Follow these online security best practices to safeguard your likeness.
User ID and Password Guidelines
You most likely have a tremendous number of accounts online and on your devices and computers. Here are some key steps to protecting them:
- Always use long passwords that are hard to guess. Use passphrases when possible. These are passwords that have multiple words, such as "Where Is My Coffee?"
- Use a different password for each of your accounts and devices.
- Can't remember all of your strong passwords? We recommend you use a password manager to securely store them. This is a computer program that securely stores all of your passwords in an encrypted vault. Make sure to use something reputable like 1Password, KeePass, or LastPass
- Use two-step verification whenever possible. Two-step verification is when you need a password and something else to log in to your account, such as a code sent to your smartphone. Think of this like withdrawing cash at an ATM. You need your debit card (something you have) and a PIN (something you know) to initiate a transaction.
- Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles.
General Security Guidelines
- Do not use public or other unsecured computers for logging into online banking.
- Users should check the last login date/time every time they log in.
- If the system does not recognize your computer or location, you will be asked to provide additional information to log into online banking. This is called Out-of-Band Authentication via phone call or text message.
- Review account balances and detail transactions regularly (preferably daily) to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution.
- View transfer history available by viewing account activity information.
- Whenever possible, use Bill Pay instead of checks to limit account number exposure and to obtain better electronic record keeping.
- Take advantage of and regularly view system alerts. Examples include ACH alerts, wire alerts, and password change alerts.
- Use the historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data.
- Never leave a computer unattended while logged into online banking.
- Never conduct banking transactions while multiple browsers are open on your computer.
- Use a dedicated PC solely for financial transactions (e.g., no web browsing, emails, or social media). Another easier way to do this is to create a LiveCD/DVD/USB.
Tips to Avoid Phishing, Spyware and Malware
- Do not open email from unknown sources. Be suspicious of emails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials (such as usernames, passwords, PIN codes, and similar information).
- Opening file attachments or clicking on web links in suspicious emails could expose your system to malicious code that could hijack your computer.
- Never respond to a suspicious email or click on any hyperlink embedded in a suspicious email. Call the purported source if you are unsure who sent an email.
- If an email claiming to be from your financial organization seems suspicious, call your financial institution.
- Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry-standard product.
- Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software.
- Ensure computers are patched regularly, particularly operating systems, browsers, and key applications.
- Turn your Operating System’s firewall on.
- Check your settings and select, at least, a medium level of security for your browsers.
Tips for Secure Online Banking
- Be advised that you will never be presented with a maintenance page after entering login credentials. Legitimate maintenance pages are displayed when first reaching the URL and before entering login credentials.
- Online Banking does not use pop-up windows to display login messages or errors. They are displayed directly on the login screen.
- Online Banking never displays pop-up messages indicating that you cannot use your current browser.
- Online Banking error messages never include an amount of time to wait before trying to login again.
- Be advised that repeatedly being asked to enter your password/token code are signs of potentially harmful activity.
Additional Fraud Prevention Tips for Online Business Banking
Administrative users, it is recommended that you follow these best practices:
- Prohibit the use of “shared” usernames and passwords for online business banking.
- Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses.
- Dedicate and limit the number of computers used to complete online banking transactions. Do not allow Internet browsing or email exchange and ensure these computers are equipped with latest versions and patches of both anti-virus and anti-spyware software.
- Delete online user IDs as part of the exit procedure when employees leave your company.
- Assign dual system administrators for online cash management services.
- Use multiple approvals for monetary transactions and require separate entry and approval users.
- Establish transaction dollar limits for employees who initiate and approve online payments such as ACH batches, wire transfers, and account transfers.
Tips to Protect Online Payments & Account Data
- Take advantage of transaction limits. Establish limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.
- When you have completed a transaction online, ensure you log off to close the connection.
- Reconcile by carefully monitoring account activity and reviewing all transactions initiated by your company on a daily basis.
ACH (Automated Clearing House Batches) Tips
- Use pre-notification transactions to verify that account numbers within your ACH payments are correct.
- Use limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.
- Review historical and audit reports regularly to confirm transaction activity.
Wire Transfer & Account Transfer Tips
- Use limits provided for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits.
- Review historical and audit reports regularly to confirm transaction activity.