At Credit Suisse, data confidentiality, integrity and availability are a cornerstone of our business. Accordingly, the protection of information is paramount to us and we continually monitor the adherence to our industry standards on people, process and technology.
While Credit Suisse employs various security practices and measures in order to protect client data, you play an important role in safeguarding against cyber risks which can include malware attacks, unauthorized access and fraudulent transactions.
Credit Suisse may periodically contact clients directly through email and phone, but will never request that the client provide electronic banking credentials on an unsolicited basis. For those who are not former or current clients, Credit Suisse does not solicit business through cold calls or social media.
Please report all relevant emails, documents, and email headers related to suspected cyber security, phishing, brand misuse and fraud related to Credit Suisse to firstname.lastname@example.org.
You may download our cybersecurity booklet for future reference here (PDF).
Due to the general uncertainty surrounding the Coronavirus/COVID-19 pandemic, there is an increase of criminals looking to take advantage of the situation. As a result, you may receive phishing emails, unsolicited calls, text messages or messages on social media regarding Coronavirus/COVID-19 updates or notices purporting to originate from Credit Suisse or governmental agencies such as the World Health Organization (WHO). These criminals will often use emotional pleas, threats or urgency to pressure you to take an action.
The below scams may not only include misleading information, but may request your personal information such as COVID-19 checks or loans. Oftentimes, these scams may include malicious links or attachments that should not be opened.
Victims receive cold calls from fraudsters who promote shares, property or investment opportunities via phone, email or social media and later send a follow up email with a document attached or a DocuSign link.
Fraudsters are offering bogus financial documents such as fixed corporate bonds, purporting to originate from Credit Suisse. Such scams are sent via email or directly via social media, misusing Credit Suisse branding such as employee impersonation or fake websites or accounts.
While there is no guarantee to be 100% safe from cyber attacks, here are our 9 tips to help keep your personal information safe and to better protect you:
Phishing is the simplest way for the cyber criminals to launch their attack. The criminals use fraudulent e-mails to convince you to click on a suspicious link or open an attachment to install malware or redirect you to a landing page to steal personal data and login details.
Hackers recreate well-known websites to capture your user credentials, such as passwords, Social Security numbers, credit card information, to name a few. They then use this stolen information to access your banking and other accounts.
Phishing materials often look genuine and may appear to originate from real people, organizations, institutions, and websites. While there is no guarantee to be 100% safe from cyber attacks, the following precautions are suggested to better protect you:
Please report all phishing emails and email headers related to Credit Suisse to email@example.com.
While there is no guarantee to be 100% safe from cyber attacks, here are some tips on how to protect yourself while online shopping.
As we become more connected through the use of our devices, below are tips to better protect yourself. Please note while these tips will reduce your risk against cyber attacks, these tips will not 100% guarantee your safety.
Best practice guidance for your personal devices
Credit Suisse acknowledges the valuable role that independent security researchers play in cyber and information security. As a result, we encourage responsible reporting of any vulnerabilities that be found in Credit Suisse online applications and systems.
Credit Suisse is committed to collaborate with security researchers to verify and address any potential vulnerabilities that will be reported to Credit Suisse.
Please review our terms before you test and/or report a vulnerability. Credit Suisse pledges not to initiate legal action against researchers for penetrating or attempting to penetrate our systems as long as they adhere to this policy.
Credit Suisse does not permit the following types of security research:
While we encourage you to report to us any vulnerabilities you find in a responsible manner, the following conduct is prohibited:
Reporting a potential security vulnerability:
The Credit Suisse security team commitment:
We ask that you do not share or publicize an unresolved vulnerability with/to third parties. If you responsibly submit a vulnerability report, the Credit Suisse security team and associated development organizations will use reasonable efforts to:
We are happy to thank every individual researcher who submits a vulnerability report helping us improve our overall security posture at Credit Suisse.
Please click the respective links below for further information: