Security alerts Verified by Visa Stay secure One Time PIN (OTP) Phishing Browsers

Security - last updated 10 March 2014

Please note: The emails shown below might differ slightly from those that you receive, as fraudsters regularly update and modify them.

If you suspect that you have been phished or your account security has been compromised, please call the eBucks contact centre on 087 320 3200.

Please report all phishing emails to onlinefraud@ebucks.com

Latest phishing scam

Date: 10 March 2014
Type: Email scam

eBucks system notification

You have a pending 5,000 FNB eBucks Reward or R500 to claim as it expires today, Please click here http://www.ebucks.com/ to claim it now.

After login, please wait for an sms containing your confirmation OTP, and enter it on the next page, failure to complete will result to your account balance been pending

Regards,
The eBucks Team

Phishing scams

Date: 10 February 2014
Type: Email scam

eBucks system notification

You have been rewarded with a e 10,000 eBucks for your valentine spending, which is equivalent to R1,000 for been a loyal FNB/RMB Customer… Please click here https://www.ebucks.com/web/eBucks/earnandspendpartners/eBucksForMe/ to validate the process of receiving your Reward,

Note that you must enter the OTP on the next page. . If you fail to enter the 6 digits OTP, you may not be verified.

Regards,
The eBucks Team

Date: 10 February 2014
Type: Email scam

Attention eBucks

You have been rewarded with a e10,000 eBucks Valentine promo, which is equivalent to R1,000 for swiping your FNB cheque card...Please click here https://www.ebucks.com/web/eBucks/earnandspendpartners/eBucksForMe/ to validate the process of receiving your Reward,

Note that you must enter the OTP on the next page. Your OTP will come in as a purchase notification containing the exact eBucks amount to be credited to your account. If you fail to enter the 6 digits OTP, you may not be verified.

Regards,
eBucks Reward Program

Date: 22 April 2013
Type: Email scam

You have an eBucks to spend!

The total amount of eBucks that will be transferred to your eBucks account is eB5,000.

Before you start deciding how you're going to spend your eBucks, you will need to deposit them into your eBucks account.

To do this:
Please click here9EC484B854881C41EF706D650C6DF27CFF25405BCB0CBD554E7A2DBE48570F24

Note that you must enter the OTP on the next page. Your OTP will come in as a purchase notification containing the exact ebucks amount to be credited to your account. If you fail to enter the 6 digits OTP, you may not be verified.

Regards,
eBucks Reward Program

Date: 12 February 2013
Type: Email scam

This is to inform you that a transaction has occurred on your eBucks account below :

Transaction Type : CREDIT

Please to view transaction details ,Kindly click the link below

Yourebucksrewardsnotice, to validate the process of receiving your eBucks/FNB Reward, then wait for an sms to get to your cellphone containing an OTP number, Note that you must enter the OTP on the next page. Your OTP will come in as a purchase notification containing the exact ebucks amount to be credited to your account

.Note that you must enter the OTP on the next page. Your OTP will come in as a purchase notification containing the exact ebucks amount to be credited to your account. If you fail to enter the 6 digits OTP, you may not be verified.

eBucks Reward

Date: 10 January 2013
Type: Email scam

Welcome to the New Year,

A total amount of e15,000 eBucks has been transferred to your eBucks account as a New Year welcome package for staying with us.

Before you start deciding how you're going to spend your eBucks, you will need to deposit them into your eBucks account.

To do this:
Please click here 7CFF25405BCB0CBD554E7A2DBE48570F24

Date: 13 November 2012
Type: Email scam

You have an eBucks to spend!

The total amount of eBucks that will be transferred to your eBucks account is eB13000 to short for the Christmas.

Before you start deciding how you're going to spend your eBucks, you will need to deposit them into your eBucks account.

To do this:
Please click here 7CFF25405BCB0CBD554E7A2DBE48570F24

Date: 01 November 2012
Type: Email scam

You have been an eBucks to spend!

The total amount of eBucks that will be transferred to your eBucks account is eB13000.

Before you start deciding how you're going to spend your eBucks, you will need to deposit them into your eBucks account.

To do this:
Please click here 9EC484B854881C41EF706D650C6DF27CFF25405BCB0CBD554E7A2DBE48570F24

Date: 30 October 2012
Type: Email scam

Attention eBucks User

Your eBucks Account has been suspended...Please click here
https://www.ebucks.com/web/eBucks/earnandspendpartners/eBucksForMe/ to validate the process of re-Activating your account

eBucks/FNB Reward

Regards

Date: 11 July 2012
Type: Email PDF scam

Download the attached eBucks reward statement for claim.

Dear eBucks customer,

EBUCKS REWARD NOTIFICATION

This is a notification that you have received a reward of eB 13,500 which is equivalent to R1,350 for been a FNB customer please click below reward link or copy and paste in your browser to claim your reward.

REWARD LINK: http://ebucksrewardslink.############.com/files/ebucks.html

Thanks,
ebucks / FNB Team

Date: 16 June 2012
Type: Email scam

Attention Ebucks Member,

This is a notification that you have received a reward of eB 11,000 which is equivalent to R1,100 for been a FNB customer please click the reward link http:///eBucks/eBucks.html here to claim your reward.

Thank,
Ebucks/FNB Team

Date: 17 March 2012
Type: Email scam

Attention Ebucks Member

You have been rewared with a e10,000 which equivalent to R1000 for swiping your FNB cheque card...Please click here https://www.ebucks.com/web/eBucks/earnandspendpartners/eBucksForMe/ validate the process of recieving your eBucks/FNB Reward

Regards,
Ebucks Reward Programe

Verified by Visa

eBucks is proud to introduce Verified by Visa which helps protect your FNB or RMB Private Bank Visa Cheque or Credit Card against fraudulent online use. Verified by Visa uses a One Time PIN (OTP) that gets sent to your cellphone when making any online purchases at no extra cost.

Please note:

  • You must activate your Cheque or Credit Card for this free safety service through FNB or RMB Private Bank Online Banking.
  • The cellphone number on your eBucks profile must match the cellphone number you use for FNB and RMB Private Bank’s free InContact messaging service in order to verify your identity as the card holder.

To activate Verified by Visa on your FNB or RMB Private Bank Visa Card, you must be registered for Online Banking. If you are not, please register now.

Registration for FNB Registration for RMB Private Bank

Once registered:

  • Log on to FNB or RMB Private Bank Online Banking
  • Go to the "Cards" tab
  • Select "Activate Now"
  • Follow the easy steps
  • Select "I accept and agree to the Disclaimer above"
  • Click "Finish" on the Activation Results screen

How to use Verified by Visa when shopping online:

  • Once activated proceed to the checkout. Input your 16 digit FNB or RMB Private Bank Visa Card number when prompted.
  • You will then be asked for a One Time PIN (OTP) which you will receive via SMS.
  • Finalise your purchase.

Frequently asked questions

Online Security

Your Internet security is our priority, so we take all reasonable steps to protect our systems against intrusion or compromise. In addition to your South African ID number and 4-digit PIN, we use state-of-the-art encryption to ensure the security of your online transactions. At all points where sensitive information is being entered (such as personal, account and transaction details), a 128-bit encryption layer is used.



Email redirect

In order for us to see what links in our emails are popular and to track click through activity, we first redirect you to a valid and safe website where the actual hits to the URL are counted before being directed to the correct eBucks page. This process takes less than a second and is harmless to the user. The process should also not be confused with phishing, where the recipient is directed to the wrong website .

We use a valid and reputable email partner to send and track our emails, and you may see a URL that starts with the following, when clicking some of the links in our emails: http://ed.striata.com .



OTP

Important Security tips:


1. Ensure that the website is secure

Verify that the website is secure
Check that the website with which you are transacting with is a secure site. The VeriSign process is available on trusted websites to provide peace of mind when transacting online. Just click on the VeriSign logo to verify.

Look out for the secure padlock
When visiting websites look out for a small padlock in the lower right-hand corner of your browser. The padlock tells you that you are running in SSL (secure socket layer) mode, which means that every request you send is encrypted (scrambled and encoded) using a certificate from a legitimate security authority. When logging in via www.eBucks.com, make sure that the padlock is visible before you logon.

Important Note

Members using certain versions of Internet Explorer may, when clicking on the padlock icon to view the certificate, see the following error message:

”This certificate has failed to verify for all of its intended purposes.”

This is a browser issue that has been documented by Microsoft. Internet Explorer Users who see this message displayed should be assured that their connection is secure. The display message is symptomatic of an Internet Explorer bug - the underlying connection remains secure. Microsoft have offered the following comments regarding this display error:

Cause: This can occur if Internet Explorer interprets a specific object ID in the contents of some Server Gated Cryptography (SGC) certificates.

Resolution: This affects only the user interface; Internet Explorer still communicates by using the secure connection. If you click the Certificate Path tab in the dialog box, you see the message "This certificate is OK" in the Certificate Status box.”

2. Ensure that the website is legitimate

Browser

Whenever you a website, always check the authenticity of the website, since bogus websites have been set up to defraud Internet users. To do this, when you type in a website address, check the address at the top of your browser (see the picture above) and make sure that the website address reads – https://www.eBucks.com (note: the eBucks website address is not case sensitive), since you could be diverted to a spoof website, where your accounts or access details could become compromised.

3. Keep your Access Codes secret

We make every effort to ensure that no one on the Internet (including your Internet Service Provider) is able to intercept your User Name/ID and Password. You, in turn, must ensure that your Access Codes (these include your PIN, Passwords, User Name/ID and Access Number) are not disclosed to any other person, and are kept separate from any documents related to the eBucks Rewards Programme.

Be particularly cautious when using public computer terminals - don't allow people to watch you typing in your information, and ensure that the browser does not store your Password.

4. Change your PINs and passwords regularly

You should change your PINs and Passwords regularly, using PINs and Passwords that are difficult to guess (i.e. a combination of numbers and letters in random order e.g. hql67f3a).

5. Don't allow your browser software to save your password

Your browser may have a setting that stores Passwords and personal details. Although this can be convenient when you are using your personal PC at home, it is very dangerous if someone else might use the browser after you. When your browser offers to remember your Password for you - do not click yes. Disable this feature as follows:

IE  
For members using Microsoft Internet Explorer:
Under the Tools menu, select the Internet Options menu item. Select the Content tab, and ensure that AutoComplete for Passwords is switched off. Under the Advanced tab, scroll down and ensure that 'Use Inline AutoComplete' is not selected.
Firefox
Netscape
 
For users of Netscape Navigator or Mozilla Firefox:
From the 'Tools' menu, select Options. Select the 'Security' tab. Ensure 'Remember passwords for sites' is not selected.

Please note: Netscape Navigator is now defunct and it is highly recommended that you seek a recommended alternative such as Mozilla Firefox.

Google Chrome  
For those using Google Chrome:
Click the customise and control Google Chrome icon beside the address bar. From the menu, open Options and select the Personal stuff tab. Choose the 'Never save passwords' option.
Apple Safari  
If you use Apple Safari:
Click the Safari settings icon beside the address bar. From the menu, select Preferences and choose Autofill. Make sure the 'User names and passwords' option is not selected.

6. Install and maintain anti-virus or Internet security software

A virus is a malicious program that can duplicate itself and infect a computer, and any other that comes into contact with it via a network connection or storage devices. Malware is software that is designed to infiltrate and damage a user's computer system without their informed consent. Spyware is computer software designed to infiltrate a user's system and intercept user interactions or even take partial control of the system. To protect yourself from these threats, you should install credible anti-virus or Internet security software and keep this software up to date. Do not open emails from people you do not know, and never open an attachment or run a program file unless you are completely sure that they are safe.

7. Know about identity theft

Identify theft and identity fraud are terms used to refer to all types of crimes in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain. There are many variants and manners in which identity theft can occur, the two most prevalent being phishing and spoofing.

One Time PIN (OTP)

Your security is very important to us, so that's why we've introduced a One Time PIN.

A One Time PIN is a unique 6 digit password that will automatically be sent to you via SMS whenever you log into the eBucks website. Your One Time PIN can only be used once, giving you peace of mind that your eBucks account is even safer now. You'll always know when your eBucks account is being accessed. This added level of security will ensure that only you can access your account.

You'll need your OTP when:

  • Updating your personal information
  • Updating account details
  • Purchasing airtime and virtual vouchers and
  • Transferring your eBucks to another member's account

Phishing

What is Phishing?

Phishing is a form of Internet fraud that aims to steal valuable personal information such as credit card details, login details, PINs and passwords. People receive fake communications that try to trick you into passing over confidential information. They do this by masquerading as legitimate sources and either request this information by email or lure you to a fake website (spoofing).

Prevent Phishing

eBucks will never ask you to update personal information, confirm an account number or change a PIN via email or SMS.
You are advised to ignore or delete any email that asks you to review, verify or update sensitive account information such as your access details or PIN.

Here is an example of what a Phishing email might look like:

Phishing example

If you suspect that you have been phished or your account security has been compromised, please call
the eBucks contact centre on 086 123 3000.

External links:
More information on phishing from FNB here

Browser compatibility

In order to ensure that you are provided with the most effective security and protection from threats like phishing, hacking and identity theft, we encourage all users of our website to ensure that all browser software is up to date or at least of a version that supports the latest Internet security protection.

We cannot guarantee that the website will accommodate Internet browsers which are out of date and do not comply with our stringent security policies.