Online Security Tips

Safeguard Your Identity

  • Don't reply to email or pop-up messages that ask for personal or financial information.
  • Don't open attachments if you do not know the sender or are not expecting the attachment.
  • Don't open an attachment if a file has a double extension, like “filename.doc.pif,” it is highly likely that this is a dangerous file and should not be opened. In addition, don't open attachments that have file endings of .exe, .pif, or .vbs. These are filename extensions for executable files and could be dangerous if opened.
  • Don't click on links in a message that ask for personal or financial information.
  • Don't cut and paste a link from a message into your web browser. Phishers can make links look like they go one place, but they actually send you to a different site, which asks for personal or financial information.
  • Don't call the phone number listed on a message that asks you to update your information or access a "refund." Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card, or type in the web address yourself.
  • Only share credit card and personal information with companies you know and trust. This information is too valuable!
  • Know who you are dealing with. If shopping online, confirm the seller's physical address and phone number in case you have questions or problems.
  • Be aware of poor design, and/or bad grammar and spelling. It is a tell-tale sign of a fraudulent email or website.
  • Read the small print. Get all promises in writing and review them carefully before you make a payment or sign a contract.
  • Never pay for a "free" gift or prize. Free means free.
  • Never use the “remember password” feature for online banking or transactional websites.
  • Check that the Internet connections are secure before you give your payment information.
    • Many websites use Secure Sockets Layer (SSL) technology to encrypt the credit card information that you send over the Internet. These sites either inform you they are using this technology or the web address begins with "https:" instead of "http:"on the page asking for credit card information.
    • Your browser displays the icon of a locked padlock at the bottom of the screen (Netscape Navigator™; - versions 4.0 and higher); You see the icon of an unbroken key at the bottom of the screen (earlier versions of Netscape Navigator™); You see the icon of a lock on the status bar (Microsoft Internet Explorer®).
  • Don't allow a website to keep sensitive information or credentials for future convenience.
  • Change your online banking or shopping account passwords often. Experts suggest every three to six months. If your information is caught, your passwords should be out-of-date by the time crooks try to sell it.
  • Always sign off or logout from your online banking session or any other website that you’ve logged into using a user ID and password.
  • Set up a timeout to prevent others from continuing your online banking session if you left your PC unattended without logging out.
  • You can set the Timeout period in the User Options screen.
  • Don’t use public computers for sensitive operations.
  • Be vigilant and aware of prying eyes and shoulder surfers.
  • Make sure your operating system and Web browser are set up properly. Update them regularly.
  • Use anti-virus and anti-spyware software, as well as a firewall. Update them regularly.
  • Back-up important files.
  • Review credit card and bank account statements as soon as you receive them. Check for unauthorized charges. 

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email.

To learn more, visit www.consumer.ftc.gov.

 

Passwords

Use different passwords
If you use a password to log on to your network or computer, use a different password for purchases and another for particularly sensitive sites, such as your home banking site.

Choosing your password
The best passwords are not your address, birth date, phone number, or recognizable words. Choose a string of at least five letters, numbers, and punctuation marks. One easy way to create a memorable password is to take the first letter of each word in an expression or song lyric, and add some numbers and punctuation marks. For example, "tmottobg!5" is derived in part from "Take Me Out To The Old Ball Game."

Recording your password
Don't write down any password near your computer where someone could see it. If you do record it somewhere, reverse the order of the characters or transpose some letters or numbers. That way, someone finding it won't have discovered your true password.

 

Mobile Device

Increase phone and data security by:

  • Password protect all mobile phones.
  • Download online banking applications only from trusted sources.
  • Refrain from enabling the “install from unknown sources” feature in mobile banking platforms using the Android operating system.
  • Avoid storing usernames and passwords on the mobile phone.
  • Keep the mobile phone with them or secure the device when not in use.
  • Frequently delete text messages received from the credit union, especially if they contain confidential information.
  • Notify the credit union or carrier immediately if the mobile phone is lost or stolen; ensure it is then deactivated.
  • Refrain from modifying mobile phones as it may disable important security features.
  • Install antivirus software.
  • Check account activity frequently and notify the credit union of any unauthorized transactions.
  • Adopt safe practices modeled after those for personal computers, such as not opening attachments or clicking on links contained in email received from unfamiliar sources.
  • Turn off Bluetooth capability when not in use. (Hackers can view/download the content of your phone via the Bluetooth connection, without your knowing it.)
  • Delete cached data from mobile browsers.
  • Do not disclose personal information via text messaging.