Tips to Keep You Safe
Follow these best practices to keep your information and money safe.- Never leave your computer, tablet or mobile phone unattended when using any online banking, mobile banking or other financial services.
- After you have completed your Internet or mobile banking session, it is good practice to always log off and close the browser or app to ensure that the session is disconnected.
- It is also good practice to lock your computer, tablet or mobile device whenever you plan to leave it unattended.
- Never use publicly available information to create your password. Examples to avoid are common names or phrases, birthdates, social security numbers, etc. And of course, it goes without saying that you should never reveal your password to anyone.
PASSWORDS
Create a strong password using the following tips:- At least 8 characters.
- A mix of upper- and lower-case letters, numbers and special characters.
- Something other than your username or real name.
- Is significantly different from previous passwords.
- Is changed every 60 days at a minimum.
- Don't share passwords and PINs, even with CBB Employees
- Do not use all or part of your Social Security number, date of birth, street address, etc., when creating PINs or passwords.
- Never write your ATM and/or credit card PIN on the cards.
- Beware of people watching you at the ATM or checkout.
PROTECT YOUR DEVICE
Whether using Windows, iOS (Apple) or Linux as your operating system, follow these tips to secure the device you use to surf the Internet:- Enable the firewall. A firewall is like locking the front door to your house—it helps keep intruders (in this case, hackers and malicious software) from getting in.
- Configure the operating system to automatically download and install updates.
- Install robust security software, i.e. anti-virus, anti-spyware and anti-malware capable, and configure to automatically update.
- Always protect your device with a passcode lock.
HOW TO RECOGNIZE A SCAM: Phishing, SMShing & Vishing…
Phishing involves an email, often using the name and logo of a legitimate company, asking you to click a link and provide account details – which are then used to commit fraud. SMShing is essentially phishing via text, directing you to follow a link or call to provide sensitive account information. Vishing is phishing via phone, where the caller (or recording) warns you of the urgent need to confirm sensitive account information, or to call a number and provide it.
In order to avoid becoming a victim of a phishing, smshing or vishing scam, you need to know what to look for:
- These scams often look legitimate – but legitimate companies don't use unsolicited communications or pressure tactics
- E-mails, texts and calls will ultimately seek sensitive personal and account information, like Social Security numbers, account numbers, passwords or password prompts
- Communications may also include links or attachments that install computer/mobile device viruses and/or keystroke loggers and should not be clicked on or opened
- Messages use pressure to encourage you to click a link or place a call – immediately
- Contact the institution named in the email or text you receive – before you provide any information. It's important to make contact by alternate means – other than a direct reply to the sender – to ensure you're communicating with a credible information source. For example, use the contact number on the back of your credit card to confirm the legitimacy of any email, text or call you receive referencing that card.
KEEP AWAY FROM MALWARE: Spyware, Ransomware, Trojan, Keyloggers…
Malware is the generic name given to malicious code that is designed to disrupt the normal operation of or cause harm to a user’s computer, phone, tablet, or other device. There is a wide range of different malware categories, including but not limited to worms, trojans, spyware, and keyloggers. These terms are often used interchangeably.
The vast majority of today's malware is focused on making money for the malware authors. This is typically done by stealing confidential data such as usernames, passwords, credit card details, or other financial particulars. This sensitive information is then used to launch further attacks on individuals and businesses or is sold to other malicious actors. Ransomware, a type of malware that locks a device and requires payment to regain access to files, is increasingly being used to monetize malware.
The following tips can help reduce the potential release of malware into your computer or network:
- Keep security patches and anti-virus signatures up to date
- Only open email or instant message attachments that are expected and come from a trusted source
- Have email attachments scanned by anti-virus programs prior to opening
- Delete all unwanted messages without opening
- Do not click on web links sent by an unknown party
- If a person on your 'Friends List' is sending strange messages, files or website links, terminate your instant message session immediately
- Scan all files with an Internet Security solution before transferring them to your system
- Only transfer files from a well-known source
SECURING WIRELESS NETWORKS
Follow these tips to protect your home wireless network as well as accessing wireless networks when traveling:- Change the default username and password on your wireless router. Fraudsters and hackers can obtain this default information with a simple Google search.
- Turn on all security features, enabling WPA2 security at a minimum, on your wireless router. Create a key or password that will be difficult to guess. A longer password results in stronger encryption which masks the transmitted data.
- When connecting to a public wireless network, do not access any website that would require you to input sensitive information. These wireless networks, while convenient, typically do not have any security enabled. Use these networks with extreme caution.