Security Guidelines


Protecting Your Information


Ensuring the security of your personal information online is a top priority for us.


When you sign in to Internet Banking on our home page, your Log-in ID and Password are secure. The moment you click Go and before your Login and Password leave your computer, we encrypt them using Secure Sockets Layer (SSL) technology.


Use of Secure Browsers


Our online banking product requires that you only use an internet browser that supports 128-bit encryption. See our Browser Guidelines. You may "test" your browsers ability to meet these requirement at www.verisign.com/advisor/check.html.


Types of Online Risks


Identity Theft/Phishing/Pharming/Email Scams


Phishing attacks use both social engineering and technical activity to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Pharming schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware.


To protect yourself against these typical online risks:

  • If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message, either. Legitimate companies don't ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address yourself. In any case, don't cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different site.
  • Use anti-virus software and a firewall, and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
  • Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
  • A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It's especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software "patches" to close holes in the system that hackers or phishers could exploit.
  • Don't email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
  • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
  • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.


If you believe you've been scammed, file your complaint at www.ftc.gov, and then visit the FTC's Identity Theft website. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk.


If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report.


Credit Bureau Addresses


Experian


P. O. Box 2002, Allen, TX 75013 Tel: 888-397-3742, Experian is the largest of the three credit bureaus. When ordering your credit report, you might be asked to provide the following information: First, middle and last name; current address; previous addresses for the past five years; social security number, date of birth; spouse's name. If you are not entitled to a free credit report, you will need to pay them the applicable fee.


Equifax


P. O. Box 740241, Atlanta, GA 30374 Tel: 800-685-1111, When ordering your credit report, you might be asked to provide the following information: Full legal name, address, social security number, most recent former address. If you are not entitled to a free credit report, you will need to pay them the applicable fee.


Trans Union


P. O. Box 1000, Chester, PA 19022 Tel: 800-888-4213, When ordering your credit report, you might be asked to provide the following information: First, middle and last name; current address; previous addresses for past two years; social security number, date of birth; current employer; phone number. If you are not entitled to a free credit report, you will need to pay them the applicable fee.


You can learn other ways to avoid email scams and deal with deceptive spam at www.ftc.gov/spam.


Computer Viruses or Worms


A computer virus passes from computer to computer like a biological virus passes from person to person. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Most viruses are a nuisance, but some are quite dangerous.


A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quickly. For example, the Code Red worm replicated itself over 250,000 times in approximately nine hours on July 19, 2001. A worm usually exploits some sort of security hole in a piece of software or the operating system.


Your best protection from acquiring a computer virus or a computer worm is to use a personal firewall, updated anti-virus software, and monitor emails and web surfing activity of people using your computer.


A list of common anti-virus solutions: http://support.microsoft.com/?kbid=49500

List of computer virus hoaxes: http://en.wikipedia.org/wiki/List_of_computer_virus_hoaxes