Business eBanking Fraud

User Id and Password Guidelines

  • Create a "strong" password with at least 8 characters that includes a combination of mixed case letters, numbers, and special characters.
  • Change your password frequently.
  • Never share username and password information with third-party providers.
  • Avoid using an automatic login feature that saves usernames and passwords.
  • Do not use the same password for different account access.

General Guidelines

  • Do not use public or other unsecured computers for logging into Business Express.
  • Review account balances and detail transactions regularly to confirm payment and other transaction data and immediately report any suspicious transactions to your financial institution.
  • Whenever possible, use Bill Pay instead of checks to limit account number dissemination exposure and to obtain better electronic record keeping.
  • Take advantage of and regularly view system alerts; examples include"
  • ACH Alerts
  • Wire Alerts
  • Password change alerts
  • Do not use account numbers, your social security number, or other account or personal information when creating account nicknames or other titles.
  • Never leave a computer unattended while using Business Express.
  • An FBI recommended best practice is to suggest that company users dedicate a PC solely for financial transactions (e.g., no web browsing, emails, or social media).

Administrative Users

  • Prohibit the use of "shared" usernames and passwords for Business Express.
  • Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses.
  • Ensure computers are equipped with the latest versions and patches of both anti-virus and anti-spyware software.
  • Delete online user IDs as part of the exit procedure when employees leave your company.

Tips to Avoid Phishing, Spyware and Malware

  • Do not open e-mail from unknown sources. Be suspicious of e-mails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials such as usernames, passwords, PIN codes, and similar information.
  • Never respond to a suspicious e-mail or click on any hyperlink embedded in a suspicious e-mail.
  • Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable.
  • Install anti-virus and spyware detection software on all computer systems. Update all of your computers regularly with the latest version and patches of both anti-virus and anti-spyware software.
  • Bookmark the Financial Institutions website and only use the bookmark to access the site to avoid phishing.

Tips for Wireless Network management

  • If your device offers encryption, secure your wireless network by enabling encryption. Purchase a device that supports the latest encryption standards.
  • Change the wireless network hardware (router/access point) administrative password from the factory default to a complex password.
  • If only known computers will access the wireless network, consider enabling MAC filtering on the network hardware. Every computer network card is assigned a unique MAC address. MAC filtering will only allow computers with permitted MAC addresses access to the wireless network.
  • Avoid using unsecured, public Wi-Fi networks to access financial accounts.

Mobile Guidelines

  • Add the Financial Institutions short code and customer service phone number to your contacts and only initiate SMS and phone calls from your contact list. Do not reply to SMS messages that do not exist in your contact list.
  • Only download apps from stores, such as Apple and Android, which are submitted and branded by the Financial Institution.
  • Know that the Financial Institution will not ask users to provide confidential information over an email or SMS message.
  • Password protect your smartphone and always lock your phone when it's not in use.
  • Clear data from your smartphone frequently. Delete text messages from Financial Institution, especially before sharing, discarding, or selling your phone.