How Do You Prevent Fraud



To counteract the threats posed by external fraudsters, the bank advises that you:


  • Never make a payment on receipt of an email request within contacting the Sender, using the existing agreed phone number or email address to verify the request – do not use any of the information in the email to make contact. Be particularly wary when you are asked to change existing payment details.
  • Make it mandatory that at least two iBB Users are involved in the Creation and Authorising of payments as this is a key control control against the external fraudster.
  • Dual Authorisation - double the safeguards by requiring 2 administrators to make role changes. 
    •  If you do not have 2 administrators, simply fill in and submit this form to complete the set up.
  • When using your Digipass to authorise payments to new beneficiaries, ensure that you verify the bank account details against the invoice and not just against the details that appear on the iBB screen.
  • Be on your guard for suspicious activity on your PC and contact us at +44 (0)370 243 0331 or email

Never respond to pop-up messages looking for logon information or checking your security settings. Although iBB presents error messages in pop-up windows, it will never ask you to input your login credentials or OTC/TDS codes into a pop-up window. Be vigilant if iBB is operating unusually slowly


  • Be wary of any suspicious phone calls or emails purporting to be from the bank or suppliers requesting you to:
    • Update their information or to make payments
  • Contact the supplier using the existing contact number to verify the request
  • Ensure that all your iBB Users are aware of these threats and that they report any suspicious activity immediately
  • Install and regularly update firewall software
  • Review your anti-virus software protection on every PC & Laptop used to access iBusiness Banking
  • Be wary of opening documents containing macros or which state that the content will not be visible until the macro feature is enabled. Ensure any macros are from a trustworthy source before enabling and that macros are automatically disabled as standard on your PC. 
  • Passphrase and Digipass - memorise your Passphrase and Digipass PIN, do not write them down. Never let anyone else use your Digipass and Passphrase
  • Logging in/out - Always type and login from there. Don't click on links within emails as you may be redirected to a fraudulent website
  • Check Session Security- Check the URL make sure it starts with 'https://'


† Calls may be recorded. Call charges may vary - refer to your service provider.