Security Notice

  3. Security Notice

General Information

FIMBank will never use email or telephone to request confidential information, such as personal documentation, passwords related to your accounts, activation/recovery codes, or, other information of a confidential nature. Likewise, FIMBank will never transmit confidential information related to you by email.

Should you receive an email that appears to be fraudulent, please forward the email as an attachment to esecurity@fimbank.com and delete the email. Do not reply to the original email.

Please beware of websites that are of a fraudulent nature and which have no relation to FIMBank p.l.c. or to FIMBank Direct.  Fraudulent websites often have a similar appearance but can be identified by their URL, which can be similar but never identical to the legitimate FIMBank websites.

The following are the only legitimate FIMBank plc websites: 

  1. https://www.fimbank.com/
  2. https://www.easisave.com/
  3. https://secure.easisave.com/
  4. https://securemail.fimbank.com/
  5. https://direct.fimbank.com/

The only way to ensure that you are visiting a legitimate FIMBank website is by checking that the link shown in the address bar of your browser starts with one of the above (note the trailing / after each “.com”).

Any links found in mailshots sent by FIMBank p.l.c. should point to one of the above links.  The only exceptions are the “View online version” link found in the top right corner of the emails and the “click here to unsubscribe.”, which point to http://zqkr.mjt.lu.  This link points to one of our email service providers.

When receiving an email from FIMBank p.l.c., please note that the email address will always have the following suffix: @easisave.com or @fimbank.com, and nothing after the .com.

The domains fimbank.com and easisave.com are protected by an “SPF” record.  All emails originating from these two domains should have an SPF value of “PASS”.  Any other responses indicate that the emails are not originating from a FIMBank P.L.C. authorised email server.

Use of the FIMBank Camera Authentication Matrix (CAM) mobile app

The FIMBank Camera Authentication Matrix (CAM) mobile app is used to access your account of FIMBank Direct.

  • The FIMBank CAM app should only be downloaded from the Apple App store and Google play store and should have FIMBank plc clearly marked as the Developer. Any other application that either carries the FIMBank CAM name, or, a different developer should be deemed to be unauthorised and therefore malicious. Likewise the FIMBank CAM should never be downloaded from any other store.
  • Never divulge activation codes, recovery codes or your personal Matrices to 3rd parties. These are confidential and could allow an unauthorised party to gain access to your accounts.
  • The FIMBank CAM application is the only authorised method of authenticating access to your accounts and authorising transactions. It is therefore vital that the password to this application remains confidential and is only known by yourself.
  • Should you suspect that your phone has been compromised, and/or infected with a virus then you should stop using the FIMBank CAM application and report the incident to the FIMBank Help desk immediately. We strongly recommend also uninstalling the app immediately until you can be sure that your device is secure again

Additional Information for Customers

All FIMBank websites are protected using the latest Extended Validation (EV) SSL technology, which provides a way of certifying that the website genuinely belongs to FIMBank. EV SSL ensures that the address bar on the latest web browsers will become green and/or have a green closed padlock when you visit the website. Additionally, you should see FIMBank P.L.C. [MT] clearly marked as the site developer alongside the URL of the website in the address bar.

The below show how EV SSL appears on two different browsers:

Internet Explorer

The address bar is displayed in green and a closed padlock along with FIMBank P.L.C [MT] appears to the right of the URL

--

Google Chrome

A closed padlock along with FIMBANK P.L.C [MT] appears in green to the left of the URL

--

For your safety:

  • You should never divulge your FIMBank User ID, password, Matrixes or recovery/activation codes to anyone;
  • You should never divulge personal information or passwords by email or online;
  • You should only access the FIMBank websites from trusted computers with updated security and where Internet is accessed via the latest web browsers;
  • Always double check the website URL to make sure that it is identical to the sites listed above;
  • You should only enter your username and password after you have verified that the site is genuine by checking there is a closed padlock and that the certificate owner displayed near the address bar is FIMBANK P.L.C. [MT].

Please reach out to us via the Contact Us form, or by email on esecurity@fimbank.com should you encounter fraudulent activity purporting to be affiliated to FIMBank, such as fraudulent websites or mobile apps on public app stores.

 Secure email document click here