Conducting Your Transactions Online
Federal financial regulators are reporting that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers.
In order to help ensure the security of your online transactions, we want you to know that:
- We will never email, call or otherwise ask you for your user name, password or other electronic banking credentials
- You can help protect yourself by implementing alternative risk control processes like:
- Making sure you choose an adequate user name and password that, at a minimum, mixes in small case letters, upper case letters and numbers
- Periodically changing your password (e.g., at least every 90 days)
- Having current anti-malware and anti-virus software
- Safeguarding your user name and password information
- Making sure you have a firewall in place when conducting your financial transactions
- Logging off the system when you're done conducting business (don't just close the page or "X" out of the system)
- Monitoring your account activity on a regular basis
In addition, we may require owners of commercial accounts to perform their own risk assessments and controls evaluations. For example:
- Make a list of the risks related to online transactions that your business faces including
- Passwords being written down and left out in the open
- The use of old or inadequate passwords
- The possibility of internal fraud or theft
- Delays in terminating the rights of former employees
- The lack of dual control or other checks and balances over individual access to online transaction capabilities
- An evaluation of controls your business uses may include
- Using password protected software to house passwords in
- Conducting employee background checks
- Initiating a policy and process to terminate access for former employees
- Segregating duties among two or more people so no one person has too much access or control
- Conducting internal or third party audits of controls
- Using firewalls to protect from outside intrusion or hackers
Federal regulations provide consumers with some protections for electronic fund transfers. These regulations generally apply to accounts with Internet access. For example, these federal laws establish limits on a consumer's liability for unauthorized electronic fund transfers. They also provide specific steps you need to take to help resolve an error with your account. Note, however, that in order to take advantage of these protections, you must act in a timely manner. Make sure you notify us immediately if you believe your access information has been stolen or compromised. Also, review your account activity and periodic statement and promptly report any errors or unauthorized transactions. See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these types of protections. These disclosures are also available upon request at any of our locations.
If you become aware of suspicious account activity, you should immediately contact the authorities and contact us at the number listed below.
SECURITY STATE BANK
SUTHERLAND ~ PAULLINA
What Precautions Should I Take on Social Networking Sites?
Below are some helpful tips regarding security and privacy while using social networking sites:
- Ensure that any computer you use to connect to a social media site has proper security measures in place. Use and maintain anti-virus software, anti-spyware software, and a firewall and keep these applications and the operating system patched and up to date.
- Be cautious when clicking on links. If a link seems suspicious or too good to be true, do not click on it — even if the link is on your most trusted friend's page. Your friend's account may have been hijacked or infected and could now be spreading malware.
- If you are going to request that your account be deleted, first remove all of the data. You should also request that the account be deleted, rather than deactivated.
- Type the address of your social networking site directly into your browser or use your personal bookmarks. If you click a link to your site through email or another website, you might be entering your account name and password into a fake site where your personal information could be stolen.
- Be cautious about installing applications. Some social networking sites provide the ability to add or install third-party applications, such as games. Keep in mind that there is sometimes little or no quality control or review of these applications and they may have full access to your account and the data you share. Malicious applications can use this access to interact with your friends on your behalf and to steal and misuse personal data. Only install applications that come from trusted, well-known sites. If you are no longer using the application, remove it. Also, please note that installing some applications may modify your security and privacy settings.
- Use strong and unique passwords. Using the same password on all accounts increases the vulnerability of these accounts if one becomes compromised. Use different passwords for different accounts, and do not use a password you use to access your organization's network on any personal sites you access.
- Be careful whom you add as a “friend” or what groups or pages you join. The more “friends” you have or groups/pages you join, the more people who have access to your information.
- Do not assume privacy on a social networking site. For both business and personal use, confidential information should not be shared. You should only post information you are comfortable disclosing to a complete stranger.
- Use discretion before posting information or comments. Once information is posted online, it can potentially be viewed by anyone and may not be able to be retracted afterwards. Keep in mind that content or communications on government-related social networking pages may be considered public records.
- When posting pictures, delete the meta data which includes the date and time of the picture.
- Do not announce that you are on vacation or away for an extended period of time.
- Configure privacy settings to allow only those people you trust to have access to the information you post and your profile. Also, restrict the ability for others to post information to your page. The default settings for some sites may allow anyone to see your information or post information to your page.
USING WI-FI: CONNECT WITH CARE
If you are traveling this summer, chances are you will encounter a Wi-Fi hotspot (network) or two.
Wi-Fi in airports, hotels, train stations, coffee shops, and other public places can be convenient, but they are often not secure and can leave you at risk.
Whether you are entertaining the kids by streaming a video on a tablet personal computer (PC), downloading new travel applications (apps) on your smartphone, or even taking your tablet poolside, there are precautions you should take to make sure your personal information is safe.
First and foremost, connect with care. If you are online through an unsecured network, you should be aware that malicious individuals may have established a Wi-Fi network with the intent to eavesdrop on your connection. This could allow them to steal your credentials, financial information, or other sensitive and personal information. It is also possible that they could infect your system with malware. Any free Wi-Fi should be considered “unsecure.” Therefore, be cautious about the sites you visit and the information you release.
STOP. THINK. CONNECT.
Here are six tips to remember when using Wi-Fi:
· Keep an updated machine. Having the latest security software, operating system, Web browser, and apps can help protect you from the malware and other threats you may encounter when using Wi-Fi.
· Do not assume that the Wi-Fi connection is secure. Many hotspots do not encrypt the information you send on the Wi-Fi network.
· Do not log into accounts, especially financial accounts, when using public wireless networks.
· Do not log onto sites that do not seem legitimate. Clues for this could include the URL being misspelled or not matching the name that you were given by the place of business. It is not uncommon for cybercriminals to set up a Wi-Fi network called “free Wi-Fi” in airports, hotels, and other public places.
· A cellular 3G/4G connection is generally safer than a Wi-Fi connection.
· Consider turning off features on your computer or mobile devices that allow you to automatically connect to Wi-Fi.