Best Practices

Below are a few recommended best practices on keeping your information secure:

• Keep mobile devices and computers updated with all operating system and security updates. Only download updates/apps from trusted vendors and approved app stores.(iTunes, Google Play Store, Windows Update, etc.)
• Maintain antivirus/anti-malware software on all devices, including mobile devices, used to access your account. Refrain from accessing your account on a device that has been jailbroken or self-hacked.
• Utilize some type of firewall. (Windows comes with a firewall, but must be enabled)
• Do not store your login information where it is assessable to anyone else or on mobile devices and computers.
• Do not share login information such as usernames or passwords with anyone else.
• Enable password protection on mobile devices and computers when powered on and after periods of inactivity.
• Use remote wipe apps such as Find My iPhone and Where’s My Droid when available on mobile devices.

Phishing

Source: ftc.gov

Phishing is when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information – such as account numbers, Social Security numbers, or your login IDs and passwords. Scammers use your information to steal your money or your identity or both.

Scammers also use phishing emails to get access to your computer or network then they install programs like ransomware that can lock you out of important files on your computer.

Phishing scammers lure their targets into a false sense of security by spoofing the familiar, trusted logos of established, legitimate companies. Or they pretend to be a friend or family member.

Phishing scammers make it seem like they need your information or someone else’s, quickly – or something bad will happen. They might say your account will be frozen, you’ll fail to get a tax refund, your boss will get mad, even that a family member will be hurt or you could be arrested. They tell lies to get to you to give them information.

Be cautious about opening attachments or clicking on links in emails. Even your friend or family members’ accounts could be hacked. Files and links can contain malware that can weaken your computer's security.

Do your own typing. If a company or organization you know sends you a link or phone number, don’t click. Use your favorite search engine to look up the website or phone number yourself. Even though a link or phone number in an email may look like the real deal, scammers can hide the true destination

Make the call if you’re not sure. Do not respond to any emails that request personal or financial information. Phishers use pressure tactics and prey on fear. If you think a company, friend or family member really does need personal information from you, pick up the phone and call them yourself using the number on their website or in your address book, not the one in the email

Turn on two-factor authentication. For accounts that support it, two-factor authentication requires both your password and an additional piece of information to log in to your account. The second piece could be a code sent to your phone, or a random number generated by an app or a token. This protects your account even if your password is compromised.

As an extra precaution, you may want to choose more than one type of second authentication (e.g. a PIN) in case your primary method (such as a phone) is unavailable.

Back up your files to an external hard drive or cloud storage. Back up your files regularly to protect yourself against viruses or a ransomware attack.

Keep your security up to date. Use security software you trust, and make sure you set it to update automatically.

Identity Theft

Source: fdic.gov

How to protect against identity theft:

• Do not share personal information over the phone, e-mail, or the internet unless you initiated the contact or know the person you are dealing with.
• Be suspicious if someone contacts you unexpectedly online and asks for your personal information.
• Do not give out valuable personal information such as social security numbers, financial account information, and driver’s license number in response to unsolicited requests.
• Shred old receipts, account statements, and unused credit card offers.
• Choose PINs and passwords that would be difficult to guess and avoid using easily identifiable information such as mother’s maiden name, birth dates, the last four digits of your social security number, or phone numbers.
• Pay attention to account statements and contact us if you do not receive a monthly statement.
• Review account statements thoroughly to ensure all transactions are authorized.
• Promptly remove incoming mail, and do not leave payment envelopes in your mailbox with the flag up for pick up by mail carrier.
• Obtain your free credit report annually and review your credit history to ensure it is accurate.
• Use an updated security program to protect your computer.
• Be careful about where and how you conduct financial transactions.

Helpful Websites:

Federal Trade Commission - Report Identity Theft: https://www.identitytheft.gov

Federal Trade Commission – Online Security: https://consumer.ftc.gov/identity-theft-and-online-security/online-privacy-and-security

FDIC – Cybersecurity Awareness: https://www.fdic.gov/consumers/assistance/protection/idtheft.html

Federal Trade Commission – Phishing Awareness: https://www.consumer.ftc.gov/articles/0003-phishing