The Internet is a bit like a city, in that there are some good parts, but others that you had best avoid after a certain time. The problem with the Internet is that you don't know whether you are in the good or bad parts. To help you, we have put together some information aimed at raising your awareness of the risks associated with using the Internet.

The notion of these risks and protection measures will help you protect yourself as practically as you can. There is no such thing as 100% protection, but you can limit the impact of any attack. The world of IT is changing all the time and protection solutions are being developed as quickly as the attacks. Keeping up to date makes it easier to appreciate and understand the risks.

For more information, look on the Internet, as search engines such as GOOGLE have a great deal of useful information on the subject.

We also recommend that you study the following paragraphs which explain how EFG e-banking works.

Our e-banking system allows you to access your account with us using your own authentication. This lets the system know that you are the person with authorised access. This authentication takes the form of a password and numeric code that displays a random number every sixty seconds. The system is one of the most widely used ones today. Your password and the number shown on the code will open encoded (protected) communication with the bank. As additional protection, your name will not appear on any of the documents that you access.

For hundreds of years, we have been trying to give information to a third person without others being able to understand it. In meetings with the person in question, the code was passed on verbally so that when the latter received a text manipulated by the author, only he and the person to whom the message was addressed could understand it. This code was essentially simple and indicated the order in which words or phrases should be read. In wartime, encoding information was extremely important - just think of the key phrase that heralded the allied invasion of 1944, "les sanglots longs des violons" (the long sobs of autumn violins) - and this subsequently gave birth to information technology.

Today, data are encoded by computers with the assistance of complex codes to enhance confidence in the integrity of information and its source. These systems are generally used where information has a heightened confidentiality risk. Never keep your code in the same place as your PIN code (if you ever have to write it down).

After authenticating yourself, you will find yourself on a secure web page which is generally indicated by the sign at the bottom right-hand corner of your browser. This means that you are in encrypted or https mode (see the site's URL).

Clicking on the padlock sign shows you information on the validity of the certificate, and it is essential for it to be valid (in our example, the certificate is valid until January 2007).

If you have been inactive on a page for 15 minutes or more, the system automatically terminates this session as an enhanced security feature. You will then have to reconnect and login again. Even though this is inconvenient, it is ultimately in your interest.

Unable to open a session

After three attempts at authentication, your site will be blocked. This is a security measure and you should advise your relationship manager who can then reactivate your access.

Our IT systems are regularly updated following the recommendations of our software developers and hardware suppliers. From your perspective, these updates are available on the various sites of operating system suppliers (Windows, Mac OSX and other Linux). Updates are important as they often reveal security weaknesses.

Similarly, using an anti-virus solution is key in the fight against intruders. These tools should obviously be regularly updated. If you are not protected by anti-virus software, you should install some as soon as possible. The solutions on offer, some of which are free, can give you a good level of security. It is a good idea to consult search engines to find the solution that suits you best, or enquire at your equipment supplier.

You will also have heard about firewalls which filter out data entering and leaving your computer. Again, there are a large number of varied solutions available, some of which are free. To find a solution suitable for your environment, use the same method described above for anti-virus software.

Security on the Internet is as weak as the weakest link in the security chain. This includes passwords, access to your computer, the use of wireless, insecure networks and many others. Try and find out as much as you can on this topic, your equipment supplier is a good source of information as are the search engines.

If you cannot remember your passwords or PIN code, simply jot them down on a piece of paper and keep them in such a way that it would be almost impossible for anyone to make a connection between them and access to the Internet or your computer. It is better to safeguard passwords or PIN codes electronically, as they are much easier to access than a notebook in your pocket… You should also mask your notes so that they only make sense to you and perhaps another trusted person.

It is vital that you end every session properly without it remaining active, as this would carry the risk of someone indiscreetly gaining access to your computer. Make sure that you always click on the button to end your session properly. It is good practice to do this even if you are only going to be away from your computer for a short while if you are in a place where there may be people who are unknown to you.

Internet browsers generally retain information on sites visited. This information could be useful to anyone ill-intentioned. It is always possible to delete most of these traces, so consult a search engine to find out more about how to do this.

Scams and how not to fall for them

There are many scams operating on the Internet. Here are a few simple rules on how to avoid the worst ones:

Phishing: This attack occurs through a site that displays our bank logo and other information stolen from our site. These sites often try to obtain an e-banking password in the hope of extracting funds from the person concerned. The attacker will try and get people to visit these sites by sending out vast quantities of e-mails in the hope of deceiving a small percentage of recipients. WE WILL NEVER SEND YOU AN E-MAIL ASKING YOU TO CONNECT TO YOUR E-BANKING ACCOUNT. That said, you can ignore any attempt to contact you by e-mail. Any contact with you will invariably be with your relationship manager.

Below you will find an example of a Phishing website:

Solicitation: You may receive an e-mail containing a business proposition concerning gold that will be signed by someone purporting to be a member of the EFG group. By looking at the address, you will see that it will rarely be an EFG one. It may be similar, but not one that you have ever seen. In any event, no member of our organisation will try and solicit business with you without having first discussed the matter with your relationship manager. You should contact the latter immediately if you receive any such solicitations. Generally speaking, you should delete these e-mails as 99% of them are hoaxes.

It is also possible for your computer to be remotely controlled by a type of virus known as a Trojan horse. This is the worst case scenario, as the person who exercises this control has access to the content of your computer and can see everything you do, including your e-banking access. There are many opportunities for a Trojan horse to install itself on your computer. Most do so in the form of e-mail attachments which install themselves as soon as you click on them. Others can do so via fraudulent software updates. Only go ahead with installing an update after having consulted the site editor to ensure that the update is official. If you are in any doubt, do not install the update. It is also possible for these viruses to infect your computer via an intermediary website which contains commands for your computer to obey. This is necessary to attach images, text or other devices featured on websites. Unfortunately there is also a chance that these commands will be used to install malicious commands on your computer.

Another danger is that every keyboard tap you make will be constantly read. A malicious code installed on your computer can read every tap and record the sequences to send them to hoaxers who will soon work out your passwords and gain considerable information about your private life. This malicious code is known as the keylogger.

If you are unfamiliar with passwords, anti-virus software, spyware and other firewalls, it is high time that you found out about them. The web and your software supplier are always sources of reliable information.

Remember, the Internet can be a fantastic source of information, but it can also be a dark street that you should stay well clear of. We would strongly recommend that you stay up-to-date with the risks associated with using the Internet and keep everything dear to you as far away as possible from prying eyes. Do not put anything on a computer linked to the Internet that you do not want to disclose.

If in doubt, leave it out!

Head of Security