How can I protect myself when doing online banking?

Measures you can take to protect yourself

Any organization or individual can be a victim of cyber criminals. They become increasingly sophisticated in their attempts to lure people into clicking suspicious links, downloading email attachments, or “connecting” on social media, which are often used as gateways to stealing sensitive information. 
To make sure that your online banking information is highly protected, there are a number of measures you can take to protect yourself from common types of cyber-attacks.


Effective Password:

The prevention of identity theft is crucial. For this reason, strong password combinations are strongly recommended. Here are some suggestions for creating safer and stronger passwords:

  • Select passwords which cannot easily be guessed. Avoid using last names, birthdates or anniversaries, common nicknames and avoid using the same password for multiple web sites. 
  • Do not write or post user IDs, passwords or other sensitive information where they can be accessed easily by others.
  • Change your passwords frequently and do not share user IDs or passwords with anyone else, even family members. 

Keep your device secure and your software up to date:

  • Use anti-virus and anti-malware software and keep it up-to-date.
  • Ensure that your device's operating system and software is updated on a regular basis.
  • Scan any software downloaded from the internet for viruses before installation.
  • Think carefully before removing any security controls from your mobile device, that can weaken the security of your device and expose you to additional risks.

Social Engineering attacks and prevention tips:

Social Engineering attack is an attempt to trick someone into revealing sensitive information (e.g. a password) or performing certain actions such as committing fraud by associating with the individual to gain confidence and trust, downloading and executing files that appear to be benign but are actually malicious. Once the information has been stolen it can be used to commit fraud, attack systems or networks. 


If you have doubts about the validity of an email, text or phone call that seem to come from ProCredit Bank and/or if you think that you may have disclosed confidential information, please report it to us immediately by calling the following number 038/555-555 or emailing to

Criminals use a variety of social engineering attacks to steal information, such as:


Phishing is a technique in which fraudsters attempt to acquire sensitive information by masquerading as legitimate business or reputable person in an electronic communication, such as email, text messages (SMS), phone calls, or instant messages. Often, they will present a link or an attachment that looks like a valid, trusted resource, but which is actually a malicious site that will steal and record any information you enter into it, such as your password.
Here are some tips on how you can protect yourself: 

  • Always type the Bank's website into your browser or use bookmarks rather than clicking links contained in messages, even if you feel the message is legitimate.
  • Banks will never email you to request that you "confirm" or "update" your password or any personal information by clicking on a link and visiting a website.
  • Try to independently verify any details given in the message directly with the company.
  • Treat all unsolicited messages with caution, never click on links in such messages to visit unknown websites.
  • Phishing emails usually have some sense of urgency or authority involved. Be sure to check for misspellings, incorrect company logos, or weird email addresses.
  • Utilize an email SPAM filtering solution to help prevent phishing emails from being delivered. 

Never give away your personal information including banking information (e.g. Password, Debit/Credit Card Number, PIN, CVV2 code, etc.). For security purposes, ProCredit Bank will never ask you for this information via phone or email.


Website Spoofing

Website Spoofing describes an activity that makes a fraudulent website look exactly like a legitimate website. The purpose of cybercriminals is to make people believe that they are interacting with a trusted legitimate company or a person, misleading them into sharing sensitive information or dropping malware into their computers.
Here are some tips on how you can protect yourself: 

  • Be careful, pay attention to the web address (URL) of websites. A website may look legitimate, but the URL may have a variation in spelling or use a different domain. 
  • Ensure there is a padlock symbol. Websites that are legitimate have a lock symbol or green bar to the left of the website URL address to indicate a secure website.
  • Do not click links on social networking sites, pop-up windows, or non-trusted websites. Links can take you to a different website that their labels indicate. Typing an address in your browser is a safer alternative.
  • Only give sensitive information to websites using a secure connection. Verify the web address if it begins with https:// (the “s” stands for "secure") rather than just http://. 
  • You can check the Security Certificate of the ProCredit Bank website by clicking on the lock which appears on your browser. Avoid using websites when your browser displays certificate errors or warnings. 

Never log on to your online banking account by clicking on a link in an email. Always access Internet banking by typing the bank's address into your browser or use bookmarks. In case of any doubt, contact ProCredit Bank at: 038/555-555.


Don’t let your guard down!

Locking your mobile device

Protect your smartphone or tablet device just as you would protect your computer. 
Protect your digital wallet by using a passcode, fingerprint or face recognition to unlock your phone screen.


Monitor your account activity

Check your account activity frequently to detect fraud earlier. We recommend you check your E-banking account on weekly basis. Report any suspicious or fraudulent activity at ProCredit Bank immediately. 


Bank smart when on the move

Avoid using mobile banking or sending sensitive e-mails or texts over public or unsecured Wi-Fi networks. 

Be extra careful if using any device which is not your personal device and over which you have no control. ProCredit Bank recommends you avoid using such devices since you never know if these devices have installed any malicious monitoring programs.

Clear your cache regularly 

It is best practice for you to delete all the information stored on your computer after an online banking session. Each time you access the Internet, your browser automatically saves a copy of the web pages you've visited or the passwords you’ve provided to websites. Please refer to your browser's documentation on memory/disk caching.


Additional proactive measures:

  • Download apps only from official app stores: Apple iTunes and Google Play Store. Downloading free apps from unofficial or unknown sources could lead your device to become infected with a virus.
  • Make sure that you always follow your bank's terms and conditions.
  • Be distrustful if any suspicious or unexpected pop-ups appear during the online banking session. In case of any doubts, please contact ProCredit Bank directly.   
  • Never leave your computer unattended when logged into Internet banking.
  • Ensure that you log out properly when you have finished banking online.

For more Cyber Security resources, please refer to:

  • National Cyber Security Unit for Kosovo - Home (
  • National Cyber Security Alliance -
  • EU Agency for Cyber Security -