Your mobile device provides convenient access to your email, bank and social media accounts. Unfortunately, it can potentially provide the same convenient access for criminals. First Security Bank recommends following these tips to keep your information – and your money – safe.
- Use the pass code lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
- Log out completely when you finish a mobile banking session.
- Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
- Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of bogus programs and/or apps that feature simulated ad interactions or display intentionally misleading buttons or layouts. Also watch for apps that ask for unnecessary “permissions.”
- Download the updates for your phone and mobile apps.
- Avoid storing sensitive information like passwords or a Social Security number on your mobile device. However, if you choose to store passwords on your phone, consider using a “password keeper,” which allows you to store sensitive information using a pass code.
- Tell your financial institution immediately if you change your phone number or lose your mobile device.
- Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.
- Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
- Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you don’t know. And be wary of ads (not from your security provider) claiming that your device is infected.
- Watch out for public Wi-Fi. Public connections aren’t very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
- Report any suspected fraud to your bank immediately.
Identity theft continues to be one of the fastest growing crimes in the United States. In 2018, there were 14.4 million victims of identity fraud in the U.S., according to Javelin Strategy and Research. First Security Bank recommends following these tips to keep your information – and your money – safe:
- Don’t share your secrets. Don’t provide your Social Security number or account information to anyone who contacts you online or over the phone. Protect your PINs and passwords and do not share them with anyone. Use a combination of letters and numbers for your passwords and change them periodically. Do not reveal sensitive or personal information on social networking sites.
- Shred sensitive papers. Shred receipts, banks statements and unused credit card offers before throwing them away.
- Keep an eye out for missing mail. Fraudsters look for monthly bank or credit card statements or other mail containing your financial information. Consider enrolling in online banking to reduce the likelihood of paper statements being stolen. Also, don’t mail bills from your own mailbox with the flag up.
- Use Online Banking to protect yourself. Monitor your financial accounts regularly for fraudulent transactions. Sign up for text or email alerts from your bank for certain types of transactions, such as online purchases or transactions of more than $500.
- Monitor your credit report. Order a free copy of your credit report every four months from one of the three credit reporting agencies at annualcreditreport.com.
- Protect your computer. Make sure the virus protection software on your computer is active and up to date. When conducting business online, make sure your browser’s padlock or key icon is active. Also look for an “s” after the “http” to be sure the website is secure.
- Protect your mobile device. Use the pass code lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen. Before you donate, sell or trade your mobile device, be sure to wipe it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen. Use caution when downloading apps, as they may contain malware and avoid opening links and attachments – especially from senders you don’t know.
- Report any suspected fraud to your bank immediately.
Corporate account takeover is a type of fraud where thieves gain access to a business’ finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable. We at First Security Bank recommend following these tips to keep your small business safe.
- Educate your employees. You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers.
- Protect your online environment. It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated virus protections on your computer. Use complex passwords and change them periodically.
- Partner with your bank to prevent unauthorized transactions. Talk to us about programs that safeguard you from unauthorized transactions. Positive Pay and other services offer call backs, device authentication, multi-person approval processes and batch limits help protect you from fraud.
- Pay attention to suspicious activity and react quickly. Look out for unexplained account or network activity, pop ups, and suspicious emails. If detected, immediately contact your financial institution, stop all online activity and remove any systems that may have been compromised. Keep records of what happened.
- Understand your responsibilities and liabilities. Your account agreement with our bank will detail what commercially reasonable security measures are required in your business. It is critical that you understand and implement the security safeguards in the agreement. If you don’t, you could be liable for losses resulting from a takeover. Talk to your banker if you have any questions about your responsibilities.
Companies of all sizes are being targeted by criminals through business email compromise scams. In these scams, cybercriminals gain access to an employee’s legitimate business email through social engineering or computer intrusion. The criminal then impersonates the employee, often a senior executive or someone who can authorize payments, and instructs others to transfer funds on their behalf. First Security Bank recommends the following tips to help businesses and employees avoid business email compromise attacks:
-
Educate your employees. You and your employees are the first line of defense against business email compromise. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers.
-
Protect your online environment. It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated virus protections on your computer. Use complex passwords and change them periodically.
-
Use alternative communication channels to verify significant requests. Have multiple methods outside of email – such as phone numbers or alternate email addresses – established in advance through which you can contact the person making the request to ensure it is valid.
-
Be wary of sudden changes in business practices or contacts. If an employee, customer or vendor suddenly asks to be contacted via their personal e-mail address, verify the request through known, official and previously used correspondence as the request could be fraudulent.
Be wary of requests marked “urgent” or “confidential.” Fraudsters will often instill a sense of urgency, fear or secrecy to compel the employee to facilitate the request without consulting others. Use an alternative communication channel outside of email to confirm the request.
-
Partner with your bank to prevent unauthorized transactions. Talk to your banker about programs that safeguard you from unauthorized transactions such as call backs, device authentication and multi-person approval processes.
If you fall victim to a business email compromise scam:
-
Contact your financial institution immediately to notify them about the fraudulent transfer and request that they contact the institution where the fraudulent transfer was sent.
-
Contact your local Federal Bureau of Investigation office as they might be able to freeze or return the funds, if notified quickly.
-
File a complaint, regardless of dollar loss, at www.IC3.gov.