A CYBERSECURITY GUIDE for Financial Institution Customers
A CYBERSECURITY GUIDE for Businesses
How can you protect your identity and accounts?
Bay Port State Bank takes our responsibility to protect your financial assets and safeguard the confidentiality of your personal information very seriously. Please be assured that Bay Port State Bank’s systems, website, and customer financial data is secure.
- Never give out personal or account information (unless initiated by you).
- Keep the software on your personal computer up to date. Make sure Windows, Java, Adobe Flash and Adobe Reader are always on the latest version. If you do not need Java, uninstall it.
- Install Antivirus software and keep it up to date. Some common recommended brands include Norton and BitDefender.
- Before downloading files on your personal computer, verify the source and make sure your antivirus software scans the files before opening them.
Learn more about common scams and what you can do protect yourself by clicking on the information below.
Phishing scams are typically fraudulent email messages appearing to come from legitimate enterprises (e.g. your Internet service provider, your bank, your university,). These messages usually direct you to a spoofed website or otherwise get you to divulge private information (e.g., passphrase, credit card, or other account updates). The perpetrators then use this private information to commit identity theft.
Bay Port State Bank and other reputable organizations will never use email to request that you reply with your passphrase, Social Security number, or confidential personal information. Be suspicious of any email message that asks you to enter or verify personal information, through a website or by replying to the message itself. Never reply to or click the links in a message. If you think the message may be legitimate, go directly to the company’s website (i.e., type the real URL into your browser) or contact the company to see if you really do need to take the action described in the email message.
When you recognize a phishing message, delete the email message from your Inbox, and then empty it from the deleted items folder to avoid accidentally accessing the websites it points to.
Phishing messages often contain clickable images that look legitimate; by reading messages in plain text, you can see the URLs that any images point to. Additionally, when you allow your mail client to read HTML or other non-text-only formatting, attackers can take advantage of your mail client’s ability to execute code, which leaves your computer vulnerable to viruses, worms, and Trojans.
Unfortunately, phishing emails are not the only way people can try to fool you into providing personal information in an effort to steal your identity or commit fraud. Criminals also use the phone to solicit your personal information. This telephone version of phishing is sometimes called vishing. Vishing relies on “social engineering” techniques to trick you into providing information that others can use to access and use your important accounts. People can also use this information to pretend to be you and open new lines of credit.
If you receive an email or phone call asking you to call and you suspect it might be a fraudulent request, look up the organization’s customer service number and call that number rather than the number provided in the solicitation email or phone call.
Like email spoofing, website spoofing is used to make people believe that they are interacting with a trusted, legitimate company or person.
You can’t tell if a website is real just by looking at the pages since it is very easy for scammers to simply copy the real websites content. You need to look at the web URL to be sure that you are on the real website.
Some computer viruses now have remote administration capabilities allowing a hacker to control the victim’s computer. Many times, a file must be opened on the victim’s computer before the hacker can gain access to it. These are generally sent through email,file sharing software, and through internet downloads. They are usually disguised as a legitimate program or file. Sometimes malware will display a fake error message when opened, to make it seem like it didn’t open and some will even disable your antivirus software.
Make sure your antivirus software is up to date. Make sure 3rd party software is up to date like Java, Adobe Flash and Adobe Reader. Do not run or open any software that you are unfamiliar with before talking to a professional.
Here is a list of possible indicators that your computer may be infected with remote access tool malware:
- Mouse cursor moves erratically with no input from user
- Web camera light (if equipped) unexpectedly turns on when web camera is not in use
- Monitor turns off while in use
- Usernames and passwords for online accounts have been compromised
- Unauthorized logins to bank accounts or unauthorized money transfers
- Text-based chat window appears on your computer’s desktop unexpectedly
- Computer files become encrypted and ransom demand is made to unlock files.
If you have any of the above symptoms or suspect that you may have a computer virus contact your antivirus software company, local ISP, or a local computer professional as soon as possible.
If you want to further educate yourself on common scams and hoaxes or if you believe that you are a victim of cybercrime or identity theft visit the FTC Consumer Information website below.