|
|
 Security
Awareness Note
The YBC's Role
The YBC considers the client's privacy —either in
the system files or network
database, the ultimate priority which embodies the
bank commitment to ensure the security for our
clients' information as we work on a series of
effective security procedures in favor of this
purpose.
We are, as well, applying the global information
security standards to cover
the safety of various aspects, and examine our
network security standards on a regular basis. Other
independent network penetration actions are taken to
ensure the quality of our service and the privacy of
our clients.
Our website is fully monitored and protected against
any illegal action or any other scam aspect which
includes, but not limited to, the use of our bank
name and/or brand. The network investigation also
takes account of preventing any fraud website which
resembles, in design, name and contents, the real
website of the YBC since such fraud websites can
expose our clients' information to the risk of
identity theft.
The Recent Risks
The bank will keep you posted with any arising
threat, and such a threat should be carefully paid
attention to.
The Electronic Fraud
It is a criminal activity based on the scam attempt
to reveal sensitive information such as the user ID
and Password as well as any other account
information by playing the role of a confident
friend or an esteemed organization (e.g. a banking
institution) through an email or fraud website.
Any bank offers Internet Banking is a possible
target of such a fraud action. The popular means of
fraud are emails and SMS which request the client to
disclose his/her User ID and Password through a
fraud website. Sometimes telephone calls are used.
Be alert of any scam or fraud email, and make sure
that you log to your account through the correct URL
(www.ycb.com.ye).
·
Avoid logging to your account using public or shared
computers;
·
Never disclose your personal or financial
information to any other person when you receive a
call or a request to update or confirm your account
information unless you make the call and you are
familiar with the other party to whom you talk;
·
Never respond to suspicious emails or SMS which
request you to disclose/ give away personal
information such as account number or login
password; and
·
Remember that the bank will never send you any email
asking you to respond with your personal information
Social Engineering
It is an attempt to have confidential information by
convincing the victim to disclose his/her
confidential information. The Social Engineering is
usually successful since the victims tend to
appreciate and trust the smooth talkers and to offer
help when needed. The victims of Social Engineering
are easy to deceive and convince to disclose
information they are not aware of their use in
Electronic Fraud actions. (e.g. an organization
employee can be deceived to reveal a user ID and
password to someone who claims to be a technical
support person who seemingly collect similar
information which eventually allow him to attack the
system network.)
The Password
Make sure to keep your password private and always
change it on a periodic basis. The YBC advises its
clients not to use easy-to-guess information such as
date of birth, phone number and/or any recognizable
part of their names.
The Client's Role (Things to do)
The client has a crucial role to ensure the
information security. The bank recommends the
clients to:
·
Make sure to equip their computer systems with the
latest security patches and packages;
·
Install Antivirus application on their computer
systems and activate their auto update functions;
·
Install Antispam application on their computer
systems and activate their auto update functions;
·
Activate the firewalls and be sure of their
appropriate settings/configurations;
·
Configure the connection security modes of their
Internet navigating systems; and
·
Avoid the disclosure of their personal information
to any other party, including the bank staff.
|
|
