Learn more about online security risks and read our recommendations
We always post alerts about new or increasing fraud cases on the Internet Bank login window, but to protect your personal data and funds in your account, you should remain vigilant and critical, and be able to identify potential fraud cases. Therefore, we strongly encourage you to read the information provided below to help you stay alert and protect your data.
To log in to your Internet banking account, enter the address (https://ibs.medbank.lt) yourself or log in by clicking on the link available in the official website.
When shopping online or accessing the Internet banking system, make sure that the Internet address in your address bar is correct.
Click on the padlock icon in the browser field where you see the address of the Internet banking system to check the website’s certificate. The correct website certificate of Medicinos Bankas looks as shown in the images below:
Never open links received by email or SMS if you doubt the authenticity of the message. Please note that the bank never sends SMS or email messages asking you to enter your personal information.
Set a low limit for online banking transactions and increase it only when necessary.
If you have received a notification on your phone asking you to enter the code of the login tool you are using, but you are not currently logged in to the Internet banking system or the application, or you are not making any payments, ignore the notification.
Read carefully what you are authorising every time you receive a notification from your login tool asking you to enter the code generated by your login tool.
When using Smart-ID and Mobile Signature, always make sure that the control code displayed in the application and in your Internet banking account match. Please also check that the details in the notification from the login tool match the details of the transaction you are performing.
Do not share your personal means of identification. If you would like to give your family members or employees the right to manage the funds in your accounts, visit the bank and issue them an official power of attorney. Such individuals will have access to personal or company accounts in their own name, using their personal means of identification – Smart-ID, mobile signature or SMS code. You will be able to revoke these rights at any time. Remember that the Internet Bank offers the opportunity to use services such as electronic government gateway or filing income tax returns to the STI; therefore, the transfer of personal means of identification to third parties gives them unauthorised access to these service portals.
If you are using someone else’s computer, refrain from logging in to the Internet Bank. Never enter any personal information on such computers. Malicious software (commonly referred to as viruses) on an untrusted infected computer can record and pass on to third parties your data without your knowledge, and it can be later used in social engineering attacks against you.
Regularly update the password that you use to log in to the Internet Bank or mobile application with the SMS code. The password should consist of numbers, letters (upper and lower case) and special characters (!, ?, etc.). Never use the same password on other systems and websites.
Do not keep your User ID, password or sPIN codes written down. We strongly recommend that you do not store them on the phone to which you receive login SMS messages or on which you have installed and use such means of identification as Smart-ID or mobile signature.
Your Smart-ID and mobile signature sPIN codes should not contain fragments of your phone number, date of birth or national identification number. Create complex, hard-to-guess passwords, memorize them, and change them regularly. When creating a PIN code, make sure it is a combination of random numbers. Do not use combinations of numbers such as 0000, 1111, 1234, dates of birth or other personal data.
Do not share any secret codes and passwords used to unlock the computer or mobile phone screen by email, SMS message or on social media. Do not keep them written down.
Never send means of identification (or other personal data) by email, do not store them on your computer or mobile device.
Do not download or use any illegal or untrusted applications on your computer or mobile device. Only purchase software from reputable vendors or service providers.
Use a reliable antivirus software on your computer to help detect anomalies and reduce the risk of personal data leakage.
Scammers can send you fake SMS messages on behalf of the bank to obtain your personal data or details of your means of identification. Such messages usually ask you to click on the link sent, open the attachment, or call the specified phone to allegedly update, verify, unblock your Internet Bank account.
Never reply to an SMS asking for personal information. Never click on links or open attachments received from an unknown sender, as you may activate a virus or be redirected to a fake website.
If, after clicking on a link, you are redirected to a website that looks similar to ours, do not enter any of the requested details. Check if the website uses https:// and if its address is actually medbank.lt. If you have further suspicions, please refer to and consult with the specified contacts.
If you received a suspicious call or email from an alleged bank employee or police officer asking you to disclose sensitive login details, do not provide the requested information. Do not trust a person just because they know some information about you. Scammers use various scam scenarios (ask for updates, report suspicious banking transactions, etc.), but they have one thing in common: they always ask to disclose sensitive login details for the Internet Bank or to enter a code generated by an authentication tool and confirm the transaction.
Employees of the bank or any government institution never contact individuals asking to disclose their login details for the Internet Bank and initiate or approve transactions. If you received a call or email asking you to do so, please notify us about it immediately.
If you received a notification from your business partner that their bank details, which you use for payment purposes, have changed, be especially careful. It is possible that the scammers, after receiving information about your cooperation, have falsified the data and expect you to make the transfer to them. Use reliable communication channels and do not make a transfer until you are sure of the authenticity of the changed details.
There has been an increase in cases where scammers create online stores (or fake copies of real stores with similar addresses) where they allegedly sell items or services, usually offering them at lower prices than other stores.
Sometimes scammers buy advertising space on search platforms or social media, so their fake online stores are displayed at the top of search results. Do not trust the advertisements blindly and pay attention to a few essential points: whether the online store publishes its contact information (phone number, email address, registered address), whether you are asked to indicate the shop itself or any other natural person as the payee when making a payment. Be especially critical of the situation if the payee’s account is not with a payment institution registered in the Republic of Lithuania.
you have noticed a suspicious transaction on your account,
you have received a notification about a changed password, even though you did not make any changes,
you have received a notification about a Smart-ID account created in your name, although you did not create the account,
you suspect that the details used to log in to your Internet Bank account has become available to other persons,
you are contacted by people trying to trick you into disclosing your login details or stealing your money,
you have noticed a suspicious or potential security issue in the Internet Bank or mobile banking application.