Online & Mobile Security

It's a dangerous world out there in cyberspace. Security threats are escalating every year and have become more malicious with cyber criminals entering the scene stealing financial and personal information. Cell phones and automobiles are becoming more computerized, and hackers have an even wider selection of devices to infect with malicious threats. With so many plug-gable devices available coming on the market, new areas of exposure are created. The video below covers some common myths we believe about the internet and security of how we use it.

It's a dangerous world out there in cyberspace. Security threats are escalating every year and have become more malicious with cyber criminals entering the scene stealing financial and personal information. Cell phones and automobiles are becoming more computerized, and hackers have an even wider selection of devices to infect with malicious threats. With so many plug-gable devices available coming on the market, new areas of exposure are created.

Here's a quick look at some of today's most common computer security threats:
  1. Malware. Exploits and malware are increasing through vectors ranging from social networks to mobile devices to employees themselves. As computer and operating system security continues to improve so will cyber criminals' new techniques to bypass these defenses.
  2. Mobile Threats. Attackers are turning their attention to launching mobile banking attacks. Consumers will begin to see banking attacks migrate from the computer to the smartphone. Keep in mind that if your smartphone becomes infected, it can infect your computer and your home or work network.
  3. Threats to Mobile Payments. Electronic currency has made sending money extremely easy. Buying or selling, paying for entertainment, and sending money to a friend from a mobile device is becoming more popular. Electronic payments, however, are often not encrypted, unless you're using the mobile safeguards provided by your bank. Hackers know this and are increasingly targeting the growing use of cyber currency as a means to steal money and spread malware.
  4. Attacks on SMBs. Small businesses believe they are immune to cyber-attacks. They erroneously think they have nothing an attacker would want to steal. They forget that they retain customer information, create intellectual property, and keep money in the bank. Truth is, small companies are typically less equipped to defend against an attack. From an attacker's point of view, any business is a potential target, no matter its size.
  5. Uneducated Users. The average user has become educated enough not to click on an attachment in unsolicited e-mail, but do they know how to defend themselves in today's constantly-changing threat environment? The first step in computer security is being aware of the risk environment. Information security awareness training helps computer users develop the skills to identify risks and scams and avoid becoming a victim.
  6. User Errors. Computers are great. And in fact, they are better and more reliable than people for many transactions. Computers, for example, are better than doctors at diagnosing some illnesses. That said, humans make mistakes when using computers, especially when they’re not savvy about computer security. Even if you think you're doing all you can to avoid common security threats, you'd probably be surprised at how easily an outsider can find common -- even silly -- mistakes.
The Internet is now very secure for credit card use, far more so than for everyday use, where you hand your card over without thought to waiters and store clerks, and far safer than giving out your credit card number over the phone.

E-commerce websites require a commitment to securing transnational details, including credit card information from customers. They use one of the many available encryption techniques which scramble the exchange of information between you and the website you are visiting so that it cannot be tampered with, corrupted or copied. Encryption is provided through a document the website provides called a certificate.

Secure websites and pages will feature two important conditions that indicate they are using encryption technology and a Secure Socket Layer. This is indicated by "https" (letter "s" after the http portion of the URL), and means that the server is a secure one. In your browser, you will also see a lock icon in the Security Status bar. The Security Status bar is located on the right side of the Address bar. The certificate that is used to encrypt the connection also contains information about the identity of the website owner or organization. You can click the lock to view the identity of the website.

Even if the connection between your computer and the website is secure, it does not guarantee that the website is trustworthy. Your privacy can still be compromised by the way the website uses or distributes your information, so you should read their Privacy Statement.
While there is no absolute guarantee of safety on the web, you can minimize online privacy or security problems by using websites you know and trust. Try to use sites you've used previously or that are recommended by trusted friends or family.

Using Public Computers
Sometimes you may need or want to use a computer when away from home or office. There are computer kiosks in every airport, hotel, library, and in many coffee shops, but beware when using public computers. Any computer that you do not own or control should be treated as if it is infected with viruses and other malicious programs and should never be trusted. If you must use a computer other than your own, follow these few simple rules:

  1. Never use public computers to make financial transactions or to enter personal information. Public computers may have programs that log keystrokes (key loggers), as well as other spyware that snatches sensitive information. Wait to make your Internet transactions until you get home.
  2. Disable the feature that stores login information and passwords. Uncheck the box on the login page so that no one can log in as you.
  3. Always log out of websites by clicking "log out" on the site. It's not enough to simply close the browser window or type in another address.
  4. Erase your tracks. Delete your temporary Internet files and your browsing history.
  5. Watch for over-the-shoulder snoops. When you use a public computer, be on the lookout for thieves who look over your shoulder or watch what you’re doing.

Using Public or Unsecured Wi-Fi
Mobile users demand high connectivity in today's world, often at the price of security. Requiring Internet access at the airport, public buildings, and restaurants, users will easily sacrifice a secure connection for a fast and reliable one. Many people like to work or study at coffee or book shops because they offer comfortable seating and free Wi-Fi, but be careful. There are risks.

  1. Use a VPN connection. A Virtual Private Network (VPN) work by encapsulating network traffic in an encrypted tunnel to a secure endpoint. Traffic is both encrypted and authenticated, rendering an attacker helpless to read or modify traffic.
  2. Require "https". Users should require all websites that send or receive personal information to use SSL. This includes your web-mail. Many social media sites now offer SSL.
  3. Don't connect to unsecured wireless hot spots automatically; configure your computer not to automatically connect to a wireless network. This will prevent you from accidentally exposing private/confidential information because you might think you are on a secure network when in fact you are not.
  4. Run a firewall program on your laptop. Firewalls guard against attack from other computers also connected to the unsecured network. You wouldn’t want someone connecting to your computer and possible downloading information from your hard drive.
  5. Ensure that your computer has virus and malware protection. If you don't install one, your computer is sure to pick up a virus/malware soon.

The more you know about how to make secure transactions when away from your home or office computer, the less likely it is you will encounter problems.

First National Bank & Trust has taken strong measures to ensure the security and safety of your account and its overall online banking system. By staying alert to potential security threats and keeping in mind the suggestions listed above, you can help us keep online banking extremely safe and secure. Follow the good practices and use the knowledge we've provided here, and you will be much more prepared to enjoy the conveniences of online services with peace of mind!
Today, smartphones and other mobile devices are playing a major role in how people are entertained, communicate, network, work, bank, and shop. The number of smart mobile devices in the world has increased dramatically in recent years, and so has the challenge to find ways to secure those mobile devices.

While security software is commonly used on laptops and desktops, the majority of mobile devices today remain devoid of security protection and are exposed to a new and growing breed of mobile malware. Malware may result in device or data corruption, data loss, the unavailability of necessary data and more.

Mobile malware is different from PC malware in that it doesn’t spread randomly via unknown sources or random phishing emails. Instead, mobile malware is actively installed by users who download and install infected apps from an app store, either Apple’s or the various Android stores. The attacker convinces the store that the app is legitimate and it performs as expected while it gains a fan base. Soon after, it begins its malicious behavior. As with PC malware, the authors of malicious mobile apps are all about making money.

Unfortunately, there is no straightforward, one-size-fits-all remedy to the mobile security problem, but there are definite steps you can take to protect your device and ultimately, your personal information.

First, ensure that you use the following three core components to secure your mobile device. When combined, they provide a significant challenge for hackers.

  • Device auto-lock - Configure your device to lock automatically after a period of time. Only those with knowledge of the pass-code can unlock the device.
  • Device encryption – Protect your mobile device by preventing access from intruders, eavesdropping or interception of data in transit by using encryption technology.
  • Remote wiping - Install remote locate, track, lock, wipe, backup and restore software to retrieve, protect or restore a lost or stolen mobile device and the personal data on that device.

Follow these tips to protect your mobile device, data and privacy against the growing mobile malware threats.
 
  1. Do not circumvent or disengage security features such as passcodes and auto-locks.
  2. Set the device to lock after a set period of inactivity. A recommended inactive period setting is 10 minutes or less.
  3. Ensure that you have GPS device location in the event of theft or loss.
  4. Use caution when downloading apps and free software, especially from unsanctioned online stores.
  5. Install an on-device personal firewall to protect mobile device interfaces from direct attack.
  6. Install anti-spam software to protect against unwanted voice and SMS or MMS communications.
  7. Install real-time anti-malware technology via cloud services that continually analyzes and re-analyzes websites and mobile applications. Protect against malicious applications, spyware, infected secure digital (SD) cards and malware-based attacks.
  8. Turn off “beaming” (infrared data transmission).
  9. Turn off the Wi-Fi when you’re not using it; and avoid using public, unsecured Wi-Fi hot spots.
  10. Before discarding any device, make sure it is wiped clean and restored to factory defaults.
  11. Threats to mobile devices are pervasive and escalating. Through malware, loss and theft, misconduct, and direct attacks, users are increasingly susceptible to devastating compromises of mobile devices.
  12. Do not let your mobile devices be used by children, who frequently download cool-looking but unknown free apps that might be malicious.

First National Bank & Trust has taken strong measures to ensure the security and safety of your account and its overall online banking system. By staying alert to potential security threats and keeping in mind the suggestions listed above, you can help us keep online banking extremely safe and secure. Follow the good practices and use the knowledge we've provided here, and you will be much more prepared to enjoy the conveniences of online services with peace of mind!
Follow these 10 tips to ensure a safe and pleasant online shopping experience: Trust your instincts, make sure the Internet connection is secure, know who you're dealing with and understand the terms of the deal, know what you buying, know what it will cost, use the safest payment method, keep detailed records, and protect your personal and financial information, inspect your purchase, and avoid online shopping scams.

Trust your instincts
If you don't feel comfortable purchasing or bidding on an item over the web, or if you feel pressured to place your order immediately, maybe you shouldn't.

Make sure the Internet connection is secure
Shop only from your home computer. Never shop at a terminal in an internet café or library. Before you give your payment information, check for indicators that security software is in place. Look for a green address bar with "https" in the URL. This indicates the website is secure for ecommerce transactions. It's a way to encrypt data sent and received over the Web so that monetary and other sensitive transactions are secure. Unfortunately, no indicator is foolproof; some fraudulent sites have forged security icons.

Know who you're dealing with and understand the terms of the deal
Confirm the online seller's physical address and phone number in case you have questions or problems. Also read their Return and Refund Policies, including shipping and handling charges. Unfortunately, not all online sellers allow items to be returned and, if they do, there is sometimes a restocking fee. Read the fine print. If you can't find this information on their website, ask the seller through an email or telephone call. Finally, many sites offer tracking options, so you can see exactly where your purchase is and know when it will arrive.

Know what you're buying
Closely read the seller's description of the product. Words like "refurbished," "vintage," or "close-out" may indicate that the product is in less-than-mint condition, while name-brand items with bargain basement prices could be illegal counterfeits. Always remember, if an offer sounds suspicious or too good to be true, it probably is.

Know what it will cost
Comparison shop before you buy, both online and offline. Visit websites that offer price comparisons and then compare "apples to apples."

Use the safest way to pay on the Internet
Always pay online with a credit card. This way your transaction will be protected by the Fair Credit Billing Act. Under this law, you can dispute charges under certain circumstances and temporarily withhold payment while the creditor investigates them. An alternative way to pay is by using a third party like PayPal, which prevents sellers from seeing your sensitive financial details and ensures a smooth transaction. Never send cash or money transfers under any circumstances.

Keep Detailed Records
Print out and date a copy of your online transactions including the product description, online receipt, the terms and conditions, warranties, company information, even confirming emails, and save them with your records of your purchase. Read your credit card statements as you receive them; be on the lookout for charges that you don't recognize.

Protect Your Information
Never send financial information like your credit card, checking account or Social Security number by email. No one should ask for your personal information by email – not even your bank.

Inspect your purchase
Inspect your purchase carefully as soon as you receive it. If you discover a problem, contact the seller right away. Document in writing any problems you have, ask the seller for a repair or refund, and keep a copy of your correspondence.

Watch out for online shopping scams
While shopping online is convenient, it isn't always safe. Fraudsters are attracted to where money is, and money is definitely on the internet. While there are many genuine merchants, there is an ever increasing amount of fraudulent activity on the Internet. Deal with companies that you know and trust, and always be cautious of advertisements on social media!
Protecting taxpayers and their tax refunds from identity theft is a top priority for the IRS. This year the IRS expanded its efforts to better protect taxpayers and help victims dealing with this difficult issue.

When your personal information is lost or stolen, it can lead to identity theft. Identity thieves sometimes use your personal information to file a tax return to claim a tax refund. Then, when you file your own tax return, the IRS will not accept it and will notify you that a return was already filed using your name and social security number. Often, learning that your return was not accepted or receiving a contact from the IRS about a problem with your tax return is the first time you become aware that you're a victim of identity theft.

How to avoid becoming an identity theft victim.

  • Guard your personal information. Identity thieves can get your personal information in many ways. This includes stealing your wallet or purse, posing as someone who needs information about you, looking through your trash, or stealing information you provide to an unsecured website or in an unencrypted email.
  • Watch out for IRS impersonators. Be aware that the IRS does not initiate contact with taxpayers by email or social media channels to request personal or financial information or notify people of an audit, refund or investigation. Scammers may also use phone calls, faxes, websites or even in-person contacts. If you’re suspicious that it’s not really the IRS contacting you, don’t respond. Visit the Report Phishing web page to see what to do.
  • Protect information on your computer. While preparing your tax return, protect it with a strong password. Once you e-file the return, take it off your hard drive and store it on a CD or flash drive in a safe place, like a lock box or safe. If you use a tax preparer, ask how he or she will protect your information.

How to know if you are, or might be, a victim of identity theft.
Your identity may have been stolen if the IRS notifies you that:

  • You filed more than one tax return or someone has already filed using your information;
  • You owe taxes for a year when you were not legally required to file and did not file; or
  • You were paid wages from an employer where you did not work.
Respond quickly using the contact information in the letter you received from the IRS so that we can begin to correct and secure your tax account.

If you think you may be at risk for identity theft due to a lost or stolen purse or wallet, questionable credit card activity, an unexpected bad credit report or any other way, contact the IRS Identity Protection Specialized Unit toll-free at 800-908-4490. The IRS will then take steps to secure your tax account. The Federal Trade Commission also has helpful information about reporting identity theft.

If you have information about the identity thief who used or tried to use your information, file a complaint with the Internet Crime Complaint Center.

For more information – including how to report identity theft, phishing and related fraudulent activity – visit the Identity Protection home page on IRS.gov and click on the Identity Theft link at the bottom of the page.

Source: IRS.gov