When creating a secure password, you may consider the following recommendations: 

• The minimum length of the password must be - 9 characters 
• Must contain lowercase letters (a-z)
• Must contain (at least one) capital letters (A-Z)
• Must contain (at least one) digits (0-9)

It is also recommended to include at least one special symbol (! @ # $ % ^ & * ( ) { } [ ])
Criminals often conduct research on their target, resulting in mastering our data: first name, last name, date of birth, personal number. . . Therefore, in order to increase the level of security, our password / code word should not be connected with our personal information / life.

• When receiving a new bank card, check the integrity of the envelope containing the card and PIN code
• Card PIN code, number, term, CVV2 / CVC2 code is confidential and is known only to you
• Do not share your PIN code and CVV2 / CVC2 code with any other person, including a bank employee
• Change the PIN code the first time you use the card and destroy the PIN envelope 
• When changing the PIN code, do not use an easy-to-guess combination. E.g., year of your birth, 1111, 1234, etc.
• Do not write dowm the PIN, do not put PIN information on the card
• Check your statement regularly through Internet Banking / Mobile Banking or contact any of the Bank's service centers for a statement request.
• Update your contact information with bank regularly
• Activate mobile and SMS banking services to control real-time card transactions and / or transaction attempts
• When replacing an old card with a new one, always physically destroy the old card at the bank service center.

• Check if the appropriate payment system logo corresponding to your card is on the ATM
• When withdrawing money from an ATM, check the reader and the PIN keyboard to see if a foreign body is attached.
• Observe the person behind you in the queue, so that he/she did not become aware of your PIN
• When typing a PIN, cover the PI N with your hand, this will protect you from PIN exposure if an unknown camera is attached to the ATM.

• Request Activation of Verified by Visa / MasterCard Secure Code service to enable secure payment online Make sure that third parties do not have access to the device where your 3D security code is available 
• Use a password for the device where your 3D security code can be accessed
• Always check the name of the site where you are going to enter the card details. The address of fake sites differs from the real one by only one or more symbols.
• When entering card data on the site, make sure that you are on a secure site. The protected page has a padlock sign and starts like this: https: //
• Do not enter card details into a shared computer
• Do not store card data on websites
• Delete the saved card data from your online store account after making a purchase
• LOG OUT from the site after completing the purchase operation 

• Do not send your card details (card number, term, CVV2) electronically (scanned, using email or other method)
• If for some reason you are not able to follow the card security rules for online trading, use a separate card where you will have a limited amount of money available.

• Do not give the card to the facility's service personnel for payment
• Request to bring the POS terminal on site
• Make sure the card is returned to you after the transaction is completed
• Check the amount payable and the amount indicated on the POS terminal
• Check that no foreign bodies are attached to the POS terminal
• When paying by card, make sure that the service personnel do not pass your card to another device or do not record your data.

• A transaction was performed with your card that was not performed by you 
• You have lost your card, or suspect that it may have been available to someone else without your permission for a period of time
• You have noticed that any of the above mentioned safety norm has been violated.

Smartphone Security - Follow the safety rules on personal smartphones. This will also protect your personal information better.

Please be aware of:

• Protect your smartphone with a PIN or Fingerprint. PIN is a more effective means of protection than Pattern.
• Install antivirus on a smartphone from a trusted manufacturer
• Install apps on Android only from Google Play, and on iPhone only from Apple App Store
• Do not install apps that require suspiciously much access to your phone. 
• Install security updates and update apps. 
• Do not connect to suspicious Wi-Fi networks
• Do not leave Bluetooth turned on

Today, literally every day, millions of phishing emails are sent from various addresses to gain access to our personal information.
 
To protect yourself, we recommend: 

• Do not open or reply to messages received from an unknown / inconvenient sender.
• Do not open attached files if you are unsure of their contents  
• It should also be noted that in some cases, criminals also falsify the sender's address and point to a person or organization familiar to the user
• Observe the contents of the letter, if you find anything suspicious, do not open the document or the link attached to the letter. 
• Always check the address where you send the email or where you receive it. 

Email can be likened to a real one 

• For example:  Name@Example.com and Name@Examp1e.com 

At first glance, it is virtually impossible to detect an error, but after observing we can detect the address is created by the wrong / criminal "Name@Examp1e.com" where the letter "L" is replaced by the number "1".

Phishing is a fake email that looks trustworthy and is intended to mislead the user and steal information or hack into a computer.

Such letters are characterized by job, attractive, uplifting or scandalous titles. For example:

• Due to the fall of the bases, please send us the information by e-mail as soon as possible
• Your user is hacked, to change the password please go to the given link

Often in similar emails you are asked to go to the specified link or website, however the links are actually malicious and by going through it the computer will be infected.

Detecting similar links is quite simple - hover the mouse pointer over the link and pause for a moment, after which the system will show the real address: 

Similar URLs often contain numbers, incorrect names (e.g. Example and not Example) and have odd suffixes (ex.com, ucoz.net, install? = Ex, etc.).

Phishing emails may also contain attachments containing malicious software, and malicious software may be embedded in Word, Excel, Power Point, and PDF files.

Secure Sites - When using the Internet, information is exchanged between us and the web resource. The information transmitted may include: user and password, card information, personal number and other personal and confidential information.

To ensure the security of the transmitted information, pay attention to the website address and the certificate used.

The website address should start with the https prefix and not http.

Https means that the information exchanged between us and the website is encrypted with a special certificate. Typically, HTTPS (protected) websites have a padlock in the address bar.
 

• An example of a protected website: https://
• An unprotected website has inscription “Not Secure” in the address bar