Staying Safe and Secure Online
The Internet has become one of the most popular tools used to commit fraud and criminals are becoming more sophisticated with their hacking techniques. As a result, it’s extremely important to protect yourself from online fraud and filter the amount of information you divulge online.
Because the safety and security of your assets are always our highest priority at Core Bank, we want to provide you with the tools and resources you need to stay up-to-date in protecting your identity and assets. We’ve gathered multiple online resources from trusted sources to help you learn how to protect your computer, your information, and your online files.
USER ID AND PASSWORD GUIDELINES
- Create a “strong” password with at least eight characters that includes a combination of mixed case letters, numbers, and special characters.
- Never share user name and password information with third-party providers.
- Avoid using an automatic login feature that saves user names and passwords.
REPORTING FRAUD + IDENTITY THEFT
In the unfortunate event that you’ve been the victim of a scam, fraudulent activity or identify theft, the links below will help you walk through the reporting process.
If you have received a suspicious email or believe you are a victim of fraud or identity theft relating to any of your Core Bank accounts, please call us immediately at (402) 333-9100.
ONLINE FRAUD + SCAMS
- Do not use public or other unsecured computers for logging into Consumer eBanking.
- Check the last login date/time every time you log in.
- If the system does not recognize your computer or location, you will be asked to provide additional information to log into Consumer eBanking. This is called Out-of-Band Authentication via phone or SMS text.
- Review account balances and detail transactions regularly (preferably daily) to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution.
- View transfer history available by viewing account activity information.
- Whenever possible, use Bill Pay instead of checks to limit account number exposure and to obtain better electronic record keeping.
- Take advantage of and regularly view system alerts; examples include:
- Balance alerts
- Password change alerts
- Transfer alerts
- Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles.
- Use the historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data.
- Never leave a computer unattended while using Consumer eBanking.
- Never conduct banking transactions while multiple browsers are open on your computer.
TIPS TO AVOID PHISHING, SPYWARE AND MALWARE
- Do not open e-mail from unknown sources. Be suspicious of e-mails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials such as user names, passwords, PIN codes, and similar information. Opening file attachments or clicking on web links in suspicious e-mails could expose your system to malicious code that could hijack your computer.
- Never respond to a suspicious e-mail or click on any hyperlink embedded in a suspicious e-mail. Call the purported source if you are unsure who sent an e-mail.
- If an e-mail claiming to be from your financial organization seems suspicious, check with your financial organization.
- Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
- Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software.
- Ensure computers are patched regularly, particularly operating systems, browsers, and key applications.
- Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to your network and computers.
- Check your settings and select, at least, a medium level of security for your browsers.
- Clear the browser cache before starting any Consumer eBanking session to eliminate copies of web pages that have been stored on the hard drive. How the cache is cleared depends on the browser and version you are using. This function is generally found in the browser’s preferences menu.
- Be advised that you will never be presented with a maintenance page after entering login credentials. Legitimate maintenance pages are displayed when first reaching the URL and before entering login credentials.
- Consumer eBanking does not use pop-up windows to display login messages or errors. They are displayed directly on the login screen.
- Consumer eBanking never displays pop-up messages indicating that you cannot use your current browser.
- Consumer eBanking error messages never include an amount of time to wait before trying to login again.
- Be advised that repeatedly being asked to enter your password/token code are signs of potentially harmful activity.
PROTECT YOURSELF FROM VOICE PHISHING
- Do not pay fees for prizes or rewards offered by phone.
- The IRS will never ask you for debit or credit card numbers by phone or demand immediate payments using specific methods, such as prepaid gift cards, debit cards, or wire transfers. The IRS will generally contact you first via U.S. Mail.
- Do not send money or give out personal information (such as credit card numbers and expiration dates, bank account numbers, dates of birth, or Social Security numbers) in response to unsolicited phone calls from unfamiliar companies or unknown persons.
- Don’t trust caller ID. Phone numbers and caller identities can be faked. There have been reports of forged phone numbers from U-M, government offices, and other businesses and institutions.
- Add your phone number to the National Do Not Call Registry to reduce unwanted sales calls.
CORPORATE ACCOUNT TAKEOVER (CATO)
Corporate Account Takeover occurs when a criminal obtains electronic access to your bank account and conducts unauthorized transactions. The criminal obtains electronic access by stealing the confidential security credentials of your employees who are authorized to conduct electronic transactions (wire transfers, Automated Clearing House-ACH, and others) on your corporate bank account. Losses from this form of cyber-crime range from the tens of thousands to the millions with the majority of these thefts not fully recovered. Corporate Account Takeovers have affected both large and small banks.
AVOID SCAMS RELATED TO COVID-19
With social distancing and more people working from home, more people are online than ever. Internet traffic is up more than 30%. Sadly, cybercriminals exploit situations like this, so phishing emails and texts may surge as well. To protect yourself, be alert.
Watch out for:
- Debt relief offers from unverified and unsolicited sources.
- Inspect email addresses. Never reply to emails or click on links provided.
Come directly to us through our website, app, or phone numbers. Be sure to verify numbers by looking them up online, too. Remember that Core Bank will never call, email, or text you asking for your:
- Account Number/Card Number
- Social Security Number
- Online Banking Credentials