Banks Invest Substantially in Security Technology and Training

Lawmakers, regulators and the banking industry have forged substantive standards for safeguarding customers’ “nonpublic personal information.” Security programs developed from these standards are designed to

• Ensure the security and confidentiality of customer information
• Protect against any anticipated threats to the security of customer information
• Protect against unauthorized access that would result in substantial harm or inconvenience to any customer.

Uniform examination procedures are in place to monitor and enforce these standards, and bank examiners regularly go on-site to assess how bank security measures are being implemented, understanding that each bank has a different menu of products and services, and therefore differing security requirements. For example, a federal regulator will typically review a bank’s internal controls and policies, with a view to establishing whether the institution considered the following controls, and adopted those it considered appropriate:

• Access controls ensuring customer information can be accessed only by authorized persons.
• Physical restrictions and computer facilities that permit access to authorized persons only.
• Data Encryption of electronically transmitted and stored customer information.
• Modification procedures to ensure that changes are consistent with the approved security program.
• Dual control procedures, segregation of duties, and employee background checks.
• Monitoring procedures to detect actual and attempted intrusions into customer information.
• Response programs specifying actions to be taken by specific individuals when the institution suspects unauthorized access.
• Environmental hazard protections against physical damage or technology failures.

Banks Partner With You, the Customer

Lone Star Capital Bank has security measures to protect your account information, but they can’t be effective without your help and cooperation. After all, the gold in Fort Knox won’t be safe if someone leaves the back door open! And that’s an analogy that works for your computer. Many account hijacking attempts come as a result of hacking into individual user accounts, and from there electronically breaking into the bank using your information and security codes!

Some common sense and easily implemented precautions can help you safeguard your personal information from identity theft and account fraud:

• Strong Passwords–Security begins with a strong password, which only you know. Experts advice a combination of letters and numbers, and advise against using easily guessed passwords such as birthdays or home addresses.
• Anti-Virus Protections–Make sure the anti-virus software on your computer is current and scans your email as it is received. This simple step is critical to your personal safety and security when online.
• Email Safety–Email is generally not encrypted so be wary of sending any sensitive information such as account numbers or other personal safety and security when online.
• Sign Off and Log Out–Always log off by following the bank’s secured area exit procedures to ensure the protection of your personal information.
• Don’t Get Phished–Crooks are always trying to get your personal information, and they employ some ingenious methods. Don’t respond to any unusual email requests for personal information–when you opened your bank accounts you already gave it. When in doubt, call your bank.
• Monitor Your Accounts–When you check your accounts regularly, you can let your bank know immediately if you encounter anything that does not seem right. Doing this has the added benefit of keeping you aware of recurrent transactions going through your account for services you no longer use, such as a gym membership or club.

Some bank security experts now recommend that businesses use a dedicated computer for online transactions. This advice can be weighed against the convenience and cost savings of having access to online banking, versus time spent on the phone or traveling to and from a bank to conduct your business, say these experts. Several guidelines for businesses might also work well for you, too:

• Email Confirmations – See if your bank can send email confirmations of online transactions to provide you with an early warning of any fraudulent activity.
• End of Day Balances – Automated Clearing House (ACH) transactions are not usually completed until the next business day. If you catch a fraudulent transaction at the end of a business day, you may be able to cancel it before any funds are transferred.
• Don’t “Friend” Strangers – Beware of “friending” strangers on social networking sites, because they could be scammers. Scammers know that your guard goes down when you are on Facebook, Myspace, etc.

Understanding what criminals are trying to do over the Internet is the first step to a good defense.

Most electronic fraud falls into one of three categories. Experts advise: understand these to understand how best to protect yourself.

• PHISHING – Fraudulent emails purporting to be from your bank or similar trusted source lures you to a copy cat website (one that may look just like your bank’s site). Once there you are instructed to “verify” certain personal information, which is then used to hijack your accounts and your identity. If you receive a suspicious email, delete the message and call your bank to inform them of the email.
• PHARMING – Also called “domain spoofing,” this cyber crime intercepts internet traffic and re-routes it to a fraudulent site. Once there, the victim is asked to enter personal information, just as with Phishing.
• MALWARE – This is software designed to infiltrate or damage a computer system without the owner’s knowledge. Examples of malware (malicious software) include computer viruses, worms, Trojan horses, spyware, and adware.

Partnering for online security

Online banking has grown rapidly into a major new way to bank. Some surveys show that more people prefer to bank online than in the traditional ways. This phenomenal growth has been accompanied by increases in the safety and security measures undertaken by banks and their customers. But cyber-criminals are always looking for new ways to electronically break into the bank and steal your money.

Safe online banking depends on continuing and strengthening this partnership for safe online banking:

Banks invest substantially in  your security

Lawmakers, regulators and the banking industry have forged substantive standards for safeguarding customers’ personal information.

Uniform examination procedures are in place to monitor and enforce these standards, and bank examiners regularly go on-site to assess how bank security measures are being implemented, understanding that each bank has a different menu of products and services, and therefore differing security requirements. Some of the areas they look at include:

• Access controls ensuring customer information can be accessed only by authorized persons, including the use of multi-factor authentication when warranted.
• Physical restrictions at computer facilities that permit access to authorized persons only.
• Data encryption of electronically transmitted and stored customer information.
• Modification procedures to ensure that changes are consistent with the approved security program.
• Dual control procedures, segregation of duties, and employee background checks.
• Monitoring procedures to detect actual and attempted intrusions into customer information.
• Response programs specifying actions to be taken by specific individuals when the institution suspects unauthorized access.
• Environmental hazard protections against physical damage or technology failures.

Banks partner with you, the customer

Your bank has security measures to protect your account information, but they can’t be effective without your help and cooperation. Many account hijacking attempts come as a result of hacking into individual user accounts, and from there electronically breaking into the bank using your information and security codes.

Some common sense and easily implemented precautions can help you safeguard your personal information:

• Strong passwords -advise against using easily guessed passwords such as birthdays or home addresses.
• Anti-virus protections -Make sure the anti-virus software on your computer is current and scans your email as it is received.
• Email safety -Email is generally not encrypted so be wary of sending any sensitive information such as account numbers or other personal information in this way.
• Sign off and log out -Always log off by following the bank’s secured area exit procedures.
• Don’t get phished -Crooks are always trying to get your personal information, and they employ some ingenious methods. Don’t respond to any unusual email requests for personal information.  You already gave that information when you opened your bank accounts. When in doubt, call your bank.
• Monitor your accounts -When you check your accounts regularly, you can let your bank know immediately if you encounter anything that does not seem right.

Helpful Hint: Studies show that those who monitor their accounts online often detect fraud earlier than those who rely solely on paper statements.

Free credit reports your best tool

When it comes to guarding against cyber-fraud, one of the most important tools at your disposal is your credit report. It details all of your credit transaction accounts and will be the first place that unusual charges or entirely new accounts will appear. And you can monitor your report for FREE.

Since Federal law permits consumers to obtain a free report annually from each of the three major credit reporting agencies, cyber-security experts advise that you to get a free report from a different agency every four months. Doing so will allow you to monitor your personal online security all year long.

To order your free credit report, go to the only authorized source :

Online

1-877-322-8228

Online and mobile threats

Cyber-fraudsters want to earn their money the easy way-by stealing yours.

Understanding how criminals try to trap you is your first line of defense:

• Phishing -This is the criminal attempt to steal your personal information through fraudulent emails or smart-phone texts. They are often very believable, luring the victim to a site that asks them to provide (or “verify”) personal financial details such as account numbers and social security numbers. A variation is called Spear Phishing, which are electronic messages that appear to come especially to victims from their employer, usually a large corporation. Cyber-security experts often term the mobile phone version of phishing Smishing, playing off the SMS, or Short Message Service terminology used in text messaging. Remember: your bank will not send emails asking for your personal information-they already have it.
• Card Skimming -This is a criminal’s attempt to gain a victim’s personal information by tampering with ATM machines. Fraudsters set up a device that can capture magnetic stripe and keypad information, such as PINs and account numbers. Using ATMs you know and trust-as well as examining the machine closely-can help thwart this type of theft.
• Spyware -This is the term used for criminal software that a victim unknowingly loads on a personal computer. Once there, the spyware collects personal information and sends it to the criminal. Up-to-date security software is the best defense.
• Social Engineering -a technique used by cybercriminals to manipulate people into divulging confidential information or performing actions that compromise security.
• Business Email Compromise -is a type of email cybercrime where attackers trick individuals or organizations into sending money or divulging sensitive information.

Helpful Hint: Cyber-criminals often prey on those who are most vulnerable, such as senior citizens or young adults, who may not be as aware of the technical aspects of the threats. Make sure you alert any friends or family members who might be in this category. They’ll appreciate it!

Resources

• Internet Crime Complaint Center
• Consumer Fraud (Department of Justice Homepage)
• Federal Trade Commission (FTC) Consumer Response Center
• Consumer Guides and Protection
• Financial Fraud Enforcement Task Force
• On Guard Online

There are several software security packages that offer protection for
all your interconnected internet devices including your wireless router.
Here are the first steps that are essential to an integrated approach to
secure your internet devices.

Passcodes and Passwords:
Internet device suppliers allow you to reset passcodes or passwords.
The strongest passwords use a combination of letters (upper and
lower case), numbers and symbols and should be at least 10
characters in length to provide the best protection. Importantly, each of
your devices requires a separate password — that way if one device is
lost, stolen or compromised then not all are affected.

Key Point – Never allow your passwords to be remembered by your
browser software!

Security Software:
Purchase and install software that detects, prevents and removes all
viruses, malware or spyware found on your internet devices. Many
manufacturers offer an entire suite of anti-virus security software to
protect all your devices. Just remember that different internet devices have different operating systems — one security solution may not protect all your devices.

Key Point – Each device requires specific security software protection!

Software Updates:
Manufacturers of internet devices update their software constantly to
provide faster service and more secure products. Some of these
software updates provide a needed fix for security weaknesses — so
sign up with the software manufacturer to receive any updates
automatically and install them on a regular basis.

Key Point – Software updates provide the best defense against online
threats!

Wireless Networks:
Your home network connects to the internet using a router that comes
with a default user ID and a pre-set password from the manufacturer.
Reset the manufacturer settings for both immediately. The router ID
renamed by you and a strong password are essential protections for a
home router. Choose the highest level of security available for your
router and activate it. Also, enable the pre-installed firewall protection hardware for added safety.

Key Point – The router serves as the pathway to the internet for all
your devices!

Security experts have developed best practices for everyone to follow
when using any internet device.

1. Wi-Fi hotspots that are public and shared by many users are not
secure.
2. Always log off by following the financial institution’s secured area
exit procedures.
3. Back up your data regularly to your personal cloud storage
account or external hard-drive.
4. All your internet devices should auto-lock with a short time period.
5. When not in use shutdown or turn off your devices.
6. Enable each device to have your data erased or wiped remotely.

The ability to conduct safe online banking, purchase things and remotely
access, monitor and control home appliances through internet devices
offers great convenience for everyone.
In the coming years experts predict rapid growth in the number of
interconnected things — doubling by 2020. Make internet device security
your number one priority!

1. Stopthinkconnect.org
2. Federal Trade Commission: www.ftc.gov
3. Identity Theft Resource Center: www.idtheftcenter.org
4. Federal Deposit Insurance Corporation: www.fdic.gov
5. National Credit Union Administration: www.ncua.gov
6. On Guard Online: www.onguardonline.gov
7. Financial Fraud Enforcement Task Force: www.stopfraud.gov