PROTECT YOUR ACCOUNT
The upward trend of customers using online channels for banking and financial services has expanded the opportunities for criminals and cyber-crime!
Due to many credit unions and banks having more sophisticated IT security systems, criminals are turning away from tightly secured bank computers and are instead looking toward the potentially weaker computer systems of credit union clients. More and more attacks are also being committed against small and medium-sized businesses. Some of the most common approaches for criminals to compromise end-user data are to take advantage of users visiting unsecured networks or compromised websites, not having up-to-date virus protection and security patches, or opening attachments with embedded malware or Trojan software.
Superior Credit Union has the expectation that each customer will take any and all reasonable precautions to reduce the likelihood of computer-related fraud. There is not one best approach for online security, but we would like to offer several recommendations:
Anti-Virus Software. Be sure to install anti-virus, anti-spyware, malware, and adware detection software from a reputable vendor on to your computer and keep it up to date. You may need to have a professional scan and repair your computer for viruses, malware, and Trojans if your computer has been infected.
Computer Updates. Make sure the computer you are using has the most current updates and patches released by Microsoft, Java, and Adobe. Most of the updates are security patches for browsers such as Internet Explorer, Mozilla Firefox, and other software that could potentially expose the computer to hacking.
Secure Site. Make sure your banking site (URL) starts with https:// and not http://. The “s” indicates a secure transaction using a different method of communication than standard Internet traffic. A security icon that looks like a closed padlock or key appears when the site is authenticated.
Do Not Use Links. Never use a link to reach a financial institution’s website. Type in your bank’s website address into the Internet browser’s address bar every time.
Public Computer. Never access your financial institution’s website from a public computer at a hotel, library, airport, or public wireless access point.
Website Familiarity. Know what your financial institution’s website looks like and which questions are asked to verify your identity. Some attacks, known as man-in-the-middle attacks, will change the login page. A user can sometimes spot these attacks by noticing slight modifications to the bank’s standard page, such as extra security questions, poor grammar, misspellings, a fuzzy or older bank logo, or a change to the location of each feature. A typical malware behavior will also ask a user to enter their user ID, password, and security information three or four times and will then post a message that the site is down for maintenance or servicing. Online Banking sites will not be down for maintenance during normal business hours. If the site is down for any reason, you will see that message in advance and the log in screen will not be accessible.
Suspicious E-Mails. Be extremely suspicious of e-mails purporting to be from your financial institution, a government agency, or any suspicious e-mails from unknown sources. Financial institutions should never contact you via e-mail to request you to verify information. If you believe the contact may be legitimate, do NOT use the link provided in the e-mail; instead, type the website address of your financial institution into your Internet browser’s address bar or contact your financial institution at a phone number you know is valid.
Online Purchase Transactions. Avoid using debit cards for online transactions, as this provides direct access to your bank account. If you use a credit card to shop online, use only one credit card with a low credit limit. Monitor the activity on the card as often as possible.
Log Off Properly. Properly log out of all financial institution websites before closing the browser window.
Shut Off Computer. Always lock or shut off your computer when you leave it unattended. Set your computer to automatically lock after a set period of inactivity (i.e. 15 minutes).
Passwords. Use strong passwords (at least 10 characters combining uppercase and lowercase letters, numbers, and symbols) and change them frequently. Do not allow your computer to save your login names or passwords and keep them confidential. Do not use your login or password for your financial institution on any other website or software. Superior Credit Union will never request login user names, passwords, or answers to security questions from our clients on an unsolicited basis under any circumstances.
Use a Different Computer. Do not use the same computer for financial transactions that children or non-savvy Internet users utilize for regular Internet access.
Posting Personal Information. Do not post your personal information on the Internet. Your high school, maiden name, date of birth, first car, first school, youngest sibling’s name, mother’s full name, father’s full name, etc. are the answers to many security questions on financial websites. When you post this information, you are making it easier for criminals to gain access to your financial information. In addition, never send confidential information, such as your account number, Social Security number, etc., in an Internet e-mail or over an unsecure website.
Alerts. Check with your financial institution about enabling “Alerts” and other security measures that may be available. Superior Credit Union does have Online Banking alerts for such areas as minimum balance, maximum balance, transfers, deposits completed, checks completed, and CD maturity.
Report Suspicious Activity. Regularly log in to your online accounts and check your bank and credit card statements to ensure transactions are legitimate. Immediately report any suspicious activity on your
account(s). There is a limited recovery window and a rapid response may prevent additional losses.
Security & Fraud Education. Sign up for Superior Credit Union’s Fraud Prevention eAlerts. Once you are enrolled in Superior Credit Union’s eStatements service, signing up for eAlerts is an easy way to receive information about ways you can protect yourself from fraud.
Best Security Practices for Mobile Banking Use
Important: If you have not signed up for Scu@Home Online Banking, you must do that from a PC before you can access Mobile Banking.
Security & Fraud Education:
Best Practices for Mobile Devices
Mobile devices have the potential to store large amounts of private user information as well as sensitive data, including personal account information, website login IDs and passwords, email, and location information. Consequently, mobile device malware is on the rise.
The Federal Communications Commission (FCC) recommended the following steps to reduce your exposure to mobile threats:
Following these best practices can reduce your exposure to mobile threats and will protect private and sensitive data.