Security

Security

We would like to make the usage of our webpages and internet-bank as convenient, fast and secure as possible. We constantly improve our security measures. However, to achieve greater security, it is important that You also behave safely, recognize risks and make safe choices.

When entering our website or internet bank, make sure that the address bar has our bank address and padlock

Correct and safe

  • • Address bar must have padlock and/or https and correct domain naame.

  • • In the front of domain name may also be subdomain. Until the main domain is correct, you can trust it.
  • • If there is something after domain-name followed by the slash - it's also OK.

Uncorrect and unsafe

  • • Name is correct but for some reason communication is insecure. Such an error may occur if your browser or device are incorrectly configured or network what you are using is not secure.

Extremely dangerous and unsafe

  • • Connection is secure but domain is not bigbank.ee but dynsite.com which does not belong to us.
  • • On address bar domain name must be followed by a slash. Any other symbol extends real domain name.
  • • Although address bar contains our bank's domain-name, it's not where it should be. Real domain in this case is googleapid.com

 

General recommendations

Keep your ID card, Mobile ID, Smart-ID and Bank-ID codes only for your own use and knowledge; These are your only guarantees of identity on the Internet. Careless handling can be abused primarily against you (not the bank).

Equip your computer with anti-virus software.

At the end on the session log out using “exit” button and close browser window or tab.

Avoid public or unknown devices for performing online banking.

General recommendations

Fraudulent (phishing) messages, call and e-mails. How to recognise them?

  • Nobody, including our bank, will ask from you for "security reasons" passwords or PIN codes. They are always entered during standard login process.
  • If you received an e-mail or SMS on behalf of the bank with a link and request to log in - make sure that domain name in the link is our bank's.
  • NB! Usually bank does not send you a link with a request to log in. Only exceptions are cases were you have initiated something yourself - applied for loan, placed a deposit.
  • If it is necessary to log in to the self-service, it is always safer to go to the bank's website and log in from there rather than to trust the links.
  • It can be very difficult to identify the counter-party over the phone. Avoid giving out sensitive personal information and definitely never use passwords or PIN codes in a phone conversations.

 

We wish you pleasant and secure transactions!

We expect your security related questions at [email protected].

Our Responsible Disclosure Policy can be found here: https://ca.bigbank.eu/security

Fraudulent (phishing) messages, call and e-mails. How to recognise them?