Internet Security
Comprehensive Information Security Provides You With Multiple Layers of Protection
Information Security Awareness
(I) Due to the rampant "business e-mail compromise" scam, procurement and accounting personnel of companies should carefully check the e-mail address when remitting large sums of money. If the e-mail mentions a change to the beneficiary account, double check using the original contact method to avoid incurring huge losses.
(II) When you receive a suspicious e-mail, follow the steps below to avoid being scammed:
1. Stay alert: When you receive an e-mail regarding changing the beneficiary account, do not simply follow the instructions.
2. View: Carefully examine the e-mail account for anything unusual.
3. Confirm: Even if it is a contact person you regularly contact, you should still call to confirm again and further request supporting documents.
4. Education: Strengthen information security of the company's computers and servers, and educate employees to remain alert and improve their response capabilities.
5. Do not use a lazy password for your e-mail password to avoid brute force attacks.
6. Strengthen the security of the e-mail system and enable security alerts. Once you receive a notification or alert, immediately change your password to a stronger password.
(II) When you receive a suspicious e-mail, follow the steps below to avoid being scammed:
1. Stay alert: When you receive an e-mail regarding changing the beneficiary account, do not simply follow the instructions.
2. View: Carefully examine the e-mail account for anything unusual.
3. Confirm: Even if it is a contact person you regularly contact, you should still call to confirm again and further request supporting documents.
4. Education: Strengthen information security of the company's computers and servers, and educate employees to remain alert and improve their response capabilities.
5. Do not use a lazy password for your e-mail password to avoid brute force attacks.
6. Strengthen the security of the e-mail system and enable security alerts. Once you receive a notification or alert, immediately change your password to a stronger password.
(I) Scammers may use phishing messages or spoofed e-mails to trick people into clicking on links to fake websites or downloading fake apps, which will require them to enter their account and password. Once scammers obtain the victim's personal information, account number, and password, they log into the victim's real bank account and transfer funds. Scammers may make phone calls or voice calls and impersonate the Bank to trick people into following instructions and transferring funds to designated accounts.
(II) How to deal with phishing described above
1. Do not enter your account number, password, or other authentication information on any website other than the Bank’s official website, Internet banking, or mobile banking app.
2. Stay alert about unknown messages and links in e-mails. To protect your rights and interests, do not click on links to log in or open attachments.
3. The following are examples of URLs that appear to be the Bank's official website:
■ ooo.kigbank.com
■ ooo.kiibank.com
■ ooo.kglbank.com
Please double-check the URL before clicking on links to related services.
4. If you receive a suspicious text message, e-mail, or phone call from someone pretending to be the Bank, do not follow the instructions or call back. Please call our customer service hotline for verification.
5. For more information and advice on fraud prevention, please visit the website of the Hong Kong Monetary Authority.
(II) How to deal with phishing described above
1. Do not enter your account number, password, or other authentication information on any website other than the Bank’s official website, Internet banking, or mobile banking app.
2. Stay alert about unknown messages and links in e-mails. To protect your rights and interests, do not click on links to log in or open attachments.
3. The following are examples of URLs that appear to be the Bank's official website:
■ ooo.kigbank.com
■ ooo.kiibank.com
■ ooo.kglbank.com
Please double-check the URL before clicking on links to related services.
4. If you receive a suspicious text message, e-mail, or phone call from someone pretending to be the Bank, do not follow the instructions or call back. Please call our customer service hotline for verification.
5. For more information and advice on fraud prevention, please visit the website of the Hong Kong Monetary Authority.
(I) Please check if you are using the correct website and mobile app
(II) Please regularly update the operating system of your computer or mobile device and install anti-virus software
(III) Avoid using public Wi-Fi for financial transactions
(IV) Please change your password regularly and avoid using the same password or a password that can easily be guessed
(V) Do not share passwords with other apps or services
(VI) Do not keep a record of your password in an obvious place that can be accessed by others
(VII) Please be alert when entering your password to avoid others seeing what your password is
(VIII) Do not send passwords without encryption
(II) Please regularly update the operating system of your computer or mobile device and install anti-virus software
(III) Avoid using public Wi-Fi for financial transactions
(IV) Please change your password regularly and avoid using the same password or a password that can easily be guessed
(V) Do not share passwords with other apps or services
(VI) Do not keep a record of your password in an obvious place that can be accessed by others
(VII) Please be alert when entering your password to avoid others seeing what your password is
(VIII) Do not send passwords without encryption
Security Mechanisms
(I) The Bank’s Internet banking service uses a dual password security mechanism consisting of a "user ID" and "Internet banking password" to provide you with more comprehensive and convenient wealth management services.
(II) How to log in:
1. For new Internet banking customers, please go to the designated URL to set your user ID and password.
2. For customers who have already set a user ID and password, please wait for the Bank’s personnel to call you before logging into Internet banking using your customer number and Internet banking password and user ID.
(III) Principles for setting "user ID" and "Internet banking password":
1. The user ID is 8 to 12 letters and numbers, with uppercase and lowercase letters treated as distinct characters.
2. The Internet banking password is 8 to 16 letters and numbers, and may not contain any four-digit sequence of letters or numbers in ascending or descending order. Do not use the same 3 letters or numbers in a row. Uppercase and lowercase letters are treated as distinct characters.
(IV) If you enter your "user ID" or "Internet banking password" three consecutive times, the Bank’s system will suspend your account. You can reactivate your account through the designated URL.
(V) To protect your rights and account security, the system will automatically log out of the Internet banking service if no transactions are made for more than ten minutes.
(VI) The Bank’s Internet banking system utilizes 128-bit SSL (Secure Sockets Layer) as its secure transaction transmission mechanism, and the server for the Bank’s website is set up within the firewall, which meets the standards for level B1 set forth in the Orange Book of the U.S. Department of Defense.
(VII) Protection of Internet banking password and user ID:
1. Please keep your Internet banking password and user ID safe, do not disclose them to others, or write them down on paper, or keep a record in your computer or mobile device.
2. Do not allow your browser to remember your passwords, and do not click on any unknown URLs or download any unknown programs.
3. Please irregularly change your Internet banking password and user ID, and avoid using obvious or easily guessed information (such as birthday, bank account number, phone number, etc.).
4. Do not provide your personal and financial information to anyone.
5. Please do not enter your Internet banking password and user ID on any website or app other than the Bank's Internet banking. We recommend that you change your password regularly, and do not the same password as other apps or service websites.
(VIII) Notices for website use:
1. The Bank’s Internet banking URL is https://ib.kgibank.com.hk/ibank/features/auth/login. Before making any transactions, please check if the certificate is issued to " ib.KGIbank.com.hk " and is within the validity period.
2. Please install anti-virus software on your personal computer and regularly update virus patterns or install a personal firewall. Get the latest patches for your computer system to prevent system vulnerabilities.
3. Make sure to log out and close your browser when leaving the Bank’s Internet banking, so as to protect your rights and account security.
4. As a final reminder, please do not log into Internet banking in public places or on someone else’s computer to avoid data leakage.
(II) How to log in:
1. For new Internet banking customers, please go to the designated URL to set your user ID and password.
2. For customers who have already set a user ID and password, please wait for the Bank’s personnel to call you before logging into Internet banking using your customer number and Internet banking password and user ID.
(III) Principles for setting "user ID" and "Internet banking password":
1. The user ID is 8 to 12 letters and numbers, with uppercase and lowercase letters treated as distinct characters.
2. The Internet banking password is 8 to 16 letters and numbers, and may not contain any four-digit sequence of letters or numbers in ascending or descending order. Do not use the same 3 letters or numbers in a row. Uppercase and lowercase letters are treated as distinct characters.
(IV) If you enter your "user ID" or "Internet banking password" three consecutive times, the Bank’s system will suspend your account. You can reactivate your account through the designated URL.
(V) To protect your rights and account security, the system will automatically log out of the Internet banking service if no transactions are made for more than ten minutes.
(VI) The Bank’s Internet banking system utilizes 128-bit SSL (Secure Sockets Layer) as its secure transaction transmission mechanism, and the server for the Bank’s website is set up within the firewall, which meets the standards for level B1 set forth in the Orange Book of the U.S. Department of Defense.
(VII) Protection of Internet banking password and user ID:
1. Please keep your Internet banking password and user ID safe, do not disclose them to others, or write them down on paper, or keep a record in your computer or mobile device.
2. Do not allow your browser to remember your passwords, and do not click on any unknown URLs or download any unknown programs.
3. Please irregularly change your Internet banking password and user ID, and avoid using obvious or easily guessed information (such as birthday, bank account number, phone number, etc.).
4. Do not provide your personal and financial information to anyone.
5. Please do not enter your Internet banking password and user ID on any website or app other than the Bank's Internet banking. We recommend that you change your password regularly, and do not the same password as other apps or service websites.
(VIII) Notices for website use:
1. The Bank’s Internet banking URL is https://ib.kgibank.com.hk/ibank/features/auth/login. Before making any transactions, please check if the certificate is issued to " ib.KGIbank.com.hk " and is within the validity period.
2. Please install anti-virus software on your personal computer and regularly update virus patterns or install a personal firewall. Get the latest patches for your computer system to prevent system vulnerabilities.
3. Make sure to log out and close your browser when leaving the Bank’s Internet banking, so as to protect your rights and account security.
4. As a final reminder, please do not log into Internet banking in public places or on someone else’s computer to avoid data leakage.