Security The security of your personal and financial information is a top priority at Frontier Community Bank. We employ multi-layered security measures both in our offices and within our Online Banking systems to keep your information safe and sound. As a part of providing this security we will keep you up to date and informed of new and ongoing fraud issues as well as provide you with ways to protect yourself. FRAUD RISKS There are many ways in which criminals attempt to gain access to your sensitive personal and financial information such as Social Security Numbers, Credit/Debit Card numbers, Account Numbers and account access information such as Online Banking IDs and passwords. Here are the primary examples of ongoing fraud today: PHISHING Phishing is a criminally fraudulent attempt to obtain sensitive information from an individual or business through email. Criminals often send email requests appearing to be from a legitimate organization such as a bank or merchant. These emails often include copies of the company’s logos along with other commonly appearing information from the company’s website to make the email look more realistic. The emails will usually state that the organization requires updated personal and/or financial information to prevent an account from being closed or frozen, using fear and anxiety as their primary tool to steal your information. These emails will contain a link or an attachment for you to click on directing you to a fake webpage where you would enter your information and possibly download a KeyLogger virus onto your computer. SMISHING Smishing is the process of using a cell phone text message to deliver the same style request as with phishing for the immediate need to provide personal information to prevent a negative consequence. As with Phishing, the criminals use fear and anxiety as their primary tool to steal your information. Some texts direct you to a website; many have you call an automated voice response system. Just as with Phishing, no reputable business will ever request that you update or provide sensitive personal information over the phone. VISHING Vishing is the process of directly calling individuals, often through automated means, to request the immediate need for information to prevent negative consequences. SOCIAL ENGINEERING Social Engineering is the art of manipulating people into actions they would not normally take. It preys on qualities of human nature such as fear of inconvenience or of getting in trouble, and the desire to help someone. KEYSTROKE LOGGING Keystroke logging is a method criminals use to record your actual keystrokes and mouse clicks. Keyloggers are Trojan software programs that target your computer’s Operating System, (Windows, MacOS, etc) and are installed onto your computer through a virus. These viruses are exceptionally dangerous because they allow criminals to access anything you have typed on your computer. Frequently, this would be your login IDs and Passwords as well as card data and account numbers. Here are some tips to avoid becoming a victim of one of these practices Remember, no reputable business will ever request that your update or provide sensitive personal information such as Social Security Numbers, Account or Card numbers or Passwords through email, a link to their website, by phone or by text. Never click on a link or attachment within an email from a business requesting sensitive personal information. Verify the URL (Internet Address) is correct for the site you are visiting. Hovering over a link within an email with your cursor will display the web address, eliminating the need to click on the link. When in doubt, call the business directly using the phone number found on a periodic statement or bill or a phone number found in your phone book, not one provided within an email. No matter how much the email, phone call or text message urges you to do something “immediately,” take a few minutes to think about the request. Does it make sense in relation to the business you do with that bank or business? Be aware of how much information you share about yourself through Social Networking sites such as Facebook and Twitter. You may be inadvertently supplying criminals with information regarding your lifestyle and habits. Use up to date firewalls, anti-virus software and anti-spyware software to protect your computer. It is vital to keep your anti-virus up to date at all times due to new and evolving threats. Keep your Operating System and other computer applications, including your Internet Browser, up to date with the latest updates and security patches. Be careful when downloading files, installing software or opening email attachments from unidentified or unknown sources. COMPUTER AND INTERNET SECURITY TIPS Computer usage and online transactions have become a normal way of life. Here are some tips to help keep you and your computer safe: Keep your computer system and applications up to date. For example, Microsoft Windows updates frequently include patches and updates to fix existing security issues and help prevent new issues from forming. Keep your internet browser (Internet Explorer, Firefox, etc) updated. New versions of Internet Browsers have the latest and most up to date safety feature to protect you from dangerous programs such as spyware and viruses. Use anti-virus and anti-spyware software on your computer. These programs are important tools used to help prevent your computer form being infected by viruses, spyware, malware including keystroke loggers. It is essential that these programs stay up to date to ensure that they are looking for the newest threats. Always log out of websites properly by using the appropriate Exit or Logout option on the webpage. Simply closing out the Internet Browser window may not terminate your connection to the website you were using allowing someone to follow behind you and access the webpage with your login credentials. Use public computers such as those found in your local library with caution. Public computers may not be as secure as your personal computer, and your usage history such as websites visited may be tracked. If you decide to use a public computer you should delete your browsing and usage information. You can do this by deleting the cache (temporary memory) on the computer you are using. You can access instructions on how to delete cache through the Internet Browser’s “Help “section. Determine the security level of a Wi-Fi connection before using it to conduct online purchases and account viewing. Wireless routers within your home should be password protected to prevent unknown individuals from using your connection. Watch for suspicious sites. Criminals will often create a copy cat site that looks like the legitimate website of a business or financial institution. To ensure you are visiting a legitimate website, consider manually typing in the business’ web address directly into your Internet Browser or using a Bookmark that you have previously created. Many times the fake web address will be slightly different than the correct address. For example: Legitimate URL: www.mybankpage.com Fake URL: www.mybnkpage.com When providing sensitive personal or financial information such as a Credit or Debit Card number or your Social Security Number, always be sure the site uses a secure method of communication. One way to determine if an site is secure is to look for a padlock icon generally located at the bottom of the webpage or beside the URL bar at the top of the webpage. Double clicking on the icon will bring up a pop up window with information about the website. This information should match the website you are visiting. PASSWORDS & PERSONAL IDENTIFICATION NUMBERS (PINs) The first level of security for many transactions is your Password or Personal Identification Number (PIN). It is essential to create strong Passwords and PIN sand keep them secure. Here are some tips on creating Passwords and PINs keeping them secure: When creating a Password or PIN do not use any part of your Social Security Number, birth date, family names (including Mother’s Maiden Name), address, phone number or anything that could easily relatable to you. A strong Password will contain numbers, letters and special characters (if allowed). Even if it’s not required by the website, change your Passwords periodically. Create a different Password for each website you use. If you must write down a Password or PIN, keep it in a secure location. Never write the PIN for your Credit or Debit Card on the card or keep it together with the card. Disable Auto-Complete/Password Remembering options on your computer. Using these options could allow anyone to sit down at your computer and instantly access your information. FRONTIER COMMUNITY BANK’S ONLINE BANKING Frontier Community Bank uses multi layered security for its Online Banking. Our online pages contain an image that you have selected to help verify that you are on the authentic Frontier Community Bank Online Banking site. This is an anti-phishing tool for our customers. Never enter your password if the image is missing or incorrect. The Bank uses a firewall as second level of protection. Only verified users are allowed through the firewall. You are requested to verify certain information through the form of security questions you have chosen and answered during your initial online banking setup. All activity passing through the firewall is recorded for further review as well. The third level of protection the Bank uses is encryption. Encryption is the coding or transformation of the data into a secret formula that must be decoded on the other end using the same formula. 128-bit SSL encryption is a standard used by Internet Technology because of its strength and security. Encryption ensures that the sender and the receiver are the only one interpreting the exchanged information. Frontier Community Bank complies with Federal and State laws, regulations and government banking guidelines to protect our physical locations and our Online Banking.