Best Practices Guide to Electronic Banking

Similar documents
Web Cash Fraud Prevention Best Practices

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?

Identity Theft, Fraud & You. PrePare. Protect. Prevent.

FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?

MOBILE BANKING USER GUIDE. ftrst Ctty BanK lwgb)( S,mb. Colfflt1111l)'

Mobile Banking User Guide

Fiserv, Inc. or its affiliates. All rights reserved. This work is confidential and its use is strictly limited. Use is permitted only in

Octopus Online Service Safety Guide

7. How do I obtain a Temporary ID? You will need to visit HL Bank or mail us the econnect form to apply for a Temporary ID.

mobile banking user guide

Mobile Banking Frequently Asked Questions

South Central Power Stop Scams

Well north of your expectations. TM. NSB Mobile MOBILE BANKING USER GUIDE

Business Online Banking & Bill Pay Guide to Getting Started

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

Personal Online Banking & Bill Pay. Guide to Getting Started

Century Bank Mobile. Android and iphone Application Guide

Frequently Asked Questions (FAQ)

Guide to Getting Started. Personal Online Banking & Bill Pay

Mobile Banking Online Banking Features Dashboard Pending Transactions Account Export Bill Pay Online Bill Pay

Identity Theft Prevention Policy

IMPORTANT SECURITY INFORMATION PHISHING

The BUSINESS of Fraud. Don t let it put you out of business. AFFILIATE LOGO

Security Awareness & Best Practices Best Practices for Maintaining Data Security in Your Business Environment

FAQ: Privacy, Security, and Data Protection at Libraries

Regulator s Perspective of Best Practices in Combatting Cybercrime Executive Fraud Forum October 30, 2013

ECDL / ICDL IT Security. Syllabus Version 2.0

Target Breach Overview

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

Capital Bank Express User Guide. The Tech Behind the Money

CLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies

First Republic Bank Corporate Online User Guide

Business ebanking User Guide May 2015

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

FAQ. Usually appear to be sent from official address

Safety and Security. April 2015

Retail/Consumer Client Internet Banking Awareness and Education Program

huntington Business security suite user guide

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

9/11/ FALL CONFERENCE & TRAINING SEMINAR 2014 FALL CONFERENCE & TRAINING SEMINAR

NOT-FOR- PROFIT SERVICES GROUP Client Information Bulletin

Internet Quick Start Guide. Get the most out of your Midco internet service with these handy instructions.

FFIEC Guidance: Mobile Financial Services

January 23, Online Banking Risk Management: A Multifaceted Approach for Commercial Customers

Easthampton Savings Bank Online Business Banking User Guide

Mobile Banking FAQ. 1 P a g e 1 0 / 1 9 /

Mobile Banking Guidelines

SECURE USE OF IT Syllabus Version 2.0

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core

/ 1. Online Banking User Guide SouthStateBank.com / (800)

Employee Security Awareness Training

1) Are employees required to sign an Acceptable Use Policy (AUP)?

How Cyber-Criminals Steal and Profit from your Data

The Bank of East Asia, Limited, Macau Branch BEA Macau iphone Application FAQs for Mobile Banking Service (for iphone, ipod touch, and ipad users)

Cyber security tips and self-assessment for business

/ 1. Online Banking User Guide SouthStateBank.com / (800)

Consumer Banking User Guide. Getting Started

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

ONLINE BANKING Frequently Asked Questions

CIBC FirstCaribbean Mobile App. FREQUENTLY ASKED QUESTIONS (FAQs)

Seattle University Identity Theft Prevention Program. Purpose. Definitions

Online Security and Safety Protect Your Computer - and Yourself!

Financial scams. What to look for and how to avoid them.

Red Flags/Identity Theft Prevention Policy: Purpose

NetTeller Online Banking Functionality Training Guide

CoreFirst Bank & Trust

Online Banking & Bill Pay

Guide to Personal Online Banking. Great Things Happen!

University of North Texas System Administration Identity Theft Prevention Program

ONLINE BANKING USER GUIDE GuarantyBankCO.com

HELPFUL TIPS: MOBILE DEVICE SECURITY

FREQUENTLY ASKED QUESTIONS

Red Flag Policy and Identity Theft Prevention Program

Chapter 16: Advanced Security

FORUM Business Online Banking

Security We keep your security a priority

Agreements & Contracts: Electronic Documents User Agreement CUSTOMER SERVICE SKOWHEGAN SAVINGS

Your Online & Mobile Banking Guide

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

ASSESSMENT LAYERED SECURITY

Local. Responsive. Reliable.

Mobile Banking with Mobile Deposit FAQs

Welcome to First Security Mobile

Phishing Read Behind The Lines

Checklist: Credit Union Information Security and Privacy Policies

Identity Theft Prevention Program. Effective beginning August 1, 2009

Welcome to Cogeco UltraFibre Internet. UltraFibre Internet User Guide

PCI Compliance. What is it? Who uses it? Why is it important?

ELECTRONIC BANKING & ONLINE AUTHENTICATION

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

Lusitania Savings Bank Retail Internet Banking Terms and Conditions

Quick Heal Mobile Security. Free protection for your Android phone against virus attacks, unwanted calls, and theft.

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Payment Card Industry (PCI) Data Security Standard

Online Services USER GUIDE. First Time Log In

ANDROID PRIVACY & SECURITY GUIDE ANDROID DEVICE SETTINGS

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

Regulation P & GLBA Training

Course Outline (version 2)

Online Services User Guide

Transcription:

Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have relied upon Electronic Banking. As Online Banking and Mobile Banking usage increases, so will the instances of fraud. Therefore, the need for controls to minimize risks and to prevent and detect fraudulent activity is critical. Below is a Best Practices Guide that can protect you against fraud associated with Electronic Banking. User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special characters. Change your password frequently. The Bank requires password changes at least once a year. Never share username and password information with third-party providers. Bank employees will not, under any circumstance, ask for password information via telephone or email. If this information is needed we will ask you to come to one of our convenient locations. Avoid using an automatic login feature that saves usernames and passwords. General Guidelines Page 1 of 7

Do not use public or other unsecured computers for logging into Online Banking. Check your last login date/time every time you log in. This can be found at the very top of your Account Overview Screen. Review account balances and detail transactions regularly (preferably daily) to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution. View transfer history available through viewing account activity information. Whenever possible, use Bill Pay instead of checks to limit account number dissemination exposure and to obtain better electronic record keeping. Take advantage of and regularly view system alerts; examples include: Balance alerts Transfer alerts Password change alerts ACH Alerts (for cash management users) Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles. Whenever possible, set your Internet Options to not delete browsing history on exit to avoid having to re-enter the security code and other authentication information with each login. Review historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data. Never leave a computer unattended while using Online Banking. Never conduct banking transactions while multiple browsers are open on your computer. If you notice any suspicious account activity or experience any issues with Online Banking you may contact the E-Banking Department at 318-357-3730. If your mobile device is lost or stolen you can disable or deactivate the device by logging in to the Mobile Banking Center, found under administration tab on your Online Banking page. You can contact your mobile carrier to disable the mobile device or you can contact a representative at City Bank & Trust Co. Tips to Protect Online Payments & Account Data Page 2 of 7

Take advantage of transaction limits. Establish limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits. When you have completed a transaction, ensure you log off to close the connection with the financial organization's computer. Use separate accounts for electronic and paper transactions to simplify monitoring and tracking any discrepancies. Reconcile by carefully monitoring account activity and reviewing all transactions initiated by your company on a daily basis. Account Transfer Use limits provided for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits. Review historical and audit reports regularly to confirm transaction activity. Utilize available alerts for funds transfer activity. Warning Signs of a Potentially Compromised Computer System Inability to log into online banking Dramatic loss of computer speed Changes in the way things appear on the screen Computer locks up so the user is unable to perform any functions Unexpected rebooting or restarting of the computer Unexpected request for the one-time security code Unusual pop-up messages New or Unexpected toolbars and/or icons Inability to shut down or restart the computer Protections provided under Regulation E Electronic Funds Transfer Act: Page 3 of 7

Customers should review their monthly account statement for possible errors with electronic funds transfers as they would with any other type of transaction. Should a customer notice that there has been an error in an electronic fund transfer relating to their account certain steps must be taken. Please note that Regulation E is only applicable to retail (non-commercial) customers. Under the Act the Customer must: Write or call the financial institution immediately if possible. You may contact our Bookkeeping Department at 318-357-3719. Must be no later than 60 days after we sent you the first statement on which the unauthorized transaction, problem or error appeared Give us your name and account number Explain the error or the transfer you are unsure about, the type, dollar amount and date Under the Act the bank must: Promptly investigate the error and correct any error. If this takes more than 10 business days to do this. The bank will re-credit your account for the amount you think is in error. Must notify you of the results of investigation: o If there was error correct it or make re-credit final o If no error explanation in writing, notify customer of deducted re-credit Below are specific guidelines for our Commercial Online Banking customers: City Bank & Trust Company suggests that commercial online banking customers perform a related risk assessment and controls evaluation periodically to mitigate risks associated with Online Banking. ACH (Automated Clearing House Batches) Use pre-notification transactions to verify that account numbers within your ACH payments are correct. Page 4 of 7

Use limits for monetary transactions at multiple levels: per transaction, daily, weekly, or monthly limits. Review transaction reporting regularly to confirm transaction activity. Utilize available alerts for ACH activity. Tips to Avoid Phishing, Spyware and Malware Do not open e-mail from unknown sources. Be suspicious of e-mails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials such as usernames, passwords, PIN codes, and similar information. Opening file attachments or clicking on web links in suspicious e-mails could expose your system to malicious code that could hijack your computer. Never respond to a suspicious e-mail or click on any hyperlink embedded in a suspicious e-mail. Call the purported source if you are unsure who sent an e- mail. If an e-mail claiming to be from your financial organization seems suspicious, checking with your financial organization may be appropriate. Install anti-virus and spyware detection software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product. Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software. Ensure computers are patched regularly, particularly operating system and key application with security patches. Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to your network and computers. Check your settings and select, at least, a medium level of security for your browsers. Clear the browser cache before starting an online banking session in order to eliminate copies of Web pages that have been stored on the hard drive. How the cache is cleared depends on the browser and version you are using. This function is generally found in the browser's preferences menu. Page 5 of 7

Tips to Protect Mobile Banking Users Modify the phone s settings so that only messages from authorized numbers are allowed. Place a password or PIN on the device to keep it securely locked after timing out to protect your device from unauthorized physical access. Add the City Bank & Trust short codes and customer service phone number to your contacts and only initiate SMS and phone calls from your contact list. Do not reply to SMS messages that do not exist in your contact list. Do not click on links in SMS messages unless you initiated the SMS conversation with City Bank & Trust. Do not call phone numbers not in your contact list. If you are unsure about a phone number, you may text Help to the short code and compare the phone numbers. Only call the numbers in your Help response or in your contact list to avoid vishing. Bookmark the City Bank & Trust mobile web site and only use this bookmark to access the site to avoid phishing. Avoid using unsecured, public Wi-Fi networks to access financial accounts with mobile devices. Install mobile anti-malware software to protect your device. Use complex passwords on installed applications to add another layer of security. Always use your cellular network when conducting mobile financial services. Only download apps from stores, such as Apple & Android, that are submitted and branded by City Bank & Trust. Configure remote wipe capability through Find My Phone app or other MDM software. Jailbroken devices shouldn t be used to access financial services. Take steps to know the effects modifications to the device will have on security. Finally, know that bank employees will not ask users to provide confidential information over an email or SMS message. Be aware of the security threats that come with mobile banking: Page 6 of 7

o o o Phising: Luring unsuspecting customers to provide sensitive personal information or downloading malware through an email. SmiShing: A contraction of SMS and phising, in which criminals pose as a FI and use SMS in an attempt to gain access to confidential account information. Vishing: A contraction of voice and phising, in which victims are tricked into disclosing sensitive personal information through a phone call or voice response unit. Tips for Wireless Network Management Wireless networks can provide an unintended open door to your business network. Unless a valid business reason exists for wireless network use, it is recommended that all wireless networks be disabled. If a wireless network is to be used for legitimate business purposes, it is recommended that wireless networks be secured as follows: Change the wireless network hardware (router /access point) administrative password from the factory default to a complex password. Save the password in a secure location as it will be needed to make future changes to the device. Disable remote administration of the wireless network hardware (router / access point). If possible, disable broadcasting the network SSID. If your device offers WPA encryption, secure your wireless network by enabling WPA encryption of the wireless network. If your device does not support WPA encryption, enable WEP encryption. If only known computers will access the wireless network, consider enabling MAC filtering on the network hardware. Every computer network card is assigned a unique MAC address. MAC filtering will only allow computers with permitted MAC addresses access to the wireless network. Page 7 of 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback