education center online safety

EDUCATION

Online Safety

Protect against internet threats

Federal financial regulators are reporting that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls and engaging in online account takeovers and fraudulent electronic funds transfers.

In order to help ensure the security of your online transactions, we want you to know that:

  • We will never email, call, or otherwise ask you for your user name, password or other electronic banking credentials
  • You can help protect yourself by implementing alternative risk control processes like:
    • Making sure you choose an adequate user name and password that, at a minimum, mixes in small case letters, upper case letters and numbers
    • Periodically changing your password (e.g., at least every 90 days)
    • Safeguarding your user name and password information
    • Making sure you have up to date anti-malware in place when conducting your financial transactions
    • Logging off the system when you're done conducting business ( don't just close the page or "X" out of the system)
    • Monitor your account activity on a regular basis

In addition, we suggest that commercial accounts owners perform their own risk assessments and controls to evaluate their risk in relation to Corporate Account Takeover (CATO). Corporate Account Takeover (CATO) is a type of business identity theft where cyber thieves gain control of a business' bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts controlled by the thieves.

  • Do an evaluation by making a list of the risks related to online transactions that your business faces including:
    • Passwords being written down and left out in the open
    • The use of old or inadequate passwords
    • The possibility of internal fraud or theft
    • Delays in terminating the rights of former employees
    • The lack of dual control or other checks and balances over individual access to online transaction capabilities
  • An evaluation of controls your business uses may include:
    • Using password protected software to house passwords
    • Conducting employee background checks
    • Initiating a policy and process to terminate access for former employees
    • Segregating duties among two or more people so no one person has too much access or control
    • Conducting internal or third party audits of controls
    • Using firewalls to protect from outside intrusion or hackers

Cyber terms to know

online safety
online safety

Ready for a simple banking experience?

HousingOpportunity_FDIC_logos_green
HousingOpportunity_FDIC_logosgreen