what we're doing to keep your money safe
At cahoot, security is of utmost importance. So that you can bank in confidence, we employ the latest technology to keep your personal details safe. So rest assured that as long as you follow the precautions, you'll never have to pay for any banking activity that you haven't authorised. We undergo periodic reviews of our security policies and procedures to ensure that cahoot systems are secure and protected.
When logging into cahoot, you will need to enter your security details and then use drop down lists for your password. The password characters, once selected, will not be visible. All this is to help against fraud but remember, never write down or reveal your security details to anyone.
If you make 3 incorrect log-in attempts we will disable your access to cahoot. You will then need to go through the 'forgotten your password / memorable information' process to reset, which can be completed online.
Once you have logged into the cahoot banking site your session will be hosted on a secure 128-bit encrypted server. Encryption converts your information into an encoded format before it is sent over the Internet. You know you are in a secure session when you see two things. Firstly, the padlock icon should appear in the bottom right hand corner of your browser. Secondly, the web address (URL) will change to one beginning “https://…” in your browser address bar. You should ensure that these have both happened before continuing any further.
When you haven't used your cahoot banking session for over 10 minutes we will log you out of the cahoot site. This provides an extra safety-net in case you forget to log out.
what you should do to help keep safe
You have seen some of the steps we take to help prevent fraud but there are ways for you to boost this protection.
- 'phishing' / fraudulent emails
- browsers / operating system
- wireless networks / broadband routers (Wi Fi)
- firewall / anti-virus software
- personal details
- examine all transactions
- public places
- log out
Recently there have been quite a few fraudulent emails assuming the identity of UK banks, encouraging people to share user names and passwords. These authentic-looking messages sometimes include the organisations' logos and are designed to fool people into divulging their personal information.
We would like to confirm that cahoot does not send any emails to customers requesting their security details or any other confidential information. If you receive an email reporting to be from cahoot asking you to input your details then please let us know. At anytime, if you feel at all suspicious about it, then delete it without opening.
If you are concerned that you may have disclosed any confidential information, please click on 'contact us' once you have logged in.
'Phishing' uses links that appear to be legitimate but actually take you somewhere else. 'Pharming' hijacks the domain name so that even if you are a 'phishing'-aware user who specifically types in the web site you want (e.g. http://www.bbc.co.uk); you will still end up at a different web site anyway.
To help defeat 'pharming', you need to check the SSL (secure sockets layer), which provides you with a secure and private connection. When you log-in to cahoot, double-click the padlock symbol at the bottom of your browser to ensure the site certificate is valid and belongs to cahoot. As long as the padlock symbol is there and is issued to cahoot you are not at any risk.
A trojan is a malicious file, usually disguised as something useful, but when activated, can cause loss, damage or even theft of data.
The critical difference between a trojan and a virus is that a trojan cannot replicate itself. The only way that it can spread is if you help it, typically by opening an email attachment, or downloading from the Internet.
Once you open this file, the trojan goes to work destroying your computer's functionality - possibly recording your logging-in details. A good line of defence is not to accept files from someone you don't know, and if you have any doubts, then do not open the file.
Always try and keep your operating system (e.g. Windows XP) and web browser (e.g. Internet Explorer) up-to-date. They are not infallible products, which is why the makers often provide patches to correct problems. To stay informed, have a look at the following websites: www.microsoft.com (opens new window) and www.netscape.com (opens new window) (or visit the website of the relevant operating system or browser that you are using).
When using wireless networks always ensure all security features are turned on so nobody else can access your information. We strongly advise you to review your configuration and ensure that strong encryption and authentication features are turned on. Features such as "128bit WEP" and the more recent, and more secure, "WPA encryption technologies" are essential to protecting your data. For further information on Wi Fi security go to www.getsafeonline.org (opens new window).
If you can, use a personal firewall and anti-virus software to prevent unauthorised access and viruses being downloaded onto your PC when you're on the Internet. Anti-virus software is available from many suppliers such as McAfee (www.mcafee.co.uk (opens new window)) & Symantec (www.symantec.co.uk (opens new window)) and some companies provide free versions of their software. Do try and remember to keep them updated with the latest versions.
These are small files stored on your computer's hard drive. They don't cause any problems and are used to recognise users so you get a more consistent experience on our website. For more information on cookies and instructions on how to enable / disable cookies from your browser click here.
This is a very important area and one you can ensure is kept hidden. You should never write your personal details down or share them with anyone.
Regularly check your transactions by looking at your account status and statement pages. If you find anything suspicious then report it, by clicking on 'contact us' from your personal homepage.
Whenever you are using a PC in a public place such as a cyber café, be extra careful. Ensure there is nobody behind you when you are entering your passwords.
Never leave your PC logged on to your cahoot account. Once you have finished, always remember to log out and shut down your browser. This is especially important if you have been using a public PC.
For further information on web security please visit www.banksafeonline.org.uk (opens new window). This is the UK banking industry's initiative to help online banking customers stay safe online. This site is run by APACS on behalf of its member banks and explains the latest security threats and how to avoid them.S