Using the internet has become so much a part of our daily lives that sometimes we may not realize the risks. However criminals are always coming up with new techniques to steal our confidential information. One of the latest threats is Cross-Site Request Forgery, which has enabled hackers to break into many sites. So please follow safe practices when doing your internet banking.

Are you at risk?

         1.  After making online transactions, do you continue to use the same browser without
              logging off?

         2.  Have you used internet banking while opening other websites simultaneously?

If your answer is yes to either of these questions, you are at risk of CSRF.

Cross-Site Request Forgery (CSRF) is a malicious type of website whereby unseen and unauthorized commands are transmitted from a user that a website, such as internet banking, thinks it knows and trusts.

When opening a website, commands operate in the background that may not be visible on the screen. If you use internet banking and other websites at the same time, you are at risk of unauthorised commands operating on your internet banking account, sending criminal requests to transfer funds out of your account.

How can I avoid such an attack on my internet banking?

You can help prevent CSRF attacks by:

1. Logging off every time you are finished with internet banking. You should also close the browser window to clean any tracking files.

2. While using the internet banking, you should avoid opening other websites simultaneously and open a new browser window – If you are visiting other websites, please use a different browser window than you use for your iBanking session.