It seems like there’s always a new data breach or hacking technique of some kind in the news. As technology and internet play a growing role in our daily lives, it’s important that we keep our personal and financial information safe.
Security is an essential part of what we do as a bank, but it’s more than just keeping money locked in a vault. It’s about keeping our customers’ financial information safe, too.
October is National Cybersecurity Awareness Month. Here at First National Bank, it’s Cybersecurity Awareness Month every month and every day. Security is an essential part of what we do as a bank, but it’s more than just keeping money locked in a vault. It’s about keeping our customers’ financial information safe, too.
When it comes to protecting our customers, we have many safeguards in place. For example, we use two remote data centers, one in Sioux Falls and one in Omaha. In July, we shared on our blog how we periodically ‘flip’ or interchange these data centers to make sure that our data is constantly secure and accessible in an emergency. We also physically secure our data hardware into secure facilities. Not only does this help secure our information during events like downtime or natural disasters, but it also prevents unauthorized hackers from accessing our hardware that houses customer data.
We also educate all of our employees with annual security trainings to explain how we all play a part in keeping our customers’ information secure. Overseeing all of our cybersecurity protection is our team of information technology professionals.
While we are invested in protecting your financial information, there are steps you can take as well.
1. Keep your passwords safe
The Federal Trade Commission (FTC) has some great tips for creating strong passwords, which ultimately help protect your identity and your privacy. A few of those tips include:
- Security Questions – use questions that only you know that answer to. Don’t use questions that could be answered with information that is available in public records (like the name of the street you grew up on, your dad’s middle name, etc.) Additionally, avoid using questions that refer to searchable information about you. If your social media accounts are publically visible, you’re potentially opening new avenues for attackers to dig up information.
- Avoid using text message two-factor authentication. Wherever possible, use a non-SMS based two-factor authentication service. Two-factor authentication involves installing an app on your smartphone to verify you are attempting to log into your account. Once enabled and linked to your service (Duo, Google Authenticator, etc.), websites will ask for some form of verification via your two-factor service. This makes you much safer, as a hacker will now require both your password and access to your two-factor service to gain access to your account.
- Password Manager – Password managers are great for storing passwords. All you need is one master password, and all of your passwords for other accounts are stored safely in one place. It’s also a good idea to make sure your family/significant other knows how to access your password vault in the event of an emergency. For example, keep your master passwords in a physically secure location – like a safe.
- Single-use passwords – Don’t use the same password for multiple accounts. If one account with a password is hacked, any account with that same password is at risk, also. Using tools like https://haveibeenpwned.com/ can help determine if your email has been affected by any publicly known compromises. If your email has been compromised, make sure you change the password.
Have you ever gotten an email from somewhere like “[email protected]” saying your Amazon account has been compromised, and you need to “click here” to reset your password? Shocker: that email isn’t from Amazon. It’s likely from someone trying to get you to follow the links and ultimately get access to the data on your computer. This is an example of a phishing attempt. When you click on a link, hackers can push code to your computer. That code can allow them to do a variety of cybercrime, including stealing sensitive data that may compromise your identity or using your machine as a backdoor to a secure network, allowing hackers to bypass security appliances like firewalls. However, there are ways to recognize these types of hacking attempts and prevent yourself from being a victim of identity theft.
- Hover over links – the link might say “click here,” but before clicking, hover over it to make sure that you’re being directed to a safe website.
- Look at the sender’s email address – if the domain (the part after the @ symbol) doesn’t match up with the name of the organization or company the sender claims to be from, it’s likely a spoof email. In these cases, the email domains usually look like they’re real because the characters are slightly altered but still appear to be from an authentic source.
- Look at the email’s text – does the message use a generic greeting like “Hello there” or “Dear customer?” If so, it’s probably bad news.
- If you receive an email that you believe to be a phishing attempt, you should delete it. If you’re on a corporate/work network, make sure you report any suspicious email to your IT department ASAP for further inspection.
- Be diligent to make sure your computer stays up to date. Microsoft pushes out monthly patches to their operating system software that fixes vulnerabilities that may expose your computer to attackers.
- Make sure you have some form of anti-virus enabled and up to date.
3. Be careful when and where you provide your financial information
- Never provide your account information and/or password over the phone or in response to an unsolicited email. We would never ask you to verify your account information or confirm a password online. However, we will probably ask you to verify your challenge questions.
- Never provide financial information over a public WiFi network. Information shared on these networks can potentially be accessed by someone else and can get into the wrong hands.
- Review account statements regularly to ensure all charges are correct. Services like ApplePay, Venmo, and PayPal have made paying with your phone as easy as a touch of button. With financial information stored on services like these, it’s important to keep a close eye on your financial accounts to make sure that you recognize all activity.
- A financial management software like Mint can help you view activity on multiple accounts like credit cards, bank accounts, etc.
- If something doesn’t look right with your account, contact us right away.