SAFETY & SECURITY 

IMPORTANT INFORMATION AND GENERAL BEST PRACTICES TO HELP PROTECT YOURSELF FROM CYBERCRIMINALS AND IDENTITY THIEVES

 

Online Transactions & Cybersecurity

Federal financial regulators are reporting that Internet threats have changes significantly over the past several years.  Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers.  This ever evolving landscape of cybercrime presents unique challenges for protecting yourself from identity theft and fraud, but there are some steps you can take to make stealing your information more difficult for scammers and thieves.

In order to help ensure the security of your online transactions, we want you to know that:

  • We will never email, call or otherwise ask you for your user name, password or other electronic banking credentials

You can help protect yourself by implementing alternative risk control processes like:

  • Use unique and hard-to-guess passwords that combine letters (both upper and lower case), numbers, and symbols, and change passwords regularly. Avoid using personal information specifically, the last 4 digits of your SSN, dates of birth, or children’s names in your password.

  • Avoid using the same password for multiple online accounts and safeguard your username and password information.

  • Install current end-point security software (anti-virus) from a verified source and maintain security patches and software updates. 

  • Ensure that a website is reputable and secure before entering any personal or financial information.  Verify the URL and look for a padlock symbol, the word “secure” or a web address that begins with “https://” in your URL window.

  • Do not use unencrypted public Wi-Fi.  SSL offers little to no protection when using public Wi-Fi hot spots.

  • Monitor your account activity on a regular basis.

  • Never respond to or give out personal or account information solicited via email, phone, or through text message.  


Owners of commercial accounts should be even more diligent in protecting their online account information by performing a risk assessment and controls evaluation and correcting any deficiencies.  Some common areas of risk are:

  • Password Control – Passwords to accounts being written down and left unsecured, old or inadequate passwords as well as password sharing.

  • Account Control – Lack of dual control or checks and balances over individual access to find and prevent internal fraud and theft.

  • Network security – No firewall, lack of current end-point security software (anti-virus), un-secure Wi-Fi, and use of unpatched systems.

  • User Access – Delays in removing terminated employee access.


Phishing

Phishing is when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information – such as account numbers, Social Security numbers, or your login IDs and passwords. Scammers use your information to steal your money or your identity or both.  Scammers also use phishing emails to get access to your computer or network then they install programs like ransomware that can lock you out of important files on your computer.

Phishing scammers lure their targets into a false sense of security by spoofing the familiar, trusted logos of established, legitimate companies. Or they pretend to be a friend or family member.  They make it seem like they need your information or someone else’s, quickly – or something bad will happen. They might say your account will be frozen, you’ll fail to get a tax refund, your boss will get mad, even that a family member will be hurt or you could be arrested. They tell lies to get to you to give them information.  Here are a few tips to help you avoid getting hooked by a phishing scam:

  • Be cautious about opening attachments or clicking on links in emails. Even your friend or family members’ accounts could be hacked. Files and links can contain malware that can weaken your computer’s security.

  • Do your own typing. If a company or organization you know sends you a link or phone number, don’t click. Use your favorite search engine to look up the website or phone number yourself. Even though a link or phone number in an email may look like the real deal, scammers can hide the true destination.

  • Make the call if you’re not sure. Do not respond to any emails that request personal or financial information. Phishers use pressure tactics and prey on fear. If you think a company, friend or family member really does need personal information from you, pick up the phone and call them yourself using the number on their website or in your address book, not the one in the email.

  • Keep your security up to date. Use security software you trust, and make sure you set it to update automatically.

  • Never provide personal or financial information in reply to an email request. Legitimate businesses–especially your financial institution–would never ask you to provide this information through such an unsecured platform.


Identity Theft

It’s an Information Jungle out there! Nearly one American every minute is a victim of Identity Theft. The thieves don’t need much: a receipt you left behind, a bill mailed from your mailbox, a missing check, or information provided over an unsecured website. You get the idea.  Prevention of identity theft and fraud begins by paying extra attention to the details, remaining aware of potential warning signs, and making it more difficult for scammers and thieves to access your information.

Some general best practices are:

  • Never give your Social Security number or credit information to anyone who calls you.

  • Lock up your financial documents and records in a safe place at home.

  • Order copies of your credit report once a year to ensure accuracy.

  • Monitor your accounts for suspicious transactions.

  • Be careful with your mail and take outgoing mail to a post office collection box, promptly remove mail from your mailbox, and request a vacation hold on your mail from the post office when you’ll be away.

  • Shred sensitive documents like receipts, credit offers, insurance forms, expired charge cards, and similar documents before putting them in your trash.

  • Protect your medical information and destroy prescription bottle labels before you throw them out.

  • Report suspected fraud to your bank immediately

  • For more tips to avoid becoming a victim of Identity theft  or for Victim Assistance Information visit our identity theft information page.


ATM & Debit Card Care Tips

Lost or Stolen ATM and Debit Cards … Notify Central Bank immediately!

  • If it is during regular banking hours, you can call 731-925-9046.

  • After hours, you should call 1-800-383-8000. This is a special lost/stolen card support line.

  • Once you have stopped all transactions on the lost or stolen card, you will need to have a Central Bank Customer Service Representative reissue you a completely new card a new

  • Monitor your statements very carefully for any unauthorized transactions. If there is a transaction(s) that does not belong to you, contact Central Bank immediately at 731-925-9046.

Here are a few “dos” and “don’ts” that are important to follow …

  • Do treat your card like cash. Always keep the card in a safe place.

  • Do keep your PIN a secret. Positively, Don’t write your number on the card.

  • Don’t disclose information about your card over the phone. Do give your card number and expiration date if you initiated the call to place an order or to make a reservation.

  • Do review your statements.

  • Don’t expose your card’s magnetic strip to magnetic objects.

Electronic Fund Transfer

Federal regulations provide consumers with some protections for electronic fund transfers.  These regulations generally apply to accounts with internet access.

For example, these federal laws establish limits on a consumer’s liability for unauthorized electronic fund transfers.  They also provide specific steps you need to take to help resolve an error with your account.  Note, however, that in order to take advantage of these protections, you much act in a timely manner.  Make sure you notify us immediately if you believe your access information has been stolen or compromised.  Also, review your account activity and periodic statement and promptly report any errors or unauthorized transactions.  See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these types of protections.

If you become aware of suspicious account activity, you should immediately contact the authorities and contact us at 731-925-9046