Online Security Tips

Online Security Tips

Passwords are Important

Choosing a password that is both easy for you to remember but also tough to hack can help in preventing someone from stealing your personal information. When choosing a password:

  • Choose something that is at least 7-9 characters
  • Use both numbers and letters
  • Make the password case-sensitive
  • Include at least one special character (e.g., !@#$%&)

Using the same password for multiple login locations is convenient, but having individualized passwords for each login page will give you more security and help you to protect your identity.

Computer Usage

As internet fraud becomes more and more prevalent, there are simple ways to keep your information safe and secure. Here are some things to remember:

  • Protect your home computer - Anti-spyware, antivirus, and anti-malware programs are easy and worthwhile ways to make sure your information stays protected. It is also important that any signature files be kept up to date by downloading and installing updates on a daily basis.
  • Public access computer - While public access computers are convenient and easy to use, there is always the possibility that these computers may contain viruses and/or malicious software, such as Trojans and keyloggerr. Remember to log out of every program on any computer that may be used by other people. Simply exiting the program may not fully shut off your information from the next user.

Cyber Attacks

What is a cyber attack?

  • Cyber attacks on credit unions take the form of “DDOS” or “Distributed Denial of Service.”
  • The intent is to slow down the system as it sorts out 20 million potentially harmful requests trying to differentiate from the honest log-in attempts.
  • These attacks are intended to slow down the system and deny access for members.

How long should I expect to wait?

  • Attacks of this nature have been known to last several hours.
  • You may wish to access your account through other mediums such as mobile, phone, or an on-site service.

Who are these Cyber-Attackers?

  • Experts on this topic realize that these schemes are far too sophisticated to be run by a basic hacker.
  • They are most likely the operations of countries unfriendly to the U.S.

What can I do to protect myself?

  • Using a strong password can benefit the security of your information. (See Passwords are Important section)
  • Make sure you have an anti-virus software that scans information going to and from your computer.
  • Be wary of sending sensitive information via Email—these systems are generally not encrypted.

How to Protect Your Mobile Device

  • Use a Password/Lock Code
  • Enable password/PIN.
  • Set the screen timeout to five minutes or less.
  • Avoid using auto-complete features that remember names or passwords.

Wireless and Geo-Tracking

  • Avoid public WiFi hotspots (use cell phone network instead of insecure WiFi.)
  • Keep optional network connections (e.g., WiFi and Bluetooth) turned off except when you are using them.
  • Don't access personal or financial data with public WiFi.
  • Turn off GPS tracking services for non-essential applications.
  • Enable GPS tracking services for any application that helps you locate the device if it is lost or stolen.

Secure Your Data and Email

  • Avoid storing sensitive data on your mobile device.
  • Use SSL encryption (https://) for browsing and webmail whenever possible.
  • Securely delete data before you sell or give away your device.

Manage Your Applications Wisely

  • Download apps only from trustworthy sources.
  • Don't install a new app until it has established a good reputation.
  • Keep applications updated and remove applications you no longer use.
  • Don't "root" or "jailbreak" your device or install third-party firmware.

Physical Security

Tracking and recovering a stolen device is different than, and insufficient for, protecting data on that device from unauthorized disclosure. If your primary goal is to prevent the unauthorized disclosure of sensitive data, then it must be encrypted, whether you use a tracking and recovery solution or not. However, physical protection should not be ignored. Follow these best practices for physically securing your mobile device:

  • Do not leave your device unattended. Keep it with you at all times or leave it in a secure location. This not only prevents against malicious access to your data, but also against inadvertent or accidental loss or damage of your data, such as when a child finds it and attempts to use it.
  • Lock up your device when not in your possession.
  • Be particularly cautious about keeping your device safe in airports and other public places.
  • Be inconspicuous. Carry your smartphone, tablet, or laptop in a way that does not attract the attention of someone who might want to steal it.
  • Label your property. Put a sticker on your phone with your name and contact information. This low-tech, practical step enables somebody to contact you if they found your lost phone, even if the battery is dead.
  • Keep records of your device's identifying information (such as serial number, MAC address, etc.) and the date and place of purchase. This information can help authorities track or identify a lost or stolen device.

Scams and Fraud

Here is a description of some of the most common types of fraud and scams you should be aware of:

  • Phishing – An attempt to steal information by pretending to be a reliable source—usually asking for verification of important details such as account numbers or social security information.
  • Smart Phone Texting Frauds – A form of phishing specifically targeting mobile phone users—the constant contact with a mobile phone makes it easy and a website may be harder to spot on a small screen.
  • Spyware – This is typically a criminal software that a person unknowingly loads onto a computer—the software then sends personal information from the computer to the criminal.
  • Debit & Credit Card Skimming – This is when ATM machines are tampered with in an attempt to hijack personal information—people have created devices that can capture the magnetic stripe from a Card and also keypad information so that they can make new cards with your account numbers.
  • Fake Check Scams – Criminals use a technology to create realistic cashier’s checks which they then use to pay for purchases or to pay off some sort of foreign lottery they tell you have won.

Read about current scams, fraud alerts and prevention tips.