Helpful tips for staying secure

SIM swapping happens when fraudsters ask their victims' mobile phone operator to issue a new SIM card so that they can access mobile banking messages. The victim’s SIM card is deactivated and the messages are received on the fraudster’s device. Fraudsters often obtain the details required about the victim’s mobile phone through phishing.

Warning signs

• Receiving an unexpected text message advising that your SIM is transferring
• Losing network connection for an unusual length of time in a place where you would normally have a connection
• Your phone showing the message ‘invalid SIM’ or ‘no SIM’

If you think any of the above has happened with your phone please contact your mobile phone service provider immediately using the number displayed on their website.

Protect yourself

There are a few simple steps you can take to deter SIM swappers:

Set up a secure password with all phone service providers

• Dispose of phone bills securely
• Keep your phone switched on at all times – this way you’ll notice if it’s not working.

Downloading personal information

Diamond Microfinance Internet Banking lets you download the transaction information for your account or accounts. It can be saved in different formats so that, for example, you can see your banking activity in a spreadsheet.

If you store personal information such as your transactions history on your computer or device, please take appropriate measures to protect it. This could include:

• using a PIN lock or password on a mobile device to prevent unauthorised access
• making sure that your virus protection software is up-to-date
• using secure WiFi when you access the data over the internet
• making sure you permanently delete your information from your computer or device (including information stored in back up files) when you no longer need it.

1. NEVER give your PIN to ANYONE - we will NEVER ask for this.
2. NEVER hand over your card to anyone.
3. ALWAYS check your statements and report any transactions you don't recognise immediately.
4. KEEP your bank updated when you change your contact details as they may need to contact you to confirm unusual transactions.
5. CHECK your credit rating on a regular basis to see which financial organisations have accessed your information.
6. REGISTER for a protection service to help prevent your name and address from being misused by third parties e.g. CIFAS.
7. KEEP valuable documents such as your passport and driving licence secure. When you are not using them, make sure they are locked away.
8. NEVER respond to any unexpected or suspicious emails or text messages, and don't click on any links or attachments within them.
9. NEVER send personal details in an email.
10. ALWAYS enter our web address in your browser. Don't use links from emails or another site - they could take you to a fake website that looks like ours.
11. LOOK for the locked padlock or unbroken key symbol on websites - this means you are on a secure web page.
12. PROTECT your device with a firewall, anti-virus and anti-spyware software. We also recommend downloading Trusteer Rapport - it's free!*
13. KEEP your operating system and web browser up to date.
14. LIMIT the personal information you make public on social networking sites.
15. IF you're suspicious about any emails you receive do NOT respond to them. Send them to phishing@diamondmicrofnc.com. We are grateful to all customers who forward us these emails. We investigate all emails we receive, although we’re not always able to respond directly to them.

*Please note, Trusteer Rapport is a third party product and is not owned by Diamond Microfinance.

Install Trusteer Rapport security software

It's free security software, and it's won awards for keeping customers' details secure.

Trusteer Rapport works alongside your existing anti-virus and firewall software to give you more protection - even if your computer has a virus.

It can make the difference against identity theft and fraud. What's more, it's easy to install and you won't even need to restart your computer.

Find out more about Trusteer Rapport.

Stay safe when you shop online

• Don't give your personal details, bank account numbers or credit/debit card details to a company you don’t know or haven’t checked out.
• Always use a secure website for any payments - you'll know that a site is secure because it will have an unbroken key or locked padlock symbol, and the website address will begin https: rather than http: - this makes sure your personal details are encrypted.
• Always make sure you read, understand and are happy with the terms and conditions before you hand over any details.
• Read the site's privacy policy as this will give you an indication of how the company will use and protect your data.
• Carefully read any marketing opt out/opt in wording to make sure you understand how your details will be used for marketing. Sometimes boxes are pre-ticked, so if you don’t want the company to get in touch or use your email address you’ll need to un-tick them. Be careful you don’t inadvertently give permission for your details to be passed to third parties.
• Some companies have hidden extra costs in their terms and conditions - always check for this.
• Be especially careful of websites selling nutritional health and well-being products (including teeth whitening), or websites selling one item but enrolling you in another offer. You may unwittingly be agreeing to future transactions.  
• Check the delivery and returns policy - this should tell you about the cost and method of delivery along with the return and refund details. Remember that returning goods to overseas suppliers may be expensive.
• Sometimes charges such as VAT, delivery, packaging and import duty (if purchasing goods from overseas) may be hidden or not included in the main price you’re shown. If you’re not sure you understand all the charges, do not buy.
• Never send your credit/debit card or bank details in an email as they won’t be secure.
• If you register with a site or store and are asked to choose a password, make sure you keep it secret and never reveal it to anyone else.
• Choose a unique password; don’t re-use the same password for different sites and accounts.
• Keep a record of all your online transactions. Also keep details of the offer and the terms and conditions as information on a website may change after you have made a purchase. Then, if you have any queries about your order, or need to return or exchange an item, you’ll have confirmation of the order and the offer.
• Make sure you have up-to-date anti-virus software on your computer before entering any personal or card details.
• Download Trusteer Rapport*. It's free security software that can automatically protect you when you log on to Internet Banking, and it's won awards for keeping customers' details secure. Rapport can be set up to protect up to 100 different sites where you may enter sensitive data. When using any site which asks for sensitive data such as payment or contact details, check the Rapport icon before you type your information. If the Rapport icon is grey, right click it to protect the site. The icon will turn green and any subsequent visits to that site are automatically protected.
• Never divulge your 4-digit PIN.
• Remember if the offer looks too good to be true, it probably is.

 *Trusteer Rapport is a third party product and is not owned by Diamond Microfinance.

Identity theft affects over 100,000 people every year. With a few personal details, a criminal can open new bank accounts, get new credit cards, claim benefits and apply for official documents like a driving licence - all in your name, and all traceable to you.

Warning signs

Possible signs that someone's stolen your identity:

• 'Lost' mail, for example your bank statements or credit card bills suddenly stop arriving.
• Your rubbish bags have been tampered with.
• You start getting bills you don't recognise.
• Strange Direct Debits or payments appear on your account.

Protect yourself

• Shred sensitive information - never simply throw it away or recycle it.
• Delete suspicious emails from organisations requesting personal information - we will never ask for such information by email.
• Think twice before giving out personal information. It's easy for criminals to falsify email addresses, headed paper and other methods of communication.
• If you move house, make sure you redirect your mail.

What you should do if you think your identity has been stolen

If you think your credit or debit card number - or any of your personal details - have been stolen, immediately cancel the card or freeze the account.

If you are not receiving mail, contact your supplier to advise them you have not received their mail, and contact Royal Mail to ensure that a mail redirect has not been placed against you.

If you think some items on your statement are suspicious, call us on .

If you have been or believe to be a victim of impersonation, get a copy of your credit file to establish if other financial services have been applied for in your name. Look for new accounts being set up and for credit searches being conducted which you didn't authorise as this may indicate an attempt to impersonate you. Remember, it's the data holder's responsibility to ensure that all data held is correct and accurate, so any credit searches not authorised by you will need to be deleted from your credit file.

Your security details

• Keep your personal security information safe, and avoid writing any details down.
• Never tell anyone what they are, even if you share a joint account. Don't even tell us.

One Time Passcode (OTP)

This system sends a unique, one-off passcode to your mobile phone. It acts as an extra security element and it is only needed when we want you to verify that a payment or a request to amend some important details (like your address), is genuine.

The great thing about OTP is that you only need to register a mobile phone number with us to use it - and you won't have to remember any new passwords or carry separate kit, such as a card reader.

• It is important that you keep us updated when you change your mobile number so you are able to receive your OTPs.
• Always make sure the details quoted within the OTP message correspond with your original request.
• If you EVER receive an OTP message which you are not expecting, notify us immediately as it may be a sign of attempted fraud on your account.
• Never share an OTP with anyone, not even a member of Diamond Microfinance staff.

Your devices

• Install the latest anti-virus software and firewalls on all your devices - along with their security updates.
• Download and install free Trusteer Rapport software.
• Know who you're dealing with. Always access our Internet Banking service by typing in the exact web address in your browser. Never follow a link to a banking site.
• Wipe your hard drive before you sell or give away your PC.

Email

• Don't send personal account details by email because it could be intercepted.
• Don't reply to, or use links within, emails asking for your personal Passcode or Registration Number. Nobody needs to know them except you - not even us.
• Be wary of spam emails. Especially those offering you money or originating from outside the Canada. At best, they're a nuisance. At worst, they're from criminals trying to defraud you.

Using other computers

• When you access accounts or apply online, be vigilant and keep an eye on who's watching your screen.
• Never leave your computer while you're logged on to Internet Banking.
• Public WiFi (wireless) internet connections and internet cafés pose security problems. Always log off when you're finished and close down the internet browser once you've logged off. Simply disconnecting from the internet isn't enough. For more, visit Get Safe Online.
• Before using Internet Explorer, click 'Internet Options' on the 'Tools' menu. On the 'Content' tab, click 'AutoComplete' and uncheck the four boxes. When you finish surfing, go back to the same options page and click 'Clear Forms' and 'Clear Password'.
• When you finish surfing Microsoft Internet Explorer, click Internet Options on the 'Tools' menu. On the 'General' tab, click 'Delete Files' and 'Delete Cookies'. Then click 'Clear History'. This will remove all your password information from the browser. However, different browsers use different settings, so contact its vendor or administrator for advice.
• If you receive an email asking you to provide information about your account, either by clicking a link or by replying directly to the email - don't. Forward the email to phishing@diamondmicrofnc.com and run a virus scan on your machine.

We are grateful to all customers who forward us these emails. We investigate all emails we receive, though are not always able to respond directly to them.

To protect you, our Internet Banking system logs you off if you don't click for a period of time.

More and more people are shopping online. The choice is enormous, the prices often cheaper and the process convenient.

Use familiar websites

Start by using trusted sites and entering addresses in your browser. Search engines can get it wrong and accidentally lead you to non-trustworthy sites, especially on later link pages. If you know the site, it's less likely to be a fake.

Beware of misspellings or sites using different endings, for example .net instead of .com. Their prices might look enticing. But that's how they get you to enter your details.

If you are unsure if it is a reputable company, do your research and make sure you are comfortable before providing your personal details.

Look for the lock

Never, ever, buy anything online using your credit card from a site that doesn't have SSL (secure sockets layer) encryption installed.

How can you tell? The address will start with https: (instead of http:) and a locked padlock icon will appear in your web browser.

Know what you are signing up for

If you sign up for anything online, make sure you read the terms and conditions and know what you are committing yourself to. Check and double check the small print.

Don't tell all

Don't give anyone your credit card details by email. And remember that, while certain information is needed to complete a transaction - some isn't. For example, you'll never need to enter your National Insurance number to buy something, and be wary about giving out your date of birth. An unscrupulous character with that data and your credit card number can do a lot of damage.

When you can, give the least amount of information possible. And certainly never use the same password(s) for shopping sites and Internet Banking.

Check your transactions

Don't wait for your statements. Log on to Internet Banking regularly and keep track of what's happened on your account(s).

If anything's suspicious, contact us immediately on .

Get anti-virus software for your device

Criminals aren't sitting around, waiting for you to give them your data. They're actively trying to help things along. Be aware of their tactics, from Trojans to 419 emails, and regularly update your anti-virus software.

Use strong passwords

Strong, hard to copy passwords use a string of text that mixes numbers, upper and lower case letters, and special characters. It should be at least 8 characters - preferably many more. Also, for the best protection, characters should be random - not words, alphabetical or from your keyboard layout.

How to make a strong password

1. Spell a word backwards, e.g. 'icecream' becomes maerceci.
2. Use l33t speak, where you substitute numbers for certain letters, e.g. 'maerceci' could become 'ma3rc3c1'.
3. Randomly throw in capital letters, e.g. 'ma3rc3c1' becomes 'Ma3rc3c1'.
4. If you get to choose a login name and password, make them different.

Stay at home

By nature, it's riskier using a public computer to buy something. But if you do, make sure you log out every time. That goes for every site you use - even if you're just checking email.

Also, if you're using your own laptop or smartphone, think about your surroundings. Can anyone peer over your shoulder?

Privatise your WiFi

If you do decide to go out with your laptop to shop, you'll be on a WiFi connection. Only use the wireless if you access the web over a virtual private network (VPN) connection.

Remember, if it sounds too good to be true, it probably is

A virus software company recently compiled a list of scams to look for. One of them offers a free gift with a purchase, another, a short-term job offer. Many of these 'offers' were advertised over social media, so be aware that even your friends might innocently forward you a scam. Skepticism is a small price to pay for keeping your card details safe.

From Facebook to Twitter, LinkedIn to Digg, the number of social networking sites continues to grow. They're part of our daily lives. They breach many corporate firewalls, are among our most-used smartphone apps and can be vital job search tools.

Unfortunately, they often counter your efforts to protect yourself from identity theft, leaving a trail of personal information that criminals can use for their own ends.

So - beware of sharing too much information, and practice safe social networking.

Things you should never share online

In addition to your passwords and PINs, never share your:

• National Insurance number
• date of birth
• home address
• home telephone number
• town and place of birth.

All these facts can be used to get other pieces of information, which can then be used to complete security checks.

Customise your privacy options

Social networking sites give you lots of privacy control settings - don't settle for the defaults.

Check out the configuration, learn about the different areas and see what options you have. Your aim should be to limit who can see various aspects of your personal information.

New settings are often added over time so keep checking back. Sometimes social networking companies merge - with new owners changing privacy terms, acceptable use policies and user agreements.

Reduce "LinkedIn" details

Don't put your full resume online for everyone to see. Limit your work history too. If you do need to add more information during a job search, do so. But once you've landed a position, cut out the extra details and leave just enough to attract interested recruiters.

Remember that you can stop others accessing your network of contacts. It's common practice - sales professionals and recruiters don't want to expose their valuable network to people who might poach customers or prospects.

Don't assume - verify it!

Many people impersonate others online for pranks, but equally, it's the first step towards defaming someone or stealing their identity for financial gain.

With social networking, verify that the page you're looking at genuinely belongs to the person you think it does before you share too much information or click on links.

Look for anything unusual or out of the ordinary. And naturally, if the content doesn't sound like it's from the person it should be, avoid it and either email or call your friend to verify it.

Avoid accidentally sharing personal details

You wouldn't put a note saying 'Away for the weekend - back Monday' on your front door. So why do it on Twitter? Social networking tools like "What's on your mind?" make it easy to let details slip. Think about what you're broadcasting - and how others might benefit from it.

Search yourself

To get a good idea about what others can see, search your name on Google and check out the social network profiles that appear.

Get an understanding of where you show up - and adjust your profile, settings and habits appropriately. If you see your name in locations you don't visit, someone could be using your identity.

You can even set up a Google alert for your name. It'll email you when Google finds your name on sites. Depending on your name, you may have to sift through quite a few mentions. However, you may still learn a lot about where you're appearing online.

Know who your friends are

More 'friends' equals more people with access to your information. If you do get an unsolicited invitation to connect, check it out thoroughly before you accept.

• Don't accept a cheque or banker's draft/corporate cheque from someone unless you absolutely know and trust them.
• Be wary when accepting a high-value cheque e.g. if you are selling a car. Consider other payment options e.g. online transfer.
• Keep your chequebook in a safe place, report any missing cheques to your bank immediately and always check your bank statement thoroughly.
• Never pre-sign blank cheques. When writing cheques, be sure to complete all sections, including the payee name, and the amount in both words and figures.
• To help prevent fraudulent alteration leave as little blank space as possible, if necessary by drawing a line through unused spaces. Include the word 'only' after writing the amount in words.

'Spyware' are programmes or files that often arrive as hidden parts of 'free' programmes and monitor what you look at on the web before reporting back to companies who sell the information.

They're relatively harmless. But some can pick up everything you type, so people can snoop on all your computer activity.

Warning signs

If your computer starts to run slowly, behave strangely or have any of the symptoms listed below:

• You see pop-up advertisements all the time.
• Your settings have changed and you can't change them back.
• Your web browser, e.g. Internet Explorer, contains additional features you don't remember downloading.
• Your computer seems sluggish.

Protect yourself

• Research any free software you download to see if it's genuine.
• Regularly update your anti-virus software.
• Change your Internet Banking security details regularly to protect your personal data.

What should you do if this happens?

If you think there might be spyware on your computer, run anti-virus/anti-spyware software to remove it before you download other programmes or open emails.

A virus is a computer programme that copies itself into other programmes stored in your computer. It may be benign, but it usually has a negative impact - from slowing things down to corrupting memory or files. Viruses are now mainly spread by email and file sharing services.

Warning signs

• Your computer seems sluggish.
• Your computer stops responding or locks up.
• Your computer crashes and restarts every few minutes.
• Applications run abnormally.
• Disks or disk drives are inaccessible.
• You can't print correctly.
• Unusual error messages appear.
• Menus and dialogue boxes are distorted.

Protect yourself

• Don't download anything from anyone you don't know or things you aren't expecting.
• Keep your anti-virus software updated.
• Set your computer so it doesn't automatically launch files, updates, html pages or cookies without your permission.
• Learn how viruses get onto your computer.

What should you do if you get a virus?

• If your anti-virus software detects something, simply follow its instructions.
• Then run a full anti-virus scan to makes sure everything's clean.
• If you've used any online banking services recently, contact your bank so that they can take steps to protect your accounts.

• Don’t choose a code that includes repeated characters, e.g. 1111aaaa.
• Don’t include sequential characters, e.g. 23456789.
• Make your Username and Password different.

If someone finds out your codes

If you think someone may know your security codes you should change them immediately, and notify us at once by phoning .

Our website's secure areas

We only request and display personal information about you and your accounts and dealings from secure areas of our site.

Exactly the same security measures, including data encryption and passwords, apply to all our online transactional processes. In addition, these services are protected by firewalls. This technology monitors and prevents any unauthorised access to our computer systems (where personal data is kept) – which means unauthorised people cannot access account and personal details.