All of us at Veritex Bank are dedicated to keeping the entire Veritex online community safe, sound and secure. Should you have any questions or concerns please feel free to call us at 833-837-4839 or contact your bank officer or branch manager.
SECURING YOUR COMPUTER
- Look for software suites that are capable of threat detection and firewall analysis in addition to monitoring and scanning functions.
- Keep the software up-to-date. Most antivirus software programs allow you to setup for automatic updates. Enabling this feature will ensure you have the most current database available for threat detection.
- Familiarize yourself with the graphical user interface for your antivirus software so you can avoid falling victim to malware that tries to impersonate your security suite.
- It is important to download and install the updates for your operating system. A common technique for cyber criminals is to look for known software exploits. If you keep your system up-to-date then you will minimize your risk to these type of attacks.
- The major disadvantage to relying solely on passwords is that most users opt to use the easiest password they can, so that it is easy to remember. Unfortunately, this also means they are easy for cyber criminals to guess. Many services, including Veritex Online Banking, now also require that you receive an Out of Band code (via SMS Text or voice) as part of a Multi Factor Authentication setup. Even when added protection with Out of Band Authentication exists users should still try to set complex password.
- Complex passwords include lower case and uppercase letters, numbers and symbols. They are longer than eight characters, and do not include dictionary words.
- Aside from creating complex passwords, other password best practices you should follow include:
Don't write your passwords down and leave them in plain sight.
Set different passwords for different systems.
Don't use the "Remember Password" prompt in your browser.
Change your passwords at least every 90 days.
Take advantage of Multi Factor Authentication systems when offered.
- One of the most common reasons for not setting strong complex passwords is that users are worried that they will forget them. To help you with creating and managing your passwords, there are various password wallets available today. Like all other software, take the time to review multiple products and see which one meets your specific needs.
Locking your computer is one of the easiest ways to ensure that no one accessing your computer but you. This adds another layer of security a person must bypass in an effort to gain access to your financials.
- Protect your Network
When it comes to securing your home or business computers it all starts at the network. The network is the entry point and exit point for all the data you are sending and receiving. As such you should take some basic measures to ensure that your network is safe.
- Routers - Change the default password on your router. Most commercial and consumer routers come with default passwords attached to the Admin account. These can easily be found online and should be changed.
- Wireless - Use strong security settings such as WPA2. More advanced functions would include limiting the number of wireless devices that can connect to your network, the time of day devices can connect, and restricting the devices that can connect to known devices using MAC addresses.
- Intrusion Detection and Firewall - Commercial customers should consider implementing both a Firewall at the network level and an Intrusion Detection System. Logs for both should be regularly monitored.
- Mobile Devices
As the adoption of mobile devices continues to increase it is not surprising that we are seeing malware authors and cyber criminals increasingly target these devices. Below are some steps you can take to help protect them.
- Set a device pin that is required to unlock the device.
- Setup and know how to use features such as Find My Phone or Device, Device Wipe, Lock and Ring for cell phones.
- Consider installing security software on your device such as Antivirus and secure browsers.
- Turn off Bluetooth and wireless sharing capabilities when they are not in use.
- Exercise caution with what data is stored on the device.
- For commercial customers think about how these devices connect to your company Wi-Fi, the resources they can access, and how to segment them from other traffic.
SAFE BROWSING HABITS & IDENTITY THEFT
We have just covered how to secure your PC and network and how to take advantage of the built in security in our Online Banking system. Next we will look at some tips regarding safe browsing to help you avoid becoming a victim of Identity Theft or Online Fraud.
- Identity Theft occurs when someone illegally obtains your personal information, such as Social Security number or bank account number, and uses it repeatedly to open new accounts or initiate transactions in your name. Financial loss and damaged credit can result. While thieves can obtain personal information via online methods, the majority of identity theft occurs offline. Stealing wallets and purses, intercepting or rerouting your mail, and rummaging through your garbage are some common tactics thieves use to obtain personal information.
- As a best practice to avoid falling victim to Identity Theft you should follow the below recommendations:
- Do not open or respond to online solicitations for personal information.
- Carry only necessary identification.
- Don't provide your Social Security number as identification, unless it is truly needed to sign up for a service.
- Make photocopies of all the information you carry daily and store them in a secure location such as a safe deposit box.
- Shred financial or personal documents before discarding. Most fraud and identity theft incidences occur as a result of mail and garbage theft.
- Use paperless options such as E-Statements and Online Bill Payment whenever possible to limit your receipt of paper statements.
- Reviewing your bank accounts online frequently will help you monitor your account activity and more quickly detect any fraudulent transactions.
- Online fraud occurs when someone poses as a legitimate company to obtain personal data and illegally conducts transactions on your existing accounts. 'Phishing' or 'Spoofing' are common methods of online fraud utilizing fake email and websites, and pop-up windows to obtain sensitive information.
- Remember that Veritex Community Bank will NEVER send unsolicited email containing attachments, or require customers to send personal information to us via email or pop-up windows. Any unsolicited request for Veritex Community Bank account information you receive through emails, Web sites, or pop-up windows should be considered fraudulent and reported to us immediately.
- If you believe you have become a victim of fraud make sure to contact:
- Veritex Community Bank
- Local Police
- Federal Trade Commission
- Internet Crime Complaint Center
- The Three Major Credit Bureaus - Equifax, Experian and TransUnion
Fake emails can be easy to spot when you know what to look for. Fake emails will often:
- Ask for personal information - Be stringent with whom you share this information.
- Appear to be from a legitimate source - There may be only a slight difference from the legitimate source in relation to fonts, images, or email addresses.
- Try to get you to act IMMEDIATELY by using phrases such as "Your online bank account will be terminated unless you click on the below link to re-activate" – Veritex Community Bank will NEVER send you an email like this.
- Contain spelling and grammar errors.
- The email may contain links to counterfeit Web sites. These are often disguised by also providing links to legitimate Web sites. You should never click on a link embedded within an email. Always type the URL directly into your browser to ensure you are not being direct to an imposter website.
- Contain both fraudulent and real phone numbers. As a best practice, cross reference listed phones numbers with phone numbers in a directory.
- Check out our article on Business Email Compromise for more tips on email scams.
Aside from email phishing scams, cyber-criminals try to trick you into providing sensitive information or installing malware by getting you to click on malicious links contained on websites. These types of attacks are a little harder to detect, but there are some things you can do:
- Hover your mouse over links before clicking on them and read the URL of where the link is taking you.
- Avoid sites known for malicious content such as online gambling sites, file sharing sites and adult sites.
- Keep your browser up to date.
- When shopping online ensure that the sites check out page uses the prefix “https://”. The “s” at the end is the indication that the page is secure. Modern browsers will typically display the URL as a different color, typically green.
- Avoid using your primary email when prompted for an email address on sites such as shopping or subscription service sites.
- Never enter personal or confidential information like your social security number, unless you trust the site.
- Do not click on Pop-ups.
Social networking websites like Facebook and Twitter are services people can use to connect with others to share information like photos, videos, and personal messages. As the popularity of these social sites grows, so do the risks of using them. Hackers, spammers, virus writers, identity thieves, and other criminals are using the information they can gather from these sites. Read these tips to help protect yourself when you use social networks.
- Use caution when you click links that you receive in messages from your friends on your social website. Treat links in messages on these sites as you would links in email messages.
- Know what you've posted about yourself. A common way that hackers break into financial or other accounts is by clicking the "Forgot your password?" link on the account login page. To break into your account, they search for the answers to your security questions, such as your birthday, home town, high school class, or mother's middle name. If the site allows, make up your own password questions, and don't draw them from material anyone could find with a quick search.
- Don't trust that a message is really from who it says it's from. Hackers can break into accounts and send messages that look like they're from your friends, but aren't. If you suspect that a message is fraudulent, use an alternate method to contact your friend to find out. This includes invitations to join new social networks.
- To avoid giving away email addresses of your friends, do not allow social networking services to scan your email address book. When you join a new social network, you might receive an offer to enter your email address and password to find out if your contacts are on the network. The site might use this information to send email messages to everyone in your contact list or even everyone you've ever sent an email message to with that email address. Social networking sites should explain that they're going to do this, but some do not.
- Type the address of your social networking site directly into your browser or use your personal bookmarks. If you click a link to your site through email or another website, you might be entering your account name and password into a fake site where your personal information could be stolen.
- Be selective about who you accept as a friend on a social network. Identity thieves might create fake profiles in order to get information from you.
- Assume that everything you put on a social networking site is permanent. Even if you can delete your account, anyone on the Internet can easily print photos or text or save images and videos to a computer.
- Be careful about installing extras on your site. Many social networking sites allow you to download third-party applications that let you do more with your personal page. Criminals sometimes use these applications to steal your personal information. To download and use third-party applications safely, take the same safety precautions that you take with any other program or file you download from the web.
KIDS ONLINE SECURITY SECTION
- Set Boundaries
You should talk to your teen about what is and is not appropriate behavior on social media. You should never assume you are anonymous when you are online and there may be real world consequences for your actions.
- Accept Friend Requests Wisely
Only accept friend requests from someone you know. Social engineering attempts often begin with a friend request.
- Beef Up Security Settings
Help your teens setup enhanced security on the social media accounts. This will help prevent anyone from gaining access who is not supposed to.
- Ban Provocative Images
Suggest they use the “Would I want my parents/grandparents/teacher to see this?” test before they post any pictures online.
- Remember, You Can’t Take It Back
Once something is online, it is there permanently. Even if a picture or message is deleted by the user, it can be cached and stored on servers that you can’t access.
- Tell The Cyberbully to Stop
Empower your child to stand up for themselves by telling the bully to stop. The cyberbully probably already knows the behavior is unwanted but this is still an important step.
- Two Wrongs Don’t Make a Right
Make it clear that being cyberbullied does not give your child an excuse to retaliate.
- Save The Evidence
In case the cyberbully does not stop, save every contact with the cyberbully. Use screen shots to record the evidence. The “Snipping Tool” that comes with all Windows operating systems is a great way to do this. It can be found in the Accessory folder under the start menu.
- Consider Using Blocking Features
All social media sites offer a Block feature to stop unwanted contact. Most also have a Report function so that unacceptable behavior can be reported to the site’s administration for review.
- Never give out personal information
- Keep your password protected at all times
- Don’t trust people in chat rooms
- Keep your friends and family close
- Don’t meet in person
- You don’t have to respond
- Only open emails from people you know
- Have parents check chat rooms first