Security

Report something suspicious: Worried that your online or personal security details may have been compromised?

Call 0808 109 8888 or if calling from outside the UK dial +44 (0) 20 7500 1445.

If you receive a suspicious email please forward it to suspicious.email@citi.com and delete the mail from your inbox.

If your Visa Debit Card has been lost or stolen please call us to report it immediately on 0808 109 8888 or if calling from outside the UK +44 (0) 20 7500 1445.

Protect yourself from becoming a victim of fraud
Banking safely online
Phone and smart phone security
How we protect you
Online Security Software – Webroot SecureAnywhere Identity Shield
Useful links

Protect yourself from becoming a victim of fraud

Your personal details are precious and should always be kept safe and secure. At Citi International Personal Bank we continually update our security to ensure you and you details are protected.

Below we outline a few steps that you should take to protect yourself from becoming a victim of fraud.

Passwords and personal information

Never give your password or security code details to anyone, except when asked to provide individual letters from your security code when talking to Citi International Personal Bank on the phone. We will never ask you for your full security code. Ensure that when you are sent your security code you memorise it then destroy the notification.

Logging out of Citibank Online

Never leave your computer unattended when logged in to Citibank Online our online banking platform. Always log out.

Dispose of receipts and statements carefully

Your personal and card details can be obtained from receipts or statements. To protect your identity you should tear up or shred any sales or cash machine receipts, letters or statements before throwing them away.

  • Carefully tear up or shred any sales receipts, cash machine receipts or statements before throwing them away.

Keep your cards in a safe place

Your cards should always be kept in a safe place and never let anyone else use your card. It’s also important to remember to not let retailers take your card out of sight, whatever excuse they may give you.

Protect your PIN

Always keep your Citi International Personal Bank card Personal Identification Number (PIN) secret and secure.

  • Don’t let anyone else use your card or your PIN.
  • When you are sent your PIN memorise it then destroy the notification.
  • Shield your PIN when authorising purchases or making cash withdrawals from an ATM.
  • Never enter your PIN into websites or order forms, or disclose it to anyone else either in person or over the phone.
  • You should change your PIN regularly.

Be alert at cash machines

When using your card at a cash machine you can follow the steps below to keep you card secure.

  • Shield your PIN when you enter it.
  • Immediately report any signs of tampering or if the machine does not return your card.
  • Don’t allow yourself to be distracted.

Back to top

Banking safely online

Emails

Occasionally clients have reported receiving fraudulent emails that appear to be from Citibank, but which are, in fact, sent by imposters. Be very suspicious of any business or person who asks for your password, social security number, or other highly sensitive information.

Citibank will NEVER ask clients to provide sensitive information in this way. You should not reply to such emails.

For more information on fraudulent emails visit the Fraudulent Email page.

Phishing

With the internet becoming the predominant channel for shopping, along with more communication being sent via email, it’s important to recognise and protect against phishing.

Phishing is a term given to emails that attempt to fraudulently obtain your security details. The emails usually look genuine but may contain spelling mistakes and grammatical errors. Phishing emails unlike our Citi International Personal Bank emails may not be personally addressed.

Phishing emails will often refer to security problems or account re-activation and will include a link to a website. It’s important that you do not follow the links in the email.

Citi International Personal Bank will never send you an email asking you for confidential or personal security information. If we have a security problem we will either contact you directly or request that you contact us.

If you receive what you think is a phishing email please forward it to suspicious.email@citi.com and delete the mail from your inbox.

Remember never click on the links in the email or provide any of your details. In some cases by following the link you may have downloaded a malicious program that captures your keystrokes onto your computer.

Citibank Online security

Always enter the Citi International Personal Bank web address directly into your browser and don’t follow any links, this will ensure that you access the legitimate site. The web address for Citi International Personal Bank is: http://www.ipb.citi.com

When accessing the logon screen of Citibank Online ensure that the website address starts with https://. Some browsers will also indicate this with a padlock symbol in the address bar.

Antivirus and antispyware

Make sure your computer is protected against viruses and spyware by installing protective software.

It’s also important to update any antivirus software you have by downloading the latest versions on a regular basis. If the software you use supports auto updates then we recommend that you set this to automatically check for updates every time you connect to the internet.

Software updates

Make sure that your computer's operating system and browser software is updated with the latest security patches.

Firewalls

We recommend you use a firewall to reduce the likelihood of unauthorised access to your computer from the internet. If you do use a firewall ensure that it is updated regularly.

Wireless networks

If you use a wireless network to access the internet ensure that this is encrypted/secure. If the wireless network is not secure other people may be able to access your internet and your internet sessions.

Public or shared computers

If you access Citibank Online from a computer that is not your own then you must ensure that the computer you use has antivirus software, firewall and the latest software updates installed.

We would recommend you don’t use a publicly available computer, for example in an internet café, to access your accounts.

Back to top

Phone and smart phone security

Mobile phones, especially smart phones and phones with Bluetooth, are at risk from a number of electronic attacks as well as traditional risks like theft.

Why protect your mobile phone?

Besides the usual risks with mobile phones for example:

  • Theft or loss.
  • Disclosure of private contacts.
  • Fraudulent use of you account.
The new generation of smart phones and phones with wireless connection and access to the internet have further risks associated with them:

  • Smart phone viruses.
  • Phishing by phone.
  • The fraudulent use of your data connection over a Bluetooth link.
  • Accessing usernames and passwords that have been stored in your device when using the internet.

Internet on your smart phone

An increasing number of mobile phones can access the internet in the same way as your home computer or laptop. In the same way that you should protect your home computer you should be protecting your smart phone.

For example, if you use your smart phone to login to a web site this information could be stored on the devise. The information stored can include usernames and passwords. If your mobile phone was then stolen the thief may be able to access this information.

Be password smart

To help keep your passwords safe on your smart phone, follow the steps below:

  • Use the PIN or pass code function to secure your handset. Don’t rely on the default factory settings; create a combination that won’t be easily guessed by other.
  • Set your device to automatically lock if you haven’t used it for a few minutes.
  • Make sure any application you use does not store your log-in details or allow automatic log-in.
  • Never store reminders of logins or passwords in your contacts or texts.
  • When using your smart phone to browse the internet don’t save usernames and passwords if given the option, in particular those used to access online banking, or sites containing confidential personal information.

Keep safe

When using your smart phone online or downloading applications follow the tips below to help keep your details safe:

  • If your phone allows you to run an application downloaded from the internet, make sure you understand the risks of doing so and are not led into a trap of downloading hoax or illegal software that could contain a virus.
  • Use the same care when using your smart phone in public as you would a public computer.
  • Avoid using online banking in public areas; you do not know who may be watching you enter your security details. This is known as shoulder surfing.
  • Check for regular updates on your service provider’s website to see if there any security or software updates for your smart phone.

Always remember that if you are using the internet via an un-secure WI-FI connection you need to understand the risks. These threats could be the theft of your data or the criminal ability to re-direct you to a website that will capture your details or download a virus to your phone. If you are using WI-FI in a public place make sure it is secure.

Protect personal details

  • Think twice about any personal information you store on your phone. 59% of smart phone owners admit that they store their home telephone number as 'Home' in their mobile device. Determined fraudsters may call the number, purporting to be someone else, and use the conversation to find out more details about you.
  • Think carefully about what information you share online and how it could be misused. Your smart phone holds a great deal of personal information in a single place, making life very easy for fraudsters. So, it’s not just about what you put on your social networking profile, but also that it’s probably easy to work out who you bank with, where you’ve recently made transactions, the names of your family and to glean other details from emails or other documents.

Synchronising your mobile with your computer

If you synchronise your mobile phone to your home or work computer there is a high chance that personal information that you thought you were leaving at home, you are carrying around in your pocket. Make sure you know what data is saved to your mobile and if you don’t need to be carrying it with you then change the settings of your synchronisation software to stop it from copying over.

Stay with reputable sites & applications

The small screen size on a mobile can make it more difficult to spot fraudulent websites so it’s critical to make the relevant checks; for example, keep an eye on the website address to make sure you are not being diverted onto other sites.

Mobile banking can be a very efficient way to manage your finances, but only use applications written and published by your bank. Avoid third party tools and make sure you follow the password advice above.

Protect against malicious software

  • Watch out for prompts or warnings asking if you want to allow software to install or run; if you don’t know what it is or what it relates to, don’t install it. Mobile handsets are relatively secure devices, but criminals get around this by trying to dupe users into downloading malicious software themselves.
  • If you are accessing a public wireless network, turn off your Bluetooth connection when you are not using it. This will minimise the risk of infections or interception. Overall, using your 3G network is a more secure option.

Phone Phishing

There is growing evidence that criminals are using SMS text messages in phishing scams. Be careful about clicking on embedded internet links in text messages.

Phone Viruses

Until recently mobile phone viruses affecting smart phones have not been a major threat, with viruses occurring on very few smart phones. However due to the growing demand for smart phones the risk is increasing for them to be targeted by fraudsters.

Most of the virus attacks on smart phones have so far not caused damage or very little damage to the smart phone or the users’ identity, having said this you still need to be mindful of the potential risks of mobile viruses and minimise the chance of becoming a victim.

  • Be careful about downloading applications from untrusted sites.
  • Companies do offer anti-virus software for your smart phone, for example F-Secure.
  • Use your Bluetooth safely (see Bluetooth section for more information).

Bluetooth

Bluetooth is a short-range wireless network that allows devices like smart phones, computers and headsets to communicate with one another. This method of communication is not inherently unsafe; it does need to be used properly to avoid risks.

  • If your smart phone has Bluetooth capability, when you are not using it turn it off.
  • If you use Bluetooth make sure that your device is not left in ‘discoverable’ mode.
  • Create ‘Pairing’ or trusted links between your devices and your friends devices, but don’t do this in public in case someone is scanning when you make the connection.
  • If possible restrict your Bluetooth to only allow 'paired' devices.
  • If you lose your smart phone delete any pairing from all other Bluetooth devices.

Remember it’s not 'just a phone'

  • Treat your smart phone like a wallet-it keep safe and on your person at all times
  • Think of your smart phone as a computer, all the same security rules apply. This includes checking the authenticity of websites, not clicking on links from people you don’t know and watching out for phishing scams asking for personal information.
  • If you decide to recycle, sell or trade in your smart phone, make sure you delete all your personal information first. Most smart phones have a 'reset to factory settings' option on the menu. And don’t forget to remove or wipe any memory cards too.

Back to top

How we protect you

To ensure confidence and peace of mind for clients who use our services, we’re continually improving and developing our security measures.

We employ a range of security measures to protect your security and personal information. These include:

A dedicated security team that investigate new technologies, monitors activity and responds promptly to any security issues.

Whether you call us, or we call you, we always take steps to check your identity before giving out information about your account over the phone.

A 128-bit SSL (secure Sockets Layer) encryption engine, that provides industry standard levels of security ensuring that your information cannot be read by anyone else.

Online access will be suspended after 5 invalid login attempts or 3 consecutive invalid PIN attempts both at an ATM and in Citibank Online.

Logging you off your online account if it is inactive for more than 6 minutes.

Citi International Personal Bank has strict standards of security and confidentiality to safeguard clients information.

Back to top

Online security software – Webroot SecureAnywhere Identity Shield

To ensure your information is kept as secure as possible, we’re pleased to announce that Citi International Personal Bank clients can now download the PC security software Webroot SecureAnywhere Identity Shield free of charge, courtesy of Webroot.

Webroot SecureAnywhere Identity Shield works on top of any anti-virus software and alongside all other security products you already have on your computer. However, unlike your anti-virus software, it is designed to protect log in details, like your username and password, and personal information, like your name and bank account details. Webroot SecureAnywhere Identity Shield protects you in three ways:

  • It helps to ensure the websites you visit are genuine and makes sure they’re not phishing websites.
  • It can help to ensure the log in information you enter is meant for the website you’re entering it into.
  • It helps protect your personal information, even when there’s malicious software running on your computer.

Webroot SecureAnywhere Identity Shield takes just seconds to install, and once you’ve installed it, you can leave it running in the background, as it updates automatically, so you can stay protected against the latest threats.

More about Webroot SecureAnywhere Identity Shield

Under 1MB, downloads in seconds  
 

By downloading and installing Webroot SecureAnywhere Identity Shield, you agree with the terms and conditions. Citi International Personal Bank is not responsible for, nor do they guarantee, the content or services associated with this product. All queries regarding Webroot SecureAnywhere Identity Shield should be directed to Webroot.

Systems requirements

  • PCMicrosoft Windows XP 32- and 64-bit SP2, SP3
  • Windows Vista 32-bit (all Editions), Windows Vista SP1, SP2 32- and 64-bit (all Editions)
  • Windows 7 32- and 64-bit (all Editions), Windows 7 SP1 32- and 64-bit (all Editions)
  • Windows 8 32-and 64-bit

Intel®Pentium® /Celeron® family, or AMD® K6/AthlonT/DuronT family, or other compatible processor

  • 128 MB RAM (minimum)
  • 10 MB Hard Disk Space
  • Microsoft® Internet Explorer® 7.0 and higher, Mozilla® Firefox® 3.6 and higher (32-bit only)
  • Google ChromeT browser 10.0 or higher
  • Internet access

Back to top

Useful links

To find out more about keeping your identity and your money safe here are a few useful links you may want to look at.

Banking: For more information about banking and security review this link brought to you by the UK banking industry:

www.banksafeonline.org.uk

Shopping: A guide to secure online shopping has been created by the Office of Fair Trading:

www.oft.gov.uk

Identity Theft: For information about protecting your identity visit the identity theft website:

www.identitytheft.org.uk

Software Updates: As software providers continue to improve the security of their products, it's important your computer uses the latest versions available. If you're using Microsoft software, you can do this by visiting the following website:

www.microsoft.com/uk/security

If you are a Mac user, you can visit:

www.apple.com/uk/support

Back to top