Select Country


11TH APR 2020

The government has instituted measures to control the spread of the COVID-19 pandemic, changing, the way we do business. With restricted movement and curfews, Digital Banking remains a viable option for you to continue managing your financial tasks.

As we move from traditional branch-based banking to digital channels, targeted cyber-attacks are likely to increase. It will be prudent to pay closer attention to how you perform your online transactions, how you secure your home network and how you consume news related to the pandemic.

Online Transactions

  • I&M Bank will never ask for your PIN or Password of your digital or mobile banking channels. Pay close attention to any online portal that asks for your PIN. Malicious actors may likely come up with enticing offers to scam you into providing your Debit/Credit card numbers or Mobile phone numbers and their associated PINs. These could be offers on reduced rates on internet bundles purchase.
  • You must ensure you do not use the same PIN for multiple digital banking channels e.g. your M-Pesa, Debit/Credit card & Mobile banking Pins should not be identical. This way, in the event one PIN is compromised, it cannot be used to access your other digital channels.
  • Always verify a website before transacting online. Instead of clicking on a link, type in the website URL on the address bar e.g., and check for the lock icon or Connection Secure message on the browser. Do not leave your card details (card number + CVV) on web portals whose security details you cannot verify or trust.
  • Following COVID-19 directives in various jurisdictions, various merchants may avail new online card payment options with relaxed security configurations. Where payment for goods and services is delivered by various merchants using your Debit/Credit card details, also consider using alternative payment methods such as Mpesa/ Airtel Money.

Unprecedented Phone Calls

  • Be careful not to give private information on calls purporting to be customer care from Telco companies. Telcos will never call you to ask about your bank details or mobile banking transactions. If you receive such calls, confirm the number is an official customer care number of the Telco. Alternatively, terminate the call and contact the Telco via its customer care numbers indicated on their digital channels.

Unsolicited Emails

  • There will likely be a surge of communication around COVID-19. A common avenue for this will be unsolicited emails. To avoid malicious emails, check for lookalike email addresses with minor changes e.g. instead of

Wifi Security

  • While majority of the workforce is encouraged to work from home, an avenue that could be used to launch malicious attacks against you is your home Wi-Fi. Reach out to your Wi-Fi service provider and ask them to enable the most secure access and encryption settings on your home router.

News Consumption

  • Malicious actors will take advantage of the COVID-19 pandemic to redirect you to malicious links posing as legitimate news sources. Do not click on links from unsolicited emails or unknown senders. These may result in malware that could steal your credentials for digital banking channels.

To conclude, ensure to be a STAR as you utilize our digital channels;

S: Stop when you note something suspicious

T: Think of the smart and secure way to deal with suspicious event

A: Act based on your cybersecurity awareness

R: Report the suspicious event to

You can get more information from our cybersecurity page here