ONLINE BANKING SECURITY INFORMATION
The Federal Financial Institutions Examination Council (FFIEC) recently issued new supervisory guidance designed to help make online transactions more secure. The new guidance is in response to an ever more dangerous online threat environment. Scams and hacking techniques are more sophisticated, new threats are continually being developed, and organized crime groups both in the United States and internationally have become a major force in expanding online fraud and theft.
Bank of Vernon and your Log-In Credentials
We will never call, email or otherwise contact you to request your access ID, password, or other log-in credentials for the online services we offer. If you receive such a request, do not provide any information.
REPORTING SUSPICIOUS ACTIVITY
If you see suspicious activity on your account(s) or have received a suspicious call, email, letter or other similar contact regarding your relationship to Bank of Vernon, call (205) 695-7141.
PROTECT YOURSELF BY CONTROLLING ONLINE RISKS
While online banking is safe, as a general rule you should always be careful about giving out your personal financial information over the Internet. Review the following tips to protect your personal information while using the Internet.
- Regularly log into your online accounts to verify that your bank, credit, and debit card statements and transactions are legitimate.
- Be suspicious of any e-mail with urgent requests for personal financial information.
- If you receive an unsolicited e-mail from any source asking you to click on a link to visit a site and input personal data, be very wary of it.
- Be cautious about opening any attachments or downloading any files from e-mails, regardless of who sent them.
- Instead of clicking on links in emails, type in the URL that you're familiar with, such as www.bankofvernon.com or select the Web address saved in your browser's "Favorites".
- If an offer sounds too good to be true, it probably is and should be avoided.
- If you have any doubts about the validity of an email, contact the sender using a telephone number you know to be genuine.
- Before you initiate an online transaction, make sure your personal information is protected by looking for indicators that the site is secure. URLs for secure sites typically begin with "https" instead of "http" and display a lock in the lower right corner of your browser.
- Use anti-virus software and keep it up-to-date.
- Make sure you have applied the latest security patches for your computer. Most software providers, like Microsoft, offer free security patches.
- If you have broad-band Internet access, such as cable modem or DSL, make sure that you have a firewall.
We take numerous steps to keep your account information secure. However, you must take precautions as well.
- Choose a good passcode - Your online passcode, along with your access ID, authenticate your identity when accessing online accounts. You should carefully select a passcode that is difficult to guess and not use personal information or a word that can be found in the dictionary.
- Keep your passcode safe - Even the best passcode is worthless if it's written on a note attached to your computer or kept in your checkbook. Memorize your passcode and never tell it to anyone.
- Change your passcode regularly - It's important to change your passcode regularly. Every time you choose a new passcode, our online banking system runs a quick program to test its safety. If we can guess it, we will immediately ask you to choose another one.
- Remember to log off properly - You may not always be at your own computer when banking online. Therefore, it's important to log off using the "log off" link at the top of each Internet banking page. If you forget to do so, the system automatically signs you off after 10 minutes of inactivity.
CONSUMER PROTECTION - REGULATION E
Regulation E provides rules for error resolution and unauthorized transactions for electronic fund transfers, which includes most transactions processed online. In addition, it establishes limits to your financial liability for unauthorized electronic fund transfers. These limits, however, are directly related to the timeliness of your detection and reporting of issues to Bank of Vernon. It is for this reason that we encourage you to immediately review periodic account statements and to regularly monitor your account activity online.
The "Electronic Fund Transfers" disclosure provided to you at the time of account opening provides detailed information. We will provide to you, upon request, a free printed copy of this disclosure.
Web Resources - Learn more and do more to protect yourself online!
Consumer Alerts and online security tips on the FTC website
Scams and Fraud and tips to avoid becoming a victim- Go to FBI website
Recent scams and how to report scams - Go to the IC3 website, a partnership of the FBI, the National White Collar Crime Center, and the Bureau of Justice:
ADDITIONAL INFORMATION FOR BUSINESS USERS OF ONLINE SERVICES
The new FFIEC Guidance takes note that business transactions, because of their frequency and dollar value, are inherently more risky than consumer transactions. The Guidance also notes the steep rise of online account takeovers and unauthorized online fund transfers related to business accounts in the last five years.
Recently, small- to medium-sized businesses have been primary targets as cyber criminals have recognized that the security controls they have in place are not as robust as that of larger businesses. Analysis indicates enhanced controls over administrative access and functions related to business accounts and layered security using multiple and independent controls would help to reduce these types of crime.
The FFIEC Guidance suggests enhanced controls for businesses:
Business customers should be encouraged to perform a periodic risk assessment and an evaluation of the effectiveness of the controls they have in place to minimize the risks of online transaction processing.
The protecting yourself by controlling online risks tips above provide a starting point for this process and the web resource links provide additional detailed information.
The FTC Business Center has a great deal of information for businesses at
Business customers should understand the security features of the software and websites they utilize and take advantage of these features. Segregation of duties-the process of separating duties so no one person can perform all steps of a transaction-is an example of a very important security feature.
Layered security options that may be available to business customers doing online transactions include transaction thresholds, out-of-band verification (such as telephone or email verifications), fraud detection and monitoring systems, and IP reputation-based services. The Guidance encourages establishing layered security processes.
Bank of Vernon customers should be aware of the continuing threat posed by multiple e-mail-based scams known as "phishing". These e-mail-based scams attempt to collect private account information from customers through deceptive and misleading methods.
For example, these phishing e-mails fraudulently request personal information including user ids, passwords, Social Security numbers, credit or ATM card numbers. The unsuspecting customer's personal information is generally gathered through a link provided in the e-mail that directs the recipient to non-Bank of Vernon Web sites that look very much like a legitimate site.
Please note that Bank of Vernon does not solicit sensitive, private information from customers through unsecure e-mail. Customers who receive these e-mails should not follow any of the instructions in the e-mail, and should not click on the links contained in the e-mail. If customers follow these steps, their accounts are not in jeopardy of being compromised.
If you have any concerns about the legitimacy of an e-mail message that appears to be from Bank of Vernon, please forward it immediately to email@example.com. As stated above, do not respond to the e-mail message or click any of the links contained in the e-mail. Please do not remove the original subject line or change the e-mail in any way when you forward it to us.
At Bank of Vernon protecting your privacy and the security of your information is very important to us.