Information Security

Treat e-mails with care

Remember that you cannot always trust that the sender of an e-mail is who he or she claims to be. The biggest threat to your digital security is fraudulent e-mails ("phishing" emails) that try to trick you into clicking on links to scam sites or opening an attachment that contains malicious code. Even though many such scams are easy spot, cyber criminals are becoming more cunning, and phishing emails can often be very convincing and sophisticated.

Storebrand will never ask you to provide sensitive information via e-mail, including personal data or passwords. If something is urgent and must be actioned upon immediately, or your account will be terminated, is often an indication that something is not right. If you receive fake e-mails or text messages, please report it to customer support.

Protect your passwords

Remember that all passwords are personal and should never be shared with others. A compromised password can quickly fall into the wrong hands. You should also use different passwords for all the main web services you use. The first thing a cyber criminal will do is to test whether your username or password can be used to access other common services such as social media, webmail, or at your work.

Our password recommendations:

• Change your passwords regularly
• Use unique passwords for every service or product
• Use long passwords (passphrases or sentences)
• Use two-factor authentication where available (e.g. a one-time code sent to your mobile or email)
• It is important to have passwords and key lock on PC, mobile phones and tablets

You can read more about how to create strong passwords (at Nettvett.no – linked page is in Norwegian).

Keep your programs and OS updated

Most cyber attacks depend on exploiting known errors and vulnerabilities in your operating system, or in commonly used programs like your browser, Flash, or Java. By regularly installing updates from the manufacturer, you reduce the risk of being infected. In most cases, you have the option to turn on automatic updates – which we highly recommend. 

Many also use free tools like Patch My PC Home Updater or FileHippo App Manager. These applications keep an eye on all the software you have installed on your computer, and continuously check for available updates. 

Use built-in security features

You should make sure built-in security features in your operating system, such as access control, encryption, malware protection and firewall, are turned on and configured to suit your needs. These invaluable defence mechanisms are usually free of charge and ready to use. We recommend taking fifteen minutes to learn which functions are available in your operating system. 

You can read more about the built-in security features of Windows, and of MacOS. 

Take advantage of antivirus software and other security tools

Most antivirus programs today include a number of features that not only search for malicious code, but also include a firewall, web scanner, e-mail filters and much more. Remember also to keep these applications and definition files updated at all times in order to stay protected against the latest threats. However, keep in mind that even the best anti-virus software will only prevent around half of the threats – YOU will always be the first line of defence! 

Back up your content regularly

Whether it is a fire, a burglary or a virus that has encrypted all your data: when disaster strikes, it is too late to regret that you did not back up your data. In worst case, you will have lost all your documents, e-mails and holiday photos. 

Maintain a regular routine for backing up your data. Most external hard drives are capable of storing your most important files, and usually include software that will make your backup routine easy. However, make sure you keep your backup device in a different location than your computer! 

Following these simple steps will considerably improve your online security! 

ID Theft

Theft of personal data and assuming someone else's identity for personal gain is a form of crime that has increased significantly in recent years. Safeguard your personal data and be careful of who you disclose it to – whether online, on the phone or in person. If you are exposed to an ID theft, the consequences can be severe, and it may take time to recover. For example, identity thieves can attempt to apply for loans or credit cards, buy goods and services or commit other criminal activities in your name. Fraudulent e-mails and fake websites are examples of digital threats where you are tricked into providing the information the criminals are after. However, you should also remember that the physical mail you receive in your mailbox and documents you throw in the garbage can contain personal information – making it a potential goldmine for ID thieves.

Our advice:

• Be careful about disclosing personal information
• Never give anyone else access to your BankID or code chip
• Use digital mailboxes and solutions such as Digipost and E-box, as well as direct debit and eFaktura (eInvoice)
• Lock your physical mailbox to prevent theft of personal information that comes in the mail
• Shred, tear into small pieces or burn documents containing personal information
• Limit the number of cards and personal information in your wallet and bags

The online resource https://nettvett.no/id-tyveri/ (linked page is in Norwegian), which is run by the Norwegian Center for Information Security (NorSIS), contains several tips and best practices for how to avoid becoming the victim of ID theft, as well as what you can do if your information has been compromised.

Phishing — a type of online scam

"Phishing" is a type of online fraud where scammers are mining for sensitive information that can be used for fraudulent purposes. Typically, scammers will try to trick you into opening malicious attachments, clicking on links that lead to a fake web site, conducting a fraudulent transaction, or causing you to submit confidential information.

We are aware that scammers will try to pretend to be us or similar businesses. The scammers will then often send you an e-mail or instant message that looks like it is from Storebrand or other trusted sources. You will be asked to click a link that redirects you to the scammer's website. The web page may look just like one of our pages, but it is a dummy page.

The purpose is to trick you into providing sensitive information such as your national ID number, user credentials, or credit card information.

Always be careful when you are asked to click links in e-mails or other instant messaging services. Verify that the website is a genuine Storebrand web page by looking at the address bar in your web browser:

• All our web pages are encrypted and the web address starts with https://
• Please note that we use several domains, so https://www.storebrand.com and https://www.storebrand.no are not our only web addresses. E.g., you may see the following addresses: https://nettbank.storebrand.no or https://id.storebrand.no.
• You can check the website's certificate in your browser's URL field. If it is valid and up to date, you can be sure that you are on an actual Storebrand website.