How We Protect You

Here are some of the ways we work to protect you and your account information.

Secure Communication

Please be aware that we will never call, text or email you asking for personal information such as Online Banking credentials (passwords, etc.), Social Security Number, debit card number or PIN. Confidential information, such as your account number, should not be sent in an email. To ensure that information you send to us is secure, please log in to Online Banking and use our private messaging options found under Contact Us.

Mobile App

When you use our Mobile app, your sensitive account information is masked by HTTPS and 128-bit SSL encryption. Your financial information is not stored on your electronic device. Mobile Banking sessions time out after inactivity or when you close your web browser.

Online Banking

When you initially set up Online Banking, you will create a unique User ID, password and security questions to verify your identity on non-registered devices. Your session will time out after inactivity.

Text Banking 

We offer automated alerts as a way for you to monitor account activity including when your balance falls below a certain amount. We will not send personal, identifying information through text messages. Nothing confidential is stored on your mobile device. We will not send unsolicited text messages; we will only send text messages that you request to receive.

Debit Card Fraud Prevention Monitoring

All debit cardholder clients are automatically enrolled in our free 24/7 fraud monitoring service. If we believe you have a suspicious activity on your card, we will try to contact you in real-time by phone call.

How to protect yourself

Here are some of the steps you can take to protect your devices and personal information.

Protect Your Device

• Keep your device operating systems, software and apps up to date
• Set up a password and lock your device when not in use
• Do not install or run any app or program on your device unless it is from a trusted source

Protect Your Access

• Use a personal firewall
• Set automatic updates
• Install anti-virus software that detects and blocks malware
• Use a trusted computer
• Avoid unsecured wireless networks
• Don’t use the same IDs or passwords for multiple systems

Protect Your Information

• Always log out when finished with Online & Mobile Banking
• Never store personal or financial information, including User IDs and Passwords, on your device or computer
• Install and keep anti-virus software up to date to detect and block malware
• Don’t click on links or attachments in unsolicited email
• Monitor your personal accounts and financial statements regularly for unexplained activity
• Don’t confirm or provide personal information in response to an email or text
• Check your credit reports – for free – every year
• Sign up for automated alerts within Online Banking as a way to monitor when certain account transactions occur
• Don’t write your PIN on your card or keep it anywhere in your wallet or purse

Protect Yourself from Identity Theft and Fraud

Your trust is important to us – and we want to help you guard your personal information and protect yourself from identity theft and fraud. Identity theft education is key to fraud protection, and the best line of defense against fraud begins with you. Understanding the different types of fraud will help you avoid becoming a victim.

We do not contact customers via email, phone or text message to request or verify personal or company information, including account numbers, passwords, personal identification numbers (PINs), Social Security numbers, or Tax ID numbers for security or any other purposes.

For your protection and privacy, our representatives will ask for certain information to verify your identity when you contact us.

You should monitor your accounts and bank statements each month and check your credit reports on a regular basis. Any lost cards, checks, bank statements or internet banking login credentials should be reported to us immediately.

What is Identity Theft?

Identity theft (ID theft) occurs when someone assumes another person’s personal identifying information (e.g., a name, social security number or date of birth) with the intent of committing fraud. Identity theft is often characterized as the largest growing crime in America. Experts estimate it takes fourteen months for an average victim to discover an identity theft and approximately two years to correct credit information.

Your identity can be stolen in a variety of ways:

•  Loss or theft of your wallet, purse, or credit card
• Mail theft
• Skimming information from the magnetic strip on credit or debit cards
• “Dumpster diving” through the trash
• “Shoulder surfing” — looking over your shoulder when you are entering a PIN or password
• Eavesdropping
• Scam phone calls where a stranger asks for personal or financial information
• Computer hacking
• Phishing and Spyware

How does identity theft work?

Using one or more of the methods identified above, the fraudster obtains key pieces of personal information (e.g., Social Security number, driver’s license number, home address, etc.) that is then used to open new bank accounts in your name, apply for mortgages, apply for credit, etc.

Phishing, SMishing, Vishing

Phishing occurs when a fraudster impersonates a legitimate company or organization using e-mail, faxes, and/or Web sites in an attempt to lure recipients into revealing confidential information. This is the “bait.” The messages are well crafted and often difficult to distinguish from those of the companies they impersonate.

What should you be looking for?

Although these forms of attack are designed to be nearly impossible to distinguish from legitimate e-mails, telephone messages or text messages, there are some common signs you can look for:

• Attackers urge the recipient to click on the link (phishing & SMiShing) or call a telephone number (vishing & SMiShing) to update or verify account information, re-activate an account or cancel an order.
• Attackers convey a sense of urgency and often mention negative consequences for failing to respond.
• Attacks are not consistent with other e-mails, telephone messages or text messages from the business.
• Messages do not contain any personalization that shows the sender knows something about the recipient’s account (e.g. the recipient’s name, the last four digits of their account number, or other information).
• Attacks often contain spelling errors and bad grammar.
• Attacks using SMiShing often indicate the message came from the number “5000” instead of displaying an actual telephone number.
• Messages often claim the user has ordered something that they never ordered.

What should you do if you receive a suspicious e-mail, telephone message or text?

• Do not respond.
• If you are unsure of the authenticity of the message, call the company to verify they actually sent it or inquire about why they need your information. Use a telephone number you know is legitimate (e.g., one on your most recent statement). Do NOT call the one in the e-mail, telephone message or text message.
• If it is an e-mail or text message that appears to be from us, please contact us immediately to help track the phishers, shut down the fraudulent sites or disconnect fraudulent telephone numbers.
• If it appears to be from another company or financial institution, you can forward it to the Anti-Phishing Working Group at reportphishing@antiphishing.org.
• Once you have reported the message, delete it from your Inbox or mobile device.
• If you responded to the message and provided information, please contact us immediately.

How can I protect myself/my business?

• Education is your best defense. Know what to look for and what to do. It is very important to note that no financial institution will ever send you an e-mail asking you to verify or supply personal information, such as:
  • User ID
  • Password
  • Social Security Number
  • Card or Account Number
  • Credit Card Security Code (CCV)
• Never open unsolicited e-mails from unknown e-mail addresses.
• Never send personal information via e-mail unless it is to a trusted source and you use some type of encryption.
• Install a firewall and both antivirus and anti-spyware software. Keep your virus definitions and browser and security software current.
• Exercise reasonable care when downloading software and opening e-mail attachments. Never download or open an e-mail attachment from an unknown e-mail address.
• Have your computer analyzed by a qualified technician if you suspect your computer is running abnormally, you are receiving an unusual amount of “pop-up” pages, or you notice that you are being redirected to other Web pages.

Malware

• Malware or “malicious software” is designed to infiltrate or damage a computer system without the owner’s knowledge or informed consent. Software is considered Malware based on the creator’s perceived intent rather than any particular features the software may include. The term Malware covers a host of software including computer viruses, worms, Trojan horses, spyware, and other malicious software.

How does Malware work?

Malware is a significant problem. Malicious programs are now considered aggressive and sophisticated, often using a combination of techniques to accomplish their objective. Malware that combines exploitation of a flaw in operating system, browser software, or other applications (e.g., iTunes, Adobe, etc.) with viruses and other Malware is quickly growing in popularity.

Malware for personal smartphones and other mobile devices has now entered the market as well. As mobile devices continue to grow in popularity, so too will this form of Malware.

Spyware, Trojan horses, and key loggers are becoming increasingly popular with criminals, including organized crime. These programs can be used to obtain confidential information about the user of the infected computer, such as account numbers and PINs, login credentials, the contents of e-mail, even Internet habits, and the resulting data can easily be sold or used directly to perpetrate fraud.

As a result of Malware, users may find that their computers have become part of a botnet. A botnet is a collection of software robots, or bots, that run autonomously and automatically. While the term “botnet” can be used to refer to any group of bots, this word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via worms, Trojan horses, or backdoors, under a common command-and-control infrastructure. If you take the necessary steps to limit your exposure to Malware, your computer will be less likely to become part of a botnet.

What should I be looking for?

Although the phishing attacks that lead to Malware are designed to be nearly impossible to distinguish from legitimate e-mail messages, there are some common signs you can look for:

• Attackers urge the recipient to click on the link to update or verify account information, re-activate an account, or cancel an order.
• Attackers convey a sense of urgency and often mention negative consequences for failing to respond.
• Attacks are not consistent with other e-mail messages from the business.
• Messages do not contain any personalization: the recipient’s name, the last four digits of their account number, or other information that shows that the sender knows something about the recipient’s account.
• Attacks often contain spelling errors and bad grammar.
• Messages often claim the user has ordered something that they never ordered.

What should you do if you receive a suspicious e-mail?

• Do not respond.
• If you are unsure of its authenticity, call a phone number you trust such as the one on your most recent statement, NOT the one in the e-mail, to verify the company actually sent it and to inquire about why they need your information.
• If it is an e-mail message that appears to be from us, contact us immediately to help track the phishers and shut down the fraudulent sites or disconnect fraudulent phone numbers.
• If it appears to be from another company or financial institution, you can forward it to the Anti-Phishing Working Group at reportphishing@antiphishing.org.
• Delete the message from your Inbox.
• If you responded to the message and provided information, contact us immediately.

How can I protect myself/my business?

• Don’t open attachments from unsolicited e-mails at work or at home. This is the most common way computers become infected with malware.
• Install a firewall to prevent unauthorized access.
• Install and run anti-virus and anti-spyware software on your computer and keep them up-to-date.

Try to avoid spyware altogether by taking the following steps before loading software onto your home computer:

• Read the license agreement.
• Search the Internet for spyware reports. Use the software’s name and the word ‘spyware’ as your search keywords.
• Do not allow anyone to access your computer without your knowledge. Keep your computer turned off or locked when you’re not using it.
• Never use the “save ID and password” option.
• Never write your user ID and/or password on a piece of paper and leave it near your computer.
• Install updates and patches for your home computer’s operating system and all of your installed applications (e.g., iTunes, etc.).

Top 8 Ways To Protect Your Personal Information From Being Misused

 

1. Review your credit report.   You are entitled to a free credit report every 12 months from each of the three major consumer reporting companies (Equifax, Experian and Trans Union).  You can request a copy from https://www.annualcreditreport.com/
2. Read your credit card and bank statements carefully. Look closely for charges you did not make. Even a small charge can be a danger sign.  Thieves sometimes will take a small amount from your checking account and then return to take much more if the small debit goes unnoticed.
3. Shred any documents with personal or sensitive information. Be sure to keep hard copies of financial information in a safe place and be sure to shred them before getting rid of them.
4. Don’t ignore bills from people you don’t know.   A bill on an account you don’t recognize may be an indication that someone else has opened an account in your name.  Contact the creditor to find out.
5. Change your passwords for all your financial accounts and consider changing the passwords for your other accounts as well every 90 to 120 days.   Be sure to create strong passwords and do not use the same password for all accounts.
6. Set up a fraud alert. Fraud alerts require that a financial institution verifies your identity before opening a new account, issuing an additional card, or increasing the credit limit on an existing account.  A fraud alert won’t prevent lenders from opening new accounts in your name, but it will require that the lenders take additional identification verification steps to make sure that you’re making the request.  An initial fraud alert only lasts for 90 days, so you may want to watch for when to renew it.
7. Consider a security freeze. A security freeze or credit freeze on your credit report restricts access to your credit file.  Creditors typically won’t offer you credit if they can’t access your credit reporting files, so a freeze prevents you and other from opening new accounts in your name. In almost all states, a freeze lasts until you remove it.  In some states, it expires after seven years.
8. File your taxes as soon as you can. A scammer can use your Social Security number to get a tax refund.  You can try to prevent a scammer from using your tax information to file and steal your tax refund by making sure you file before they do.  Be sure not to ignore any official letters from the IRS and reply as soon as possible. The IRS will contact you by mail; don’t provide any information or account numbers in response to call or emails.