How can you protect yourself?

Use anti-virus software and a firewall

Use the latest versions of anti-virus software and firewall on all devices used to access online banking, and update your operating system and web browser on a regular basis.

Do not disclose confidential information

Do not share your card number, login and access passwords with anyone and do not save them in files or on a piece of paper. If you need to save such information, do it in an encrypted form that prevents other people from reading it.

Do not store the PIN and card together

Do not store the PIN, e-PIN, CitiPhone PIN and card numbers in one place and do not share your data such as the expiry date and the last 3 digits of the number given on the reverse side of the card with anyone.

Verify the correctness of the transaction with SMS

If you use the SMS service to approve transactions, always verify whether the last digits of the recipients’ account number and the transaction amount are the same as the last digits of the account number and the amount included in the activation SMS.

Set a strong access password

Make sure that your password and codes are difficult to guess and change them on a regular basis. Do not use the same password for different online platforms.

Contact the bank if you suspect your login data have been compromised

If you suspect or discover that your login data have been lost or intercepted, please contact the Bank immediately via CitiPhone (+48) 22 692 2484 to block your account.

Beware of fake emails

Do not respond to emails which ask you to provide your personal data or access codes.

Secure your PIN

Before you use your PIN, e-PIN or CitiPhone PIN, make sure it is not going to be disclosed to anyone who could be looking over your shoulder or overhear it.

Do not click suspicious links

Do not open any suspicious links or attachments in received email, SMS and MMS messages.

Report your device missing

If you lose your device used to access online banking, contact the Bank immediately via CitiPhone at (+48) 22 692 2484.

Check your anti-virus software

Check if your anti-virus software and firewall are active and valid. Check the rating of your anti-virus software in independent tests and make a conscious decision which one to choose.

Report suspicious activities

If you see atypical or suspicious activities, immediately report them to the Bank.

Do not use an unknown Internet connection

Do not use electronic banking via unknown or insufficiently secured connections (e.g. public WiFi). It is better to use mobile data on your phone provided by the telecom operator than a third-party WiFi. You can also use your smartphone as an Internet access point for your computer.

Avoid using unknown devices.

Logging in on an unknown computer, in the office, when travelling or in a car showroom to make a transfer is a bad idea. Your password could be intercepted.

Check whether the certificate description of the website is the same as the description below if you have doubts about its credibility:

- issued for www.online.citibank.pl
- issued by DigiCert EV RSA CA G2
- valid from 01.10.2024 until 01.11.2025
- owner: Citigroup Inc.
- digital fingerprints (SHA-256):
Certificate: 6ea97874c4dc9887c774db12f0800d989b90445e5e28b7dd78756512a2293ffa
Public key: c150c7ff0ba17c21015b1ac4cdd482e890d845cde11552f1f6dedbc438833d31

If the certificate description includes different data, please contact the Citibank Online customer service team (technical support) at the phone number: (+48 22) 692 24 84.

When logging in, enter your username and password only

When logging in, remember to enter only your Username and Password – if you are prompted to enter any other data on the login screen, stop the process and report this incident by calling (+48 22) 692 2484.

Do not use the banking platform in public places

Do not use the banking platform in public places (at an Internet café or library), where there could be crowds of people. There is a risk that someone might see your sensitive data and confidential information.

Protect your login data

Make sure nobody can see your Username or Password when logging in.

Remember to log out

Log out after you have finished your work. Never close the browser window without confirmation that you have been correctly logged out.

Change the access password

Change your login password for the e-banking system on a regular basis. Your password is much more secure when changed periodically.

Check the correctness of the account number

Before confirming the transaction, always verify whether the account number to which you are making a transfer is consistent with the recipient’s number provided in the SMS message or in the push message if you have an active Citi Mobile Token service.

View the account history

View the account and operations history on each payment card in terms of suspicious transactions. You can view your transactions on a regular basis if you turn on the Citi Alerts Premium service offered by the Bank.

Do not copy account numbers

When using online banking, do not copy bank account numbers for transfers (“copy-paste”), but enter them manually and, next, check them very carefully.

Change your confidential data if they may have been compromised

Immediately change your confidential data such as PIN code, Password to Citibank Online or Username if you suspect someone else knows them.

Update your anti-virus software

Update your anti-virus software on a regular basis. This way you will significantly protect your computer from viruses and Trojans. If possible, set automatic update of the virus base and a regular scanning of the computer.

Update your computer operating system

Remember to update the operating system of your computer, tablet and phone. This will help you avoid gaps in your system that can be exploited by hostile individuals or programs. Moreover, update your web browsers and mobile applications for online banking.

Use only legal software

Make sure to only use software from legal and trusted sources. If you use mobile applications, make sure they come from the official application stores (App Store, Google Play).

Have a firewall

Make sure your computer has a firewall. Above all, firewall prevents unwanted Internet connections – both outgoing and incoming. It is also a useful tool that reinforces the protection of your privacy from persons who may steal your confidential data.

Contact the bank or change your password and username

If you lose your device on which you receive single-use activation codes / which you use for online banking / on which you have activated the Citi Mobile Token service / which stores your authentication data for the banking platform, please contact the Bank immediately at the phone number (+48 22) 692 2484 in order to block your account or change the Username and Password for logging in to online banking.

If you are unable to contact the Bank, make sure to change the Username and Password via Citibank Online (after logging in go to the section Products and Services -> My Citibank Online, and then Change Username or Change Password). Make sure to change this type of data only on a trusted and well secured device. The Citi Mobile Token service assigned to the stolen phone can be deactivated after logging in to Citibank Online, in the tab Services and Profile – My Profile.

• Set a safe password

The password must contain a minimum of 8 characters, at least one digit, at least one upper case and at least one lower case letter. It cannot contain Polish letters, special characters (& “ ‘< >), three identical characters (e.g. 444, @@@), three consecutive numbers (e.g. 123) in succession, three consecutive letters (e.g. abc) in succession or be the same as the Username. Remember to change your password to electronic banking on a regular basis. The password cannot be simple and be associated with the account holder. Do not use the same password for different online platforms.

Remember to log out

For your security, we recommend that you log out of the system every time you finish using the application.

Uninstall the application if you change your device

We recommend that you uninstall the Citi Mobile® application every time you change your device.

Install anti-virus software on your smartphone

If it is available for its operating system. Most new smartphones are mobile computers, and criminals also design viruses or spyware for them.

Update the software and operating system

Make sure the operating system and programs on your smartphone are always updated to the latest versions issued by the manufacturer. Do not install any software from unknown and untrusted sources.

Block phone access

If your smartphone is equipped with such a functionality, always block phone access (e.g. with access code, a specific symbol or biometric data such as a fingerprint, face ID or iris scanner) to protect the data on your phone from third-party access in case of theft or loss of the device.

Do not share the device with third parties

Do not make your smartphone available to third parties, especially if it has a Citi Mobile Token installed or receives SMS codes for authorizing online payments.

Read and react to alerts

Always read and verify SMS and PUSH alerts received on your phone. If they raise any doubts or concerns, contact CitiPhone.