Internet Banking Security Tips

Russian Malware Affects One Million Devices

The FBI has advised those with certain types of routers used in homes and small offices to reboot their routers in an attempt to mitigate the effects of the wide-spread "VPNFilter" malware. This may temporarily stop the malware from being activated but does not solve the problem without additional steps: Russian Malware Affecting Routers Worse than Originally Thought

Corporate Wire Scams

Metro Phoenix Bank would like to alert its customers to a type of sophisticated wire payment fraud where scammers use fraudulent information to trick companies into directing financial transactions into accounts scammers control. More information can be found here.

Guard Against Phone Porting Scams

Scammers can take ownership of your cell phone to facilitate fraud: BBB warns about cell phone porting scams

General Tips

Security breaches involving online customer information or accounts make headlines every day. Metro Phoenix Bank invests significant resources to protect your money and information; however, many of the most important aspects of security are entirely under your control. The following tips are critical for protecting your accounts.

  • Anti-Virus Programs. Make sure you are running an effective, up-to-date anti-virus program. You must make sure that it is automatically updating itself so that your protection is current. You should also ensure that your computer, smartphone and web browsers are patched with the latest security updates. 

  • Password Do’s and Don’ts. It is recommended that passwords should combine upper and lower-case letters with numbers and symbols, be at least ten characters, and should not be based on a word that can be looked up in a dictionary. Your banking password should be different from any other passwords you use. If you write passwords down, keep them in a secure place.
    Never give your password to anyone, including those claiming to be Bank personnel. Bank personnel will not ask you for your password, and we will never call or email you asking you to verify your login information

  • Be Familiar with the Bank’s Website. You should be familiar with the appearance of the Bank's websites and be alert to any changes; however, criminals can create sites that appear exactly like legitimate sites. They use a variety of means to direct victims to fraudulent websites that resemble the ones they are used to seeing. Make sure your Internet banking website is the correct one before logging into it. Save a bookmark of the bank website and use the bookmark to access the site rather than typing it in. If you make a mistake typing in a website URL, you could be directed to a fraudulent site designed to trick you into entering your login information.

  • Use a Secure Internet Router for Connection to Internet Banking Websites. If you use WiFi, your wireless connection should use strong encryption. If your router is more than a few years old, you may need to replace it in order to have the latest encryption technology. Do not access your Internet banking website from public WiFi networks, such as those at coffee shops or airports. Such networks may be compromised and cannot be assumed safe. Furthermore, it is possible for individuals to display fake WiFi connection spots designed to lure you into connecting through their compromised services.If you experience odd problems, slowness, messages, or delays when logging into the banking website, it could indicate an attempt to intercept an online banking session in order to steal funds. If you experience such things, you should log out, close the browser immediately, and call the Bank. The Bank does not initiate chat sessions with customers. If anyone claiming to be with the Bank attempts to open a chat session with you, close your browser immediately, turn off your computer and call the Bank. You may occasionally encounter service error messages on the Bank website; these error messages are not an indication of account takeover unless accompanied by the other symptoms mentioned.

    If you do experience anything suspicious when attempting to log in, telephone your bank rather than sending an email, in case your PC has been compromised. You should keep a copy of the Bank's phone number written down in order to avoid possibly getting an incorrect phone number later from a fraudulent site.
  • Avoid Posting Personal Information. Avoid posting information such as your email address, date of birth and phone number on social network websites like Facebook. Only accept friend requests from people you know. Someone posing as a person asking to become friends may actually be an ID thief. Check your privacy settings carefully and make sure only people you trust can view your profile. You should also be aware of posted information that could enable unauthorized individuals to guess your security questions, such as the name of pets or a past school. Do not select security questions that can be answered based on such readily available information.
  • Regularly Check Your Bank Account Statements. Routinely review your bank statements for suspicious transactions. If you spot something unfamiliar, report it to the bank immediately.
  • Talk to Us About Better Security. The Bank provides multiple options for increasing security. These options include requiring two people to originate funds transfers, restricting activity to certain times of day or locations, and login tokens. Depending on your level of activity, the Bank may require one or more of these options. For maximum security, the Bank recommends using a dedicated PC used only for online banking. You should not web browse or use email from the dedicated PC, and should keep it turned off when not in use. Of course, a dedicated PC also needs to have anti-virus software installed and updated and it should receive the same security updates recommended for any other PC used for banking.
  • Do Not Use Mobile Phone Web Browsers to Access Bank Resources. Modern smart phone browsers work identically to the ones used for PCs; therefore, it is possible to use a smart phone for banking. However, mobile security is a new area. It is still not common to run anti-virus software on a phone, and new techniques for compromising phone security are being exploited each day. Only use a secured computer or Metro Phoenix Bank's mobile banking application for managing your bank accounts.
  • Regulation E. Consumer accounts (accounts established primarily for personal, family, or household purposes) are protected under Regulation E, which covers Electronic Funds Transfers (EFT). Non-consumer accounts are not protected by Regulation E. Computer-initiated online banking transfers are considered Electronic Funds Transfers. Regulation E gives consumers a way to notify their financial institution that an EFT has been made on their account without their permission. You can notify our bank of any unauthorized use by calling 602-346-1800 or 877-281-4396. Tell us at once if you believe your online banking credentials have been lost or stolen or if you believe that an electronic fund transfer has been made without your permission. Telephoning is the best way of keeping your possible losses down. Failing to monitor your account activity on a regular basis and notifying the bank of any errors or discrepancies could cause you to lose all the money in your account (plus your maximum overdraft line of credit). If you tell us within two (2) business days after you learn of the loss or theft of your card or code, you can lose no more than $50.00 if someone used your card or code without your permission. If you do NOT tell us within two (2) business days after you learn of the loss or theft of your card or code, and we can prove that we could have stopped someone from using your card or code without your permission if you had told us, you could lose as much as $500.00. Also, if your statement shows transfers that you did not make, including those made by card code or other means, tell us at once. If you do not tell us within sixty (60) days after the statement was mailed to you, you may not get back any money lost after the sixty (60) days if we can prove that we could have stopped someone from taking the money if you had told us in time; if a good reason (such as a long trip or a hospital stay) kept you from telling us, we will extend the time periods.

Security Statement

Metro Phoenix Bank's Internet Banking website uses a combination of security technologies to protect data for the bank and for our customers. These include a digital ID for authenticating our website and the Secure Sockets Layer (SSL) protocol for data encryption. Once a server session is established on an SSL-secured page, communications between the user and the server are encrypted. Website traffic is monitored electronically to ensure security and detect unauthorized intrusion attempts.

Use of this Website

The following Terms & Conditions govern your use of Metro Phoenix Bank websites (, Metro Phoenix Bank Internet Banking website). "Website" refers to all Metro Phoenix Bank websites in these terms and conditions. We may revise these Terms & Conditions at any time. Users of the site will be bound by any change in terms and conditions, and so will need to visit this page on a regular basis to be made aware of any changes. By accessing this site you indicate your acknowledgement and acceptance of these terms and conditions. If you do not agree to these stated Terms & Conditions, you are not permitted to access this site or any of the pages herein.


We make our best effort to include accurate and up to date information on the Website, but we make no warranties or representations as to the accuracy of the information. You agree that all access and use of the Website and its contents is at your own risk. By using the Website, you acknowledge that we specifically disclaim any liability (whether based in contract, tort, strict liability or otherwise) for any direct, indirect, incidental, consequential, or special damages arising out of or in any way connected with your access to, or use of the Website, (even if we have been advised of the possibility of such damages) including liability associated with any viruses or malware which may infect a user's computer equipment. Each user of this Website agrees to indemnify and hold Metro Phoenix Bank, its officers, directors, shareholders, employees and agents harmless from and against all claims and expenses, including attorneys' fees arising out of the use of this Website and the content herein.

Eligibility for specific products or services referred to in this Website is subject to approval. Not all products will be available to all customers.

Email and Security

Email is not a secure means of communication. You should not send emails containing any personal, private or sensitive information that you would not want viewed by a third party, including account or social security numbers. Contact your Bank representative about how to securely send confidential information. Transmissions and communications to and from this Website, even if done through the use of a secure Internet browser, could be read or intercepted by third parties. Each user of this Website agrees that Metro Phoenix Bank will not be held liable should such an interception occur.


All information submitted to Metro Phoenix Bank via its websites shall be and remains the property of Metro Phoenix Bank. Metro Phoenix Bank shall be free to use for any legal purpose any ideas, concepts, know-how or techniques contained in information a user to this Website provides.

Copyright Notice

All information, documents and materials posted on this Website is intended for the use of Website users and may not be resold, republished, or copied, without the prior written consent of Metro Phoenix Bank. Copyright of images, text, screens and web pages appearing at this Website is owned by Metro Phoenix Bank or others as indicated. You may copy information from our Website for your personal use only, provided that each copy includes any copyright, trademark or service mark notice as they appear on the pages copied. The information and materials may not otherwise be copied, displayed, distributed, downloaded, licensed, modified, published, reposted, reproduced, reused, sold, transmitted, or otherwise used for public or commercial purposes, except as provided in these terms and conditions, without the express written permission of Metro Phoenix Bank.

Links to Third Party Websites

Metro Phoenix Bank may establish links on our Website that point to other websites operated by non-affiliated third parties. Metro Phoenix Bank has no control over any other such websites or the contents therein, and the existence of any such link shall not constitute an endorsement by Metro Phoenix Bank. Metro Phoenix Bank is not responsible for the content of other sites. Other websites may treat information they learn about you in ways that differ from Metro Phoenix Bank's policies. All user access to any of these hyperlinks is at the user's own risk, and the content, accuracy, opinions expressed, as well as other links provided are not investigated, verified, monitored or endorsed by Metro Phoenix Bank. Metro Phoenix Bank cannot be held liable for any damage done to a user's computer, such as a virus being downloaded from a link or site accessed through this Website.

Limitation of Liability

In no event will Metro Phoenix Bank be liable for any damages, including without limitation direct or indirect, special, incidental, or consequential damages, losses or expenses arising in connection with this site or use thereof or inability to use by any party, or in connection with any failure of performance, error, omission, interruption, defect, delay in operation or transmission, computer virus or line or system failure, even if Metro Phoenix Bank, or representatives thereof, are advised of the possibility of such damages, losses or expenses.

back to top