Protect Yourself from Fraud

Whenever you access the Internet through a PC or a mobile device, you run the risk of exposing yourself and your company’s systems to online scams or unauthorized app downloads. You may be unaware information has been stolen until the money is gone from your account.

Online fraud schemes attempt to obtain confidential information—including passwords, personal ID numbers, and token codes—and use it to access your accounts, transfer money, or commit other fraudulent acts. The primary methods of online fraud are social engineering, malware, and a combination of both.

Malware is malicious software installed on your computer without your consent. Once there, it can record keystrokes, re-direct your browser, or display fake websites, all in an effort to impersonate your business in online banking transactions. Your computer can become infected with malware through documents attached to emails, links contained in emails, infected search engine results, or by clicking on links, videos, and documents on legitimate websites, particularly social networking sites.

Social engineering is an attempt to manipulate you into performing actions or divulging confidential information by impersonating a trustworthy entity in electronic communications. These communications can be sent by email (phishing) or text message (smishing).

Online Banking Guide

  • Do not use public or other unsecured computers for logging on to your online banking.
  • Check your last login date/time every time you log on.
  • Review account balances and detail transactions regularly (preferred daily) to confirm payment and other transaction data and immediately report any suspicious transactions to Heritage Bank.
  • View transfer history available through viewing account activity information.
  • Whenever possible, use Bill Pay instead of checks to limit account number exposure and to obtain better electronic record keeping.
  • Take advantage of, and regularly view system alerts such as Balance Alerts, Transfer Alerts and Password Change Alerts.
  • Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles.
  • Review historical reporting features of your online banking application on a regular basis to confirm payment and other transaction data.
  • Never leave a computer unattended while using your online banking,
  • Never conduct banking transactions while multiple browsers are open on your computer

Helpful reminders to assist you in protecting your sensitive information include:

  • Never let anyone know your PINS or passwords
  • Do not write you PINS or passwords down for someone else to find
  • Do not use the same password for all your online web accounts
  • Avoid opening or replying to spam emails, as this will give the sender confirmation they have reached a live address.
  • Don’t open an attachment from an unconfirmed sender of an e-mail
  • Please contact our Internet Banking department immediately if you feel your Heritage Bank online information has been compromised.

More Tips for Secure Online Banking

Never respond to emails that request personal information
At Heritage Bank, we would never ask for your personal details through an email. Nor would we ask for your password through any means, phone, fax or in-persons. If any of our bank personnel asks you for your password, do not disclose it and report him or her immediately to us.

Keep your password top secret and change it often
Changing passwords often helps in protecting your account even if inadvertently you may have disclosed it to someone.

Make your password difficult to guess
When you create your password, make it at least 6 characters long. Include at least one capital letter, one numerals (0-9) and one special character (like @, #, $, etc). This makes the password very difficult to guess.

Never use cyber cafes to access your online accounts
PCs at cyber cafes may be infested with viruses and Trojans that can capture and transmit your personal data to fraudsters. The easiest way to grab information is key logging software, which record all the keystrokes you typed, to be retrieved later for fraudulent usage. Beware of typing passwords on unknown PCs.

Keep your computer secure
Some phishing emails or other spam may contain software that can record information on your Internet activities (spyware) or open a ‘backdoor’ to allow hackers access to your computer (Trojans). Installing anti-virus software and keeping it up to date will help detect and disable malicious software, while using anti-spam software will help stop phishing emails from reaching you. It is also important, particularly for users with a broadband connection, to install a firewall. This will help keep the information on your computer secure while blocking communication from unwanted sources. Make sure you keep up- to-date and download the latest security patches for your browser. If you don’t have any patches installed, visit your browser’s website, for example users of Internet Explorer should go to the Microsoft website.

Check the website you are visiting is secure
Before submitting your bank details or other sensitive information there are a couple of checks you can do to help ensure the site uses encryption to protect your personal data:

If you are visiting the website with a secure connection, you will be able to identify the website through the site’s certificate. A secure or encrypted website address will begin with HTTPS rather than HTTP, and you will see a lock icon in the Address bar. Secure connections use certificates to identify the website and to encrypt your connection so that it will be more difficult for a hacker to view. You can also click the lock icon in the Address bar to see more information about the website.

Note that the fact that the website is using encryption doesn’t necessarily mean that the website is legitimate. It only tells you that data is being sent in encrypted form.