- Be suspicious of any email, website or person asking for financial information or passwords
- Do not click on suspect links or open unknown email attachments
- Regularly change passwords.
- Review financial statements
- Install updates offered by your operating system and software provider(s)
- Update antivirus regularly
How can I safeguard my banking information?
- Do not write down login and password information
- Never provide your login information to anyone. Bank will never ask you for your password
- Change your password at least once every three months
- Check your financial statements regularly and report all suspicious activity
How can my username and password get compromised?
- There are a number of ways in which accounts can be compromised
- Logging into your online banking account while infected with a virus or entering your account information onto a malicious website masquerading as a legitimate login page are common sources of account compromise
- A compromise of your personal email account can also be the source of a breach
- Email accounts tied to financial websites should be treated with the same level of security as your online banking credentials
Should I change my password often?
- We recommend you change your password periodically.
- It is a good practice to change your password quarterly, but please remember to not write it down where it can be easily found
What can I do to protect my personal accounts?
- Be aware and stay alert to potential attacks. If your information is compromised despite your best efforts, the faster you respond the easier shall be to minimize or completely eliminate possible consequences
- Check antivirus software for updates, install operating system patches, install updates for 3rd party applications like Java and Adobe Acrobat
- Do not click suspicious links in email or open unknown/suspicious email attachments
- If you find an email suspicious, use a different form of communication (a telephone call) to verify with the sender that the email is legitimate.
- Regularly change passwords, at least once every three months
- Do not respond to “phishing” emails. Malicious emails should be deleted
What are the risks of using public WiFi?
- While public WiFi can be convenient, it does carry some risk. Unencrypted data can be “sniffed” and viewed by malicious parties, potentially leading to account compromise
- Only join public WiFi of a trusted source. When in doubt, ask an employee if you’re connecting to the correct network
- Only enter usernames and passwords on secure sites. The website address should start with HTTPS://, the “S” stands for Secure
- If prompted when you connect to the network, choose public network and not work or home
- Avoid using public WiFi when possible for sensitive transactions
How do I identify dangerous emails and what should I do if I receive one?
- Check the email sender and ensure that there are no spelling mistakes in the address
- Hold your mouse over any URL before clicking. This will show where the link is actually taking you
- Be aware of any wrong spelling or domain names that end with uncommon country codes like .ru or .ng. Very few legitimate websites generally use these domains.
- Be suspicious of any email asking for you to provide or confirm account information.
- Delete suspicious emails. Responding or clicking on any links can have negative consequences.
How do I determine if a website is safe to conduct business on?
- Check for certificate errors. There should be a picture of a closed lock near the website.
- Be alert for any changes in the website design. Malicious copies often look unfinished or unpolished.
- Before you enter any information, make sure the website address is what you expect and you have not been redirected to another website.
How do I protect my smart phone?
- Don’t follow links you receive in unsolicited email or text messages.
- Use official mobile phone applications.
- Protect your mobile device through password
- Never respond to urgent emails or text messages, claiming to be from a bank or other financial institution.
Use of Social media
- Make sure that your social networking profiles (e.g. Facebook, Twitter, You tube, etc.) are set to private. Check your security settings. Be careful of information you post online. Once it is on the Internet, it is there forever
- Be cautious when giving out personal information such as your name, address, phone number or financial information on the Internet. Make sure that websites are secure (e.g. when making online purchases) or that you’ve enabled privacy settings (e.g. when accessing/using social networking sites).
How to Stay safe from Identity Theft
- Make sure you change your passwords for all online accounts. When changing your password, make it long, strong and unique, with a mix of upper and lowercase letters, numbers and symbols.
- Close any unauthorized or compromised credit or charge account. Cancel each credit and charge card. Get new cards with new account numbers. Inform the companies that someone may be using your identity and find out if there have been any unauthorized transactions. Close accounts so that future charges are denied. You may also want to write a letter to the company so there is a record of the problem.
- Think about what other personal information may be at risk. You may need to contact other agencies depending on the type of theft. For example, if a criminal has access to your Social Security number, you should contact the Social Security Administration. You should also contact your Regional Transport Office if your driver's license or registration details are stolen.
- File a report with your local law enforcement agency. Even if your local police department doesn’t have jurisdiction over the crime (a common occurrence for online crime which may originate in another jurisdiction or even another country), you will need to provide a copy of the law enforcement report to your banks, creditors, other businesses, credit bureau, and debt collectors.
- If your personal information has been stolen through a corporate data breach (when a cyber thief hacks into a large database of accounts to steal information, such as Social Security numbers, home addresses, and personal email addresses), you will likely to be contacted by the business or agency whose data was compromised with additional instructions, as appropriate. You may also contact the organization’s IT security officer for more information.
Cyber bullying
- Tell a trusted adult about what’s going on.
- Save any of the related emails, texts, or messages as evidence.
- Keep a record of incidents.
- Report the incident to the website’s administrator; many websites including Facebook and YouTube encourage users to report incidents of cyberbullying. Block the person on social networks and in email.
- Avoid escalating the situation: responding with hostility is likely to provoke a bully. Depending on the circumstances, consider ignoring the issue. Often, bullies thrive on the reaction of their victims. If you or your child receives unwanted email messages, consider changing your email address.
- If the communications become more frequent, the threats more severe, the methods more dangerous and if third-parties (such as hate groups and sexually deviant groups) become involved—law enforcement needs to be contacted and a legal process initiated.
Online stalking
- In cases where the offender is known, send the stalker a clear written warning saying the contact is unwanted and asking that the perpetrator stops sending communications of any kind. Do this only once and do not communicate with the stalker again (Ongoing contact usually only encourages the stalker to continue the behavior).
- Save copies of all communication from the stalker (e.g., emails, threatening messages, and messages via social media) and document of each contact, including dates, times and additional circumstances, when appropriate.
- File a complaint with the stalker’s Internet Service Provider (ISP) and yours. Many ISPs offer tools that filter or block communications from specific individuals.
- Own your online presence. Set security and privacy settings on social networks and other services to your comfort level of sharing.
- Consider changing your email address and ISP; use encryption software or privacy protection programs on your computer and mobile devices.