which helps our customers from being targeted by fraudsters and rouge traders.
    • We work with other banks to quickly recover fraudulent funds for our customers.



  • Summary

    We are the Partnership Bank.
    We provide simple, flexible, financial services to UK customers both directly and through partnerships with well-known UK brands. Technology is making it quicker and easier to stay on top of your finances wherever and whenever you want. As more of our customers choose to use new ways of banking such as phone, tablet or computer, we’re committed to keeping their accounts and information secure

In 2015, £755 million was lost to financial fraud, but we can all help to lower this figure by remembering one simple action – to stop and think.

That’s why the Take Five campaign – led by UK Finance – is encouraging the nation to do just that; to take time to stop, step back and think before they act.

If you receive a request to hand over (or do something with) personal or financial information, you need to take a moment to reflect and step back from the situation. Yes, even if they say they’re the bank, police or another trusted organisation, you still need to take the time to stop and think about what’s really going on.

Because deep down, you probably already know these basic rules on how to beat financial fraud – you just need to take a deep breath and stay calm enough to remember them.

  1. Never disclose security details, such as your PIN or full banking password
  2. Don’t assume an email or phone call is authentic
  3. Don’t be rushed – a genuine organisation won’t mind waiting
  4. Listen to your instincts – you know if something doesn’t feel right
  5. Stay in control – don’t panic or make a decision you’ll regret

Take Five, a new national campaign led by UK Finance, is here to help you take action against the financial fraud that affects millions of people in the UK each year. If you think there has been fraud on your card or bank account – or if you suspect anyone has attempted to obtain your financial details – report it immediately to your bank or other financial services provider and then contact Action Fraud on 0300 123 2040 or at www.actionfraud.police.uk.

For more information you can download the Take Five customer advice guide below or visit www.takefive-stopfraud.org.uk

Take Five customer advice guide Download

Fraudsters may ask you to receive money into your bank account and transfer it into another account, keeping some of the cash for yourself. If you let this happen, you’re a money mule. You’re involved in money laundering, which is a crime.

You can be approached by fraudsters online or in person. They might post what looks like a genuine job ad, then ask for your bank details.

Once you become a money mule, it can be hard to stop. You could be physically attacked or threatened with violence if you don’t continue to let your account be used by criminals.

When you’re caught:

  • Your bank account will be closed.
  • You will find it hard to access further student loans.
  • It will be difficult to get a mobile phone contract.
  • You will have problems applying for credit.
  • You could go to prison for up to 14 years.

Students can become money mules unwittingly. They might think they’re giving out their bank details for a genuine reason, then end up involved in money mule fraud.

Don’t Be Fooled. Follow this advice:

  • Don’t give you bank account details to anyone unless you know and trust them.
  • Be cautious of unsolicited offers of easy money. If it sounds too good to be true, it probably is.
  • Research any company that makes you a job offer and make sure their contact details are genuine.
  • Be wary of job offers from overseas. It will be harder for you to find out if they are legitimate.
  • Be wary of job ads that are written in poor English, with grammatical errors and spelling mistakes.

For more information, visit the Money Mules website.