Online account security
Fraud and identity theft aren’t only a risk to your privacy, but also your finances, knowing what to look for can help prevent you becoming a victim.
Fraudsters use ‘phishing’ or ‘spoofing’ tactics to get sensitive information from you. This usually involves a fake website or email which looks similar to one you’d normally trust. Information you give on a phishing site could be used by criminals to access your account or use your identity fraudulently.
In this guide you’ll find helpful information about protecting yourself and how we protect you.
Know it's us when you log in
- Before you enter any details, look out for the genuine address of Online Card Services, starting with: https://online.mbna.co.uk/personal/logon/login.
- In ‘https’, the ‘s’ indicates you’re on a secure site - look for this anywhere you enter sensitive information.
- If you’re on a secure site, click the padlock symbol on your browser to view the site’s certificate.
Check the address
- The address used by a counterfeit site may be very similar to our genuine website addresses. Look closely for spelling differences or the use of symbols, e.g. www.mdna.co.uk, email@example.com or www.verify-mbna.co.uk.
- Hidden addresses - rest your cursor over a link in an email (but don't click on it) and a box will pop up showing you the link destination - do you recognise it as a legitimate address? If not, it might mean the sender’s got something to hide.
How to protect yourself
- Register with Online Card Services so you can check your account regularly for unusual transactions. Please tell us as soon as you notice any unusual transactions or you can’t find your card.
- Review your statements on a regular basis.
- Don’t reply to emails asking you to provide personal information or verify your account. We’ll never request sensitive information in unsecured communications like email.
- So you know emails we send you are genuine, we'll always quote the last 4 digits of your account number and / or part of your post code. We'll also always greet you personally with your title and surname. If your personal details change, let us know so we can update our records and contact you as soon as possible if we suspect your account is being abused. If you have a credit card, you can make any changes at Online Card Services. If you have a loan account, to update your details call us on 0330 678 1430. We’re here to help 8am to 10pm, 7 days a week. Standard network charges may apply.
- If you move house (even temporarily), tell your bank, credit card and utility providers. You might like to use the Royal Mail Redirection service. Also tell your providers if you change your work, home or mobile telephone numbers.
- Consider registering with the mail preference service at mpsonline.org.uk to prevent unsolicited marketing material being delivered to you.
- Use a spam filter to help block ‘phishing’ emails.
- Keep your anti-virus software up-to-date. Don’t switch off your firewall, and be careful what you download.
- Use the latest version of an internet browser, such as Internet Explorer or Firefox.
- Choose strong passwords with a mix of several letters and numbers. Use different passwords for different websites and never reveal them to anyone.
- Shred all confidential letters and paper statements to stop anyone piecing together information about you.
- Always log off Online Card Services before walking away from your computer or accessing other websites.
- Before you buy anything online, check for the prefix ‘https://’, in the website address, which indicates the site is secure.
- Update the operating system (OS) on a device as often as you can. If your computer uses an older OS like Windows 7, XP, Vista or 2000, it won’t get security updates. Similarly, If your mobile device uses Android 7.0 or below, Google no longer sends security updates.
Social media security
- Think twice before sharing information online. Could someone use the information to guess your passwords or commit identity theft?
- Set your social media accounts to private and check your settings regularly.
- Only connect with people you know in real life on social media, as your friends’ real accounts might be cloned by a fraudster.
- Check a person’s identity if you get an unusual request on social media or by email as accounts might have been hacked by a fraudster.
- Be careful when you register on websites and forums. Personal information, like your date of birth, mobile number, address and information about your family can be used for identity theft and to hack your account.
Think you’re a victim of online fraud?
If your MBNA credit card account has been used without your knowledge or someone knows your Online Card Services password, call us immediately on 0800 587 0997 (+44 1244 757 236 from outside the UK). Standard network charges may apply.
Report it to Action Fraud
Call 0300 123 2040. Lines are open Mon-Fri, 8am-8pm. Text phone users can ring 0300 123 2050. Again, standard network charges may apply.
They’ll log the incident and provide you with a crime reference number if needed. Action Fraud collect data from across the UK to help banks and other businesses combat fraud.
You’ll be able to use a self-selected username and password system that serves as our first line of security.
We provide state-of-the-art 128-bit encryption of all data transmitted between your computer and our secure site.
We’ll automatically log you out of your banking session after a designated period of inactivity.
We can block access to your account if your security details are entered incorrectly.
All Online Card Services take place in a secure session, indicated by a padlock symbol shown at the bottom of your screen.
We guarantee to refund your money (including related charges and interest) in the unlikely event that you experience fraud when using Online Card Services or the MBNA Card Services App. We take steps to protect you 24/7, using technology and safeguards that meet or exceed industry standards, but you must also use Online Card Services and the MBNA Card Services App carefully.
Being careful when you use our services includes, for example, that you:
- Do all that you reasonably can to keep your security details (e.g. username, password, and memorable info) safe and log out after each session.
- Don’t let anyone else access your account or security details, or transact using them.
- Tell us as soon as you think your security details have been lost, stolen, damaged or are being misused; or think someone may be accessing your accounts without your authority, or has discovered your security details.
- Carry out regular software updates/virus checks on your devices.
If you've been grossly negligent, we won’t refund any money taken from your account before you have told us your security details have been lost, stolen or could be misused.
Likewise, we won't give you a refund if you have acted fraudulently.
For further guidance on using our online services, read our Online Card Services terms and conditions.