Important Tips for Online Banking Security
Every day sees new headlines about security breeches involving online customer information or accounts. Metro Phoenix Bank makes great efforts to protect your money and information; however, many of the most important aspects of security are under only your control. The following tips are critical for protecting your accounts.
Make sure you are running an effective, up-to-date anti-virus program. An anti-virus application is a defense against all sorts of “malware” (harmful programs) that might attack your computer. It is critical to keep your anti-virus software up-to-date. Automatic updates should be enabled, and you should check periodically to ensure that you are downloading and installing the latest updates.
Patch your computer’s operating system. Computers should be configured to download and install the latest updates from the company that provides your operating system, typically Microsoft or Apple. These updates, in addition to helping your system run bug-free, also fix security problems that could be exploited by criminals to infect your computer with malware (harmful programs). Internet web browsers and other applications should also be regularly patched.
Microsoft will cease issuing security patches for Windows XP after April 8, 2014. Your computer must be upgraded to Windows 7 or 8 prior to this date if you are going to use it to conduct bank business.
Use strong passwords—passwords should combine upper and lower-case letters with numbers and symbols, and be at least eight characters. They should not be based on a word that can be looked up in a dictionary. Your banking password should be different from any other passwords you use. If you write passwords down, keep them in a secure place. Email can sometimes be used to reset passwords, and criminals frequently use hacked email accounts as a way to perpetrate fraud. Therefore, it is also important to use good email passwords.
Never give your password to anyone, including those claiming to be Bank personnel. Bank personnel will not ask you for your password, and we will never call or email you asking you to verify your login information.
You should be familiar with the appearance of the Bank’s websites and be alert to any changes. However, criminals can create sites that exactly duplicate the appearance of legitimate sites. They use a variety of means to direct victims to fraudulent websites that resemble the ones they are used to seeing.
Make sure your Internet banking website is the correct one before logging into it. Save a bookmark of the bank website and use the bookmark to access the site rather than typing it in. If you make a mistake typing in a website URL you could be directed to a fraudulent site designed to trick you into entering your login information.
Use a secure Internet router for connection to Internet banking websites. If you use WiFi, your wireless connection should use strong encryption. If your router is more than a few years old, you may need to replace it in order to have the latest encryption technology.
Do not access your Internet banking website from public WiFi networks, such as those at coffee shops or airports. Such networks may be compromised and cannot be assumed safe. Furthermore, it is possible for individuals to display fake WiFi connection spots designed to lure you into connecting through their compromised services.
If you experience odd problems, slowness, messages, or delays when logging into the banking website, it could indicate an attempt to intercept an online banking session in order to steal funds. If you experience such things, you should log out, close the browser immediately, and call the Bank. The Bank does not initiate chat sessions with customers. If anyone claiming to be with the Bank attempts to open a chat session with you, close your browser immediately, turn off your computer and call the Bank. You may occasionally encounter service error messages on the Bank website; these error messages are not an indication of account takeover unless accompanied by the other symptoms mentioned.
If you do experience anything suspicious when attempting to log in, telephone your bank rather than sending an email, in case your PC has been compromised. You should keep a copy of the Bank’s phone number written down in order to avoid possibly getting an incorrect phone number later from a fraudulent site.
Avoid posting personal information like your email address, date of birth and phone number on social network websites such as Facebook. Only accept friend requests from people you know. People asking to become friends may not be who they claim and could actually be ID thieves. Check your privacy settings carefully and make sure only people you trust can view your profile. You should also be aware of posted information that could enable unauthorized individuals to guess your security questions, such as the name of pets or a past school. Do not select security questions that can be answered based on such readily available information.
Regularly check your bank account statements for suspicious transactions. If you spot something unfamiliar, report it to the bank immediately.
Talk to us about better security. The Bank provides multiple options for increasing security. These options include requiring two people to originate funds transfers, restricting activity to certain times of day or locations, and login tokens. Depending on your level of activity, the Bank may require one or more of these options.
For maximum security, the Bank recommends using a dedicated PC used only for online banking. You should not web browse or use email from the dedicated PC, and should keep it turned off when not in use. Of course, a dedicated PC also needs to have anti-virus software installed and updated and it should receive the same security updates recommended for any other PC used for banking.
Don’t use mobile phones to access bank resources. Although Metro Phoenix Bank does not directly support mobile banking, modern smart phone browsers work identically to the ones used for PCs; therefore, it is possible to use a smart phone for banking. However, mobile security is a new area. It is still not common to run anti-virus software on a phone, and new techniques for compromising phone security are being exploited each day. Only use a secured computer for managing your bank accounts.
Consumer accounts (accounts established primarily for personal, family, or household purposes) are protected under Regulation E, which covers Electronic Funds Transfers (EFT). Non-consumer accounts are not protected by Regulation E. Computer-initiated online banking transfers are considered Electronic Funds Transfers.
Regulation E provides guidance in establishing the rights, liabilities, and responsibilities of consumers and financial institutions who use and administer electronic fund transfer systems. The term "electronic fund transfer" (EFT) generally refers to a transaction initiated through an electronic terminal, telephone, or computer that instructs a financial institution either to credit or to debit a consumer's asset account. You can notify our bank of any unauthorized use by calling 602-346-1800 or 877-281-4396. Tell us at once if you believe your online banking credentials have been lost or stolen or if you believe that an electronic fund transfer has been made without your permission.
If you tell us within two (2) business days after you learn of the loss or theft of your card or code, you can lose no more than $50.00 if someone used your card or code without your permission. If you do NOT tell us within two (2) business days after you learn of the loss or theft of your card or code, and we can prove that we could have stopped someone from using your card or code without your permission if you had told us, you could lose as much as $500.00. Also, if your statement shows transfers that you did not make, including those made by card code or other means, tell us at once. If you do not tell us within sixty (60) days after the statement was mailed to you, you may not get back any money lost after the sixty (60) days if we can prove that we could have stopped someone from taking the money if you had told us in time, If a good reason (such as a long trip or a hospital stay) kept you from telling us, we will extend the time periods.