Security Quick Tips
Our Internet Banking service has several effective security techniques that we encourage you to implement!
- Never reveal your password to anyone or leave your password anywhere that someone else can obtain and use it.
- Change your password on a regular basis.
- Use the Sign Off button to end each Internet Banking session. Do not use the Back button to exit the site.
- Take advantage of our online banking alerts. Under settings, you can setup notifications for your account.
- Balance your account on a regular basis. Online Banking makes it easy!
- Use a code to lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
- Log out completely when you finish a mobile banking session.
- Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
- Download the updates for your phone and mobile apps.
- Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.”
- Avoid storing sensitive information like passwords or a Social Security number on your mobile device.
- Tell your financial institution immediately if you change your phone number or lose your mobile device.
- Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.
- Wipe your mobile device before you donate, sell, or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
- Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you don’t know. And be wary of ads (not from your security provider) claiming that your device is infected.
- Watch out for public Wi-Fi. Public connections aren’t very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
Types of Fraud
Phishing is a scam that involves internet pop-ups or e-mail messages that appear to be from a legitimate bank or retail merchant, possibly one that the victim has a business relationship with. The message directs the victim to a replica of an existing website in an attempt to fraudulently acquire sensitive information such as usernames, passwords, account information and credit card details. Often suspects use urgency or scare tactics such as threats to close accounts.
Spoofing is when an attacker pretends to be someone else by providing false data. Phishing has become the most common form of web page spoofing. Another form is URL spoofing. This can happen when an attacker exploits bugs in your web browser in order to display incorrect URLs in your browser location bar. Another form is called “man-in-the-middle” which occurs when the communication between you and another party on the internet is compromised by the attacker. Many firewalls can prevent this type of attack.
Vishing is a combination of “voice” and phishing. This attack usually starts via e-mail which contains a telephone number to be called. This is an attempt to fool the victim into trusting the e-mail is legitimate by advising that responding via telephone is safer than responding by e-mail. Caller ID spoofing is usually accounted for by the attacker and a complex automated voice system tricks the unsuspecting caller into relinquishing their information.
Pharming is a type of fraud that happens when a valid web address is typed in but the victim is then redirected to a website that is not legitimate. These “fake” websites ask for personal information such as credit card and bank account numbers and other sensitive information.
Please remember First Kansas Bank will never solicit you for your account or personal information via phone call, text message, or e-mail!
How to practice ‘safe computing’
It’s not always easy to identify online fraud. The number and sophistication of phishing and spoofing scams sent out continues to increase. As a general rule, you should be careful about giving out your personal financial information over the Internet. Below is a list of recommendations you can use to avoid becoming a victim of these scams.
Protect your E-mail
Be suspicious of any e-mail with urgent requests for personal financial information and never respond to SPAM (unsolicited bulk e-mail messages). Responding only confirms your e-mail address to the spammer, which can actually intensify the problem. If you are suspicious of an e-mail that contains a link to a web address, call the company or visit their website by typing their address directly into your browser. Do not click on the link contained within the body of the e-mail.
Phisher e-mails typically:
- Are not personalized and may contain spelling errors.
- Contain upsetting statements that attempt to get the victim to react immediately.
- Ask for information such as usernames, passwords, credit card numbers, Social Security numbers, etc.
You should not open ANY attachments from an unknown source. In addition, attachments with double file endings, like “openme.doc.pif” or any file with an extension of .exe, .pif, or .vbs are executable files and could be dangerous if opened.
Protect your identity online
- Only communicate information such as credit card numbers or account information via a secure website
- To ensure a website is secure when submitting credit card information check the beginning of the web address in your browser’s address bar – it should be https:// rather than just http://
- If you don’t know the reputation of a website, don’t assume you can trust it. Many sites may be careless with your personal information.
- When making a purchase online, sites sometimes ask if you want to keep your credit card number or other confidential information on file, also known as “remembering” for future use. The best practice is to NOT allow sites to keep this information for you.
- When using Online Banking or other transactional websites, do not have the computer “remember” your password.
- If possible, do not use public computers (library, cyber café’s, etc) to check your Internet Banking or make purchases.
More Security Tips
- When creating passwords and PINs (personal identification numbers), do not use your Social Security Number, mother’s maiden name, your birth date, or other personal information about yourself. A combination of letters and numbers creates a stronger password.
- Change your passwords frequently.
- Always logout of your Internet Banking session or any other website that you’ve logged onto. In addition, when finished with the computer always sign off and shut down the computer.
- Many sites have timeout features where the session will end after a certain amount of time with no activity. Set your timeout feature at the lowest setting that is still convenient for you. This can prevent others from continuing your Internet Banking session if you left your computer unattended without logging out.
If you feel you have been a victim of fraud or identity theft related to your First Kansas Bank account, ATM or debit card, please contact us immediately. If it is related to another financial institution, your credit card company, or any other organization, contact them directly.
Contact one of the three consumer reporting companies and have a fraud alert placed on your credit report. (You only need to contact one as they are required to notify each other when an alert is placed.)
- Equifax: 1-800-525-6285; www.equifax.com
- Experian: 1-888-397-3742; www.experian.com
- TransUnion: 1-800-680-7289; www.transunion.com
Additionally, if you’ve been the victim of attempted fraud, contact the respective agency to report it:
- Federal Trade Commission (FTC): by telephone at (877) FTC-HELP or, for filing a complaint electronically, via the FTC’s website: https://www.ftccomplaintassistant.gov
- National Consumers League (NCL): by telephone at (202) 835-3323 or by e-mail: http://www.nclnet.org/contact_us. To file a fraud complaint, visit the NCL fraud website: http://www.fraud.org/
- Better Business Bureau (BBB): The website offers contact information for local BBBs, objective reports on more than 2 million businesses, consumer scam alerts, and tips. http://www.bbb.org/
- Federal Bureau of Investigation Internet Crime Complaint Center (IC3) to report scams that may have originated via the Internet: http://www.ic3.gov/
- If correspondence is received via the U.S. Postal Service, contact the U.S. Postal Inspection Service by telephone at (877) 976-2455 or via the online complaint form: https://www.uspis.gov/report
Close any accounts that you believe may have been tampered with or opened without your consent. Report these accounts to the personnel of that relevant company. Inquire as to any other steps they require or recommend you take, which may include you sending copies of the fraudulent activity.