Security recommendations for using ePay.bg
Protection of the information and customer’s data is the main priority of ePay AD as an operator of the ePay.bg system. The company applies the highest standards of security information and uses the most recent methods and technologies to protect customer’s data.
We recommend you to follow these security advice which will help you to protect yourself from internet fraud and protect your personal data.
Recommendations for protection of personal data
1. Access to the ePay.bg website
- Access ePay.bg site directly by dialing the address https://www.epay.bg. Do not use automatic address completion features.
- Always make sure that the web page you open to access ePay.bg is authentic and the communication with it is secured. When you load a page at www.epay.bg, a green padlock appears in the upper left corner of the browser . If you click on it you can get information about the site certificate, which must be obligatory issued at www.epay.bg.
- When you finish using your ePay.bg account, always use the "Exit" button before closing the browser.
2. Password and username to access ePay.bg
- Change your password periodically (at least once per every six months). It is recommended that your password for access to ePay.bg to be different than your password for access to social networks, emails.
- Do not save your username or password to access ePay.bg in your browser.
- Do not write down your password and username to access ePay.bg on paper, do not save it on your computer or on your mobile phone.
- Do not share your access data to ePay.bg with other persons.
Phishing and e-mail messages
So called phishing attacks are the most common way in which malicious individuals obtain personal data. This type of fraud occurs when somebody sends you an email, representing themselves on behalf of a site or a organization. This e-mails usually inform you that you have message from the site and that you need to reconfirm your personal data. An internet link is presented to you which leads to a page that visually resembles or look similar to the original site. On this page you are asked to enter your username and password or your bank card details etc. The information you enter is then used for identity theft or unauthorized access to your Internet banking, your account to online payment systems or unauthorized payment with your bank card.
How to Identify Phishing
- Almost always these messages are not personalized
- They often contain spelling and grammatical errors
- The messages make you think that it is a matter of urgency
- They invite you to enter a username, password, personal data or card data
How to protect yourself from phishing
- Follow the recommendations for accessing to the ePay.bg site.
- ePay.bg does not send e-mails asking you to provide your password, username, information about your bank card number and security code etc. ePay.bg does not exchange this type of information with its’ customers by e-mail.
- ePay.bg does not send e-mail messages containing links to a web page of ePay.bg, which requires entering a password and a username.
- Such messages may be fraud attempts - in such cases do not respond to the message, but contact us by phone: 02 9210880 or email us at firstname.lastname@example.org by forwarding the suspicious message as an attachment.
Malware is a virus that affects your computer and allows to obtain secret information such as bank card numbers, access passwords, and other personal information. Most of the malware installs cases are due to users’ actions who visit web pages with illegitimate content, open e-mail messages from unknown senders or download files from the Internet.
How to protect yourself
- Do not install and do not use any software of suspicious origin.
- It is a good practice to maintain and use an antivirus program on the computer from which you access your ePay.bg account and other sites through which you make payments or banking.
Additional security means for payment through ePay.bg
ePay.bg provides you additional security means that are used to confirm payments through the system:
Do not provide your mobile phone to which you receive SMS messages or the dpass password for confirmation of transactions to others.