PHISING ADVISORY

What is Phishing?

!83 (pronounced as "fishing") is the act of sending an e-mail to a user in an
attempt to illegally obtain sensitive personal information from you. The e-mail directs the
user to visit a web site where you will be asked to update personal information, such as
your User D, PN, passwords, bank account, credit card numbers, etc. which will be
used for identity theft. The web site, however, is bogus and was only set up to steal the
user's information towards unauthorized activities, purchases, etc.

Common techniques that are used by the phishing fraudsters include, but are not limited
to the following:
.:
Using false email addresses, logos, and graphics to mislead you into accepting the
validity of the emails and web sites;
.: Fake domain names to appear representing us;
.:
Duping you into providing personal details through one or more methods such as
hyperlinks to fake websites or embedded forms in emails.


mportant security reminders:
.: Never disclose your User D or PN to anyone.
.:
To access Security Bank Online, enter the URL address manually into your web
browser. Never login via any website links especially within emails.
.:
Aware of email scams that typically request that you update your account
information. SECURITY BANK WILL NEVER REQUEST FOR YOUR USER ID
AND PASSWORD THRU EMAIL.

SECURITY & YOU

At Security Bank, we know that the confidentiality of your personal information is very
valuable to you. Because of this, we are committed to provide you with a safe and
secure online environment for your banking needs.
Your RoIe in Safeguarding Your Account Information
Apart from the security measures put in place by the Bank, you play an equally
important role to ensure your online security and account information is not
compromised.
We highIy recommend the foIIowing security practices whiIe doing banking transactions
onIine:
1. Keep your User D and Password confidential at all times
2. Tf your online session at all times
3. Do not store your User D and Password when using nternet Explorer browsers
4.
Do not register in any suspicious websites so as not to disclose your personal
information
5. Use a computer/device that you trust
. Ensure adequate security for wireless network and devices
7. Clear your browser's cache and history after each session
8. Protect your computer from viruses and malicious programs
9. Protect your critical data to prevent the loss of important files.
10. Check your account and transaction history details regularly
11. Update your branch of account when you change your contact particulars
12.
Report to immediately if you suspect that your personal information may have
been compromised

. Keep your Password confidentiaI at aII times
Your Password is like the key to your online safe. We identify you using your User D
and Password. Protecting your online identity is very important to safeguard your
Password at all times.

mportant tips on how to safeguard and protect your password:
o We encourage you not to use the same Security Bank Online Password for other
financial or non-financial web-based services such as for email, online shopping,
digital identity and other online subscription services.
o Do not choose a Password that is easily guessed or data that is highly associated
with you, like your telephone number, TN/SSS number, date of birth, or User D.
Select an uncommon and unique Password to make it difficult for anyone to guess.
o Avoid using sequential numbers or the same number more than twice (e.g. 121145).
o Memorize your Password. Do not write down your Password or store it in computer
hard-disk, diskette, mobile phone or other none secure means.

:. Do not key in your Password within view of someone else.

:. Verify that the URL displayed in the browser is correct before entering your User
D and Password. The URL of Security Bank Online's "Enter User D" page should
read https:// securitybankonline.securitybank.com
o Use the latest recommended nternet browser such as those that support 128-bit
encryption so that you have the most updated security features available.
o Change your Password regularly by using the 'Change Password' service (minimum
8 digits) under the Utilities menu.
o Change your Password immediately if you suspect it has been exposed to others or
the moment you suspect any unauthorized access.

2. Log off your onIine session
Log off your online session whenever you leave your computer, even for a short while.
This immediately ends your nternet Banking session and prevents further transactions
from being carried out without a fresh login. You should also shut down your computer,
when not in use, to prevent unauthorized access to your computer.
3. Do not store your User ID/Password when using Internet ExpIorer browsers
Some browsers store and list possible matches from entries that you have typed
previously. You can prevent any User D/Password from being stored in your browsers
by de-activating the function:
o nternet Explorer

-
Launch your nternet Explorer browser and click on "Tools" >> "nternet Options"
>> "Content".

- Under "Personal nformation", click on "AutoComplete".

- Under "Personal nformation", click on "AutoComplete".

- Under "Personal nformation", click on "AutoComplete".
o Netscape .0

- Netscape .0

- Select "Preferences"

- Double click on "Privacy & Security"

- Click on "Passwords"

- Ensure that "Remember passwords" under "Password Manager" is unchecked

- Click "OK" to save your settings

. Do not discIose your personaI information to suspected websites
To prevent your personal information from being captured by bogus websites, you
should not disclose your personal, financial or credit card information to little-known or
suspected websites.
5. Use a computer/ device that you trust
You should not conduct your nternet banking transactions on computers/devices which
cannot be trusted such as shared or public computers, especially computers located in
unusual and out of the ordinary places. f you have to, always clear your browser cache
after each session on such computers to ensure your account information is removed.
For nternet Explorer 5 users, please also ensure that the "AutoComplete" function is
deactivated after use.
6. Ensure adequate security IeveI for wireIess network and devices
Poorly configured wireless equipment may allow malicious entry into your computer
directly through the air waves. f you are using a wireless network/ device, you are
strongly advised to read your instruction manual, or consult your vendors if necessary,
to configure your wireless network/ device to ensure that adequate security levels are
established.
7. CIear your browser's cache and history after each session
Temporary files stored in your computer called cache files and history can retain
information and data. Always remember to clear your browser's cache and history after
each session so that your account information is removed, especially if you are using a
shared computer.
8. Protect your computer from viruses and maIicious programs
Apart from destroying important data on your computer, viruses/malicious programs
such as Trojan Horse may run a password sniffing program in the background to
capture your password keystrokes without your knowledge. Being constantly online may
increase risk exposure of your computer.
9. Protect your criticaI data
Make regular backup of your critical data and ensure that these data in your computer is
adequately protected.
. DisabIe the "FiIe and Printer Sharing" feature on your Operating System
This prevents an external party from gaining illegal control or access to your computer.
You can refer to your computer vendor or instruction manual on how to activate this
feature.
. Check your account and transaction history detaiIs reguIarIy
Regularly check your transaction history details and statements to make sure that all
details are updated and there are no unauthorized transactions on your accounts.

Also take note of your 'last login date and time' whenever you login to Security Bank
Online to make sure that there has not been any unauthorized access.
2. Update us when you change your contact particuIars
To make it easier for us to reach you whenever we detect unusual transactions in your
account, always keep us updated with your latest contact numbers and mailing
address.
3. Let us know immediateIy if there's a probIem!
f you notice any unusual/unauthorized transactions, please change your PN and notify
us immediately. Where necessary, your nternet Banking access can be suspended at
your request to protect your interest.