icbc asia logo slogan
Internet and Mobile Banking Security Tips

Dear Valued Customer,

Industrial and Commercial Bank of China (Asia) Limited (“ICBC (Asia)” or the “Bank” ) encourages customers to use its safe and diversified e-Banking Services and wishes to remind you to remain vigilant in safeguarding your personal information ,do not disclose bank account or personal information. Follow these “Security Tips” and protect yourself from online fraud.

security tips icon 4Stay vigilant to suspicious emails / SMS / phone calls

  • The Bank would never proactively ask for your sensitive personal information such as bank account details, Internet Banking usernames, login passwords or one-time passwords (OTP) through phone calls, emails, electronic communications (e.g. SMS messages, WhatsApp, WeChat, Facebook Messenger, etc), third party websites, QR Code or attachments, etc.
  • Do not logon to your ICBC (Asia) Online Banking Services or Mobile Banking through hyperlinks or QR Codes embedded in any suspicious emails, electronic communications (e.g. SMS messages, WhatsApp, WeChat, Facebook Messenger,etc.) or third party websites. You should always access our Online Banking Services by typing our Bank's official website address icbcasiacom url directly into your browser.
  • Do not download or open any emails or attachments from unknown senders, or reply or forward any suspicious emails. Delete emails from unknown senders immediately after receiving them. Such emails should also be permanently deleted from the "Trash Bin" of your email box.
  • Please check the authenticity of the website URL when you conduct any transaction via online banking or mobile banking.
  • When you receive unknown calls from fraudsters impersonating our Bank's staff and requesting your personal information for reactivating dormant account, redeeming prizes, claiming a refund or other reasons, please do not share personal information, account details, online banking username or passwords to others. If you find any suspicious, please contact the Bank at (852) 218 95588 immediately and stay vigilant!

security tips icon 2How to identify phishing and fraudulent websites /emails/ phone calls?

  • Get into the habit of checking carefully for the email address of the senders such as a similar English spelling of email address. For example, the correct email address of the Bank should be “at icbcasia url” instead of “at icbcasia url”.
  • Check the “padlock” icon on the browser's address bar and check the URL of the website you are currently on should begin with “https”.
  • Do not use public Wi-Fi networks to logon to your Internet Banking or Mobile Banking Services. Using telecommunication network is more secure.
  • Do not forward or reply directly to any emails / SMS messages that ask you to provide personal information.
  • When you receive unknown video calls from the mobile application of WhatsApp or WeChat, fraudsters impersonating our Bank's staff and requesting your personal information for any transaction or fund transfer, please do not provide personal information, bank account information, online banking account or password to others.
  • When you receive a call from law enforcement officer, claiming to conduct an investigation by telephone or video call, asking for your bank account or personal information, and conduct the operations of bank account. Do not disclose bank account or personal information and the operation of bank account, please contact the Bank immediately at (852) 218 95588. Please also note that law enforcement officers will never conduct video call for investigations or transfer the call to other law enforcement officers.
  • If you find any suspicious incoming calls, email or SMS messages, you should contact the Bank at (852) 218 95588 immediately.
  • Visit HKMA's website regularly for updated information on fraudulent bank websites, phishing e-mails and similar scams.

security tips icon 1To stay vigilant, here are some common signs of phishing emails / SMS messages / phone calls

  • It usually appears as an important notification from the Bank or requests for personal information to verify your account details, such as notification of a large amount of fund transfer or notification for a new security function activation, that you are required to click the hyperlink or open an attachment.
  • The email normally carries a hyperlink which looks like a genuine website address of the Bank. However, when mouse-over the hyperlink, you will notice that the actual hyperlink embedded is another unknown URL.
  • Fraudsters may use a sender’s name or phone number on their phishing email or phishing SMS message that looks very similar to the Bank’s name or phone number.The message may require you to verify your account details by inputting personal data, clicking on a hyperlink or opening an attachment. The hyperlink may look like the official website address of the Bank, but when mouse-over, it may actually refer to another website address.
  • A pre-recorded message notifying you on unusual condition of your bank account or credit card.
  • If you receive unknown calls with the prefix “+852”, it is likely to be a scam call disguising as a local call. You should hang up immediately.

security tips icon 3Access Online Banking and Mobile Banking Service securely

  • Please keep your personal information and second authentication information / tools (password token) / mobile token safe, in order to avoid misappropriation.
  • Never disclose the username, passwords of your online banking or one-time passwords (OTP) provided by the Bank to others.
  • Never disclose your online banking login name or password to third parties (including third-party-developed software / financial management tools).
  • Change your Internet Banking and Mobile Banking passwords regularly and use a strong password.
  • Avoid storing your personal banking information in mobile devices. If such storing is needed, please don't store it in a public cloud or lend your mobile devices with others.
  • Don’t insert your SIM card into an unknown mobile phone, as this will prevent you from receiving SMS one-time passwords (“OTPs”) or transaction notifications sent from the bank.
  • The ICBC (Asia) Mobile Banking app should be downloaded or upgraded through the Bank’'s website at icbcasiacom url or via official platforms (Apple App Store / Google Play / Huawei AppGalley).
  • Remember to install and upgrade the latest security and anti-virus software to protect your mobile phone and personal computer from hackers’ attack.
  • Check your bank statement and personal information on the bank account regularly and report any unusual transaction to us at (852) 218 95588 immediately.
  • Visit our “Security Tips” from time to time, icbcasiacom url > eBanking > Personal Mobile Banking > Descriptive Information - Security Tips.

security tips key icon

REMINDER:

Protect your Personal Digital Keys, Beware of Fraudulent Links. Don't be tempted by quick money. Don't sell your account.