Home » Cybersecurity
Safeguarding your account information from current cyber threats is one of our top priorities. We continue to identify new tools and implement features in our online systems to assist you in ensuring that your data and assets are protected.
Although these tools and features help, you are the most critical element in the protection of your assets and account data. Please review the information provided here to learn more on how to better protect yourself from current cyber threats.
Cyber Security Tips
Remember these general rules when active in the digital world.
Common Sense: As the saying goes, if an offer seems too good to be true, then it probably is.
Don’t Be Rushed: Attackers want you to act without thinking things through. So don’t be swayed by ploys that rely on fear (of some suggested consequences) or required urgency. The attacker is simply trying to trigger your emotions to get you to act (too) quickly.
Social Media: Be careful how much information you share in your social media profiles. Attackers can use these sites to collect valuable information and use it to commit fraud on you or your family or friends. See social engineering.
Beware Attachments: Be wary of unsolicited emails containing Word and Excel attachments, especially if they require you to enable macros, as they are potentially malicious.
Email Hacks: Remember that a friend’s or family member’s email account can become compromised. If you receive a suspicious email from them, reach out to confirm whether or not it is legitimate. Attackers can “spoof” someone’s email address to appear to be from anyone they choose.
Social Engineering: Social engineering is a process by which attackers use multiple, casual, human interactions to manipulate you to get you to break from normal security precautions and divulge personal information. This is a process that requires many steps to gather personal information, piece by piece, in a more complex effort to commit fraud. Some of the most common places where attacks take place are via email, text message or even by phone.
Tech Support: Sometimes attackers will act under the guise of assistance. It begins with a phone call from an attacker who claims to be from a well‐known company and who will typically try to convince you that your computer is infected with viruses. You should hang up the phone immediately.
Other TipsRead here for some more good security tips.
Create a Strong Password
Passwords provide the first line of defense against unauthorized access to your computer. The stronger your password, the more protected your computer will be from hackers and malicious software. You should make sure you have strong passwords for all accounts on your computer.
What makes a password strong (or weak)?
A strong password:
- Is at least eight characters long. The longer the better.
- Does not contain your user name, real name, or company name. Try to be unpredictable.
- Does not contain a complete word.
- Is significantly different from previous passwords.
- Is different from other passwords. If you use the same password for many/all accounts and it's somehow stolen from you, or from a company you do business with, you are at greater risk.
- Contains characters from each of the following four categories:
- Uppercase letters (A, B, C)
- Lowercase letters (a, b, c)
- Numbers (0, 1, 2, 3, 4, 5, 6, 7, 8, 9)
- Symbols found on the keyboard and spaces (as allowed)
A password might meet all the criteria above and still be a weak password. For example, Hello2U! meets all the criteria for a strong password listed above, but is still weak because it contains a complete word. H3ll0 2 U! is a stronger alternative because it replaces some of the letters in the complete word with numbers and also includes spaces.
Help yourself remember your strong password by following these tips:
- Create an acronym from an easy-to-remember piece of information. For example, pick a phrase that is meaningful to you, such as "My son's birthday is 12 December, 2004" and, using that phrase as your guide, you might use Msbi12/Dec,4 for your password.
- Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. For example, "My son's birthday is 12 December, 2004" could become Mi$un's Brthd8iz 12124.
- Relate your password to a favorite hobby or sport. For example, "I love to play badminton" could become ILuv2PlayB@dm1nt()n.
Scammers, hackers, and identity thieves are looking to steal your personal information – and your money. But there are steps you can take to protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.
Use Security Software That Updates Automatically
The bad guys constantly develop new ways to attack your computer, so your security software must be up-to-date to protect against the latest threats. Most security software can update automatically. Set yours to do so. If you let your operating system, web browser, or security software get out-of-date, criminals could sneak their bad programs (malware) onto your computer and use it to secretly break into other computers, send spam, or spy on your online activities. There are steps you can take to detect and get rid of malware.
Don’t buy security software in response to unexpected pop-up messages or emails, especially messages that claim to have scanned your computer and found malware. Scammers send messages like these to try to get you to buy worthless software, or worse, to “break and enter” your computer.
Treat Your Personal Information Like Cash
Don’t hand it out to just anyone. Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. So every time you are asked for your personal information, whether in a web form, an email, a text, or a phone message, think about whether you really can trust the request. In an effort to steal your information, scammers will do everything they can to appear trustworthy.
Check Out Companies to Find Out Who You’re Really Dealing With
When you’re online, a little research can save you a lot of money. If you see an ad or an offer that looks good to you, take a moment to check out the company behind it. Type the company or product name into your favorite search engine with terms like “review,” “complaint,” or “scam.” If you find bad reviews, you’ll have to decide if the offer is worth the risk. If you can’t find contact information for the company, take your business elsewhere.
Don’t assume that an ad you see on a reputable site is trustworthy. The fact that a site features an ad for another site doesn’t mean that it endorses the advertised site, or is even familiar with it.
Give Personal Information Over Encrypted Websites Only
If you’re shopping or banking online, stick to sites that use encryption to protect your information as it travels from your computer to their server. To determine if a website is encrypted, look for https at the beginning of the web address (the “s” is for secure).
Some websites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, the entire account could be vulnerable. Look for https on every page of the site you’re on, not just where you sign in.
Protect Your Passwords
Don’t share passwords on the phone, in texts or by email. Legitimate companies will not send you messages asking for your password. If you get such a message, it’s probably a scam. And remember to keep your passwords in a secure place, out of plain sight.
Back Up Your Files
No system is completely secure. Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.
While we often think of identity theft in terms of “online” activities, much identity theft occurs offline. Stealing wallets and purses, intercepting or rerouting your mail, and rummaging through your garbage are some common tactics thieves use to obtain personal information.
- Carry only necessary identification
- Don't provide your Social Security Number as identification, unless it is truly needed to sign up for a service
- Make photocopies of all the information you carry daily and store them in a secure location such as a safe deposit box
- Shred financial or personal documents before discarding
Remember these tips when dealing with emails.
- Suspicious emails often ask for personal information
- Suspicious emails often appear to be from a legitimate source
- Suspicious emails often contain fraudulent job offers
- Suspicious emails often contain prize or gift certificate offers
- Suspicious emails often link to counterfeit websites (but sometimes even legitimate websites)
- Suspicious emails often contain fraudulent (but sometimes even real) phone numbers
- Email addresses are often obtained from publicly available resources or through randomly generated lists, so if you receive a fake email that appears to be from American Community Bank, this does not mean that any of your personal information has been compromised at the bank
- Delete any suspicious emails without opening them, and if you ever do open a suspicious email, do not open any attachments or click on any links
- Be sure your home and office computers have current virus protection software and update it regularly
- Keep your computer operating system and web browser current