Customer Security

Cybersecurity Guides

A Banker's Guide to Cybersecurity

A Cybersecurity Guide for Customers

Information on Phishing

Fraudsters are always looking for ways to get your personal or financial information. When they use the Internet to do that, it's called phishing. These scam artists send e-mail or pop-up messages that might alert you to a problem with your account or state that you have a refund waiting. Some of these messages appear to come from legitimate companies. To learn more, read Internet Pirates are Trying to Steal Your Personal Financial Information.

Learn About Identity Theft

Read the Federal Trade Commission's Consumer Information on Identity Theft at http://www.consumer.ftc.gov/features/feature-0014-identity-theft.

Business Customer Awareness

Businesses are not protected under Regulation E; therefore they need to be diligent in reviewing their periodic statements. Businesses also need to have multiple controls in place to monitor their online banking account and users.

http://www.federalreserve.gov/boarddocs/supmanual/cch/efta.pdf

"The Bank will NEVER request personal information by phone, email or text message including account numbers, personal identification information, passwords or any other confidential customer information."

The Bank suggests that commercial online banking customers perform a related risk assessment and controls evaluation periodically. Please contact Donna Purser at (256) 356-5626 for a Sample Risk Assessment.

Suggested Web-Sites for Additional Information:

Consumer Awareness Information

Regulation E

  • Banks follow specific rules for electronic transactions issued by the Federal Reserve Board known as Regulation E, the rules cover all kinds of situation revolving around transfers made electronically. Under the consumer protections provided under Reg E, you may be able to recover internet banking losses according to how soon you detect and report them.
  • In general, these protections are extended to consumers and consumer accounts.

For a complete detail explanation of protections provided and not provided under regulation E, please visit the following link / links:

Community Spirit Bank recommends you consider implementing these risk control mechanisms to protect your personal banking:

Passwords

  • Avoid using personal information
  • Create a unique password for online banking that you don’t use elsewhere
  • Do not use the password auto-save feature on your browser
  • Do not share your passwords or write them down
  • Change your password periodically
  • The Bank will NEVER ask for your password

Personal Computers

  • Always sign out or log off.
  • Update software frequently and keep systems current
  • Virus software, "definitions" should be updated daily
  • Install and activate a personal firewall
  • Install and run most recent version of Antivirus software
  • Keep your operating system (OS) current
  • Activate the automatic update feature
  • Set your browser's security level to the default setting or higher

General Best Practices

  • Keep your personal information private and secure
  • Check your account balance regularly
  • Do not access your account from a public location
  • If you suspect suspicious activity, take swift action
  • Be skeptical of e-mail messages, for example from someone unlikely to send an email such as the IRS.
  • Do not open the suspicious emails and do not click on the links, should this happen, stop work and have a diagnostics performed immediately

ID Theft Tips

  • Shred receipts, statements, expired cards, and similar documents
  • Review statements promptly and carefully
  • Be positive of the identity of anyone before you divulge personal information, only if you initiate the contract
  • Periodically check your credit report

Websites

  • Check your credit report
  • Pay using credit cards
  • Shred bank account, credit card, physician and other statements with personal information
  • Never click on suspicious links
  • Only give sensitive information to websites using encryption, verified though the web address "https://" (the "s" is for secure)
  • Use social media wisely and don’t reveal too much

Mobile Devices

  • Use passcodes
  • Avoid storing sensitive information
  • Keep software up-to-date
  • Install remote wipe if the device is lost or stolen it can be cleared off

Using ATMs Safely

  • Protect your ATM card and PIN, if lost report as soon as possible
  • Choose a PIN different from your address, telephone #, and birthdate
  • Be aware of people and your surroundings
  • Put away your card and cash
  • Skimming – observe the card reader; if it appears damaged don’t use it.

• "The Bank will NEVER request personal information by phone, email or text message including account numbers, personal identification information, passwords or any other confidential customer information."

• Do not give these credentials to anyone. If you are contracted by someone who states they are calling from the Bank, or you receive an e-mail you should not give them any information. You should contact the Bank in the event you notice suspicious account activity or experience customer information security-related events.

Suggested Web Sites for additional Information: