Online Security & Education

Be Educated!  Stay Protected!

  • Don’t carry your Social Security Card in your wallet or purse.
  • Make a copy of your medical card(s) with all but the last four digits marked out to carry in case of emergency; only take the actual card to a scheduled doctor’s visit.
  • Before sharing any personal information, ask why it is needed and how it will be safeguarded.
  • Lock your financial and personal records in a secure place at home or open a Safe Deposit Box at your financial institution (Safe Deposit Box contents are not FDIC insured).
  • Check out other ways to protect your identity at https://www.consumer.ftc.gov/topics/identity-theft?sort=subject.
  • If you believe your identity has been stolen, report it and begin the recovery process immediately at https://www.identitytheft.gov.
  • Personal financial information (Access IDs and passwords, Social Security Numbers, account numbers, ATM/credit/debit/prepaid card numbers, etc.) should not be provided in response to unfamiliar, unsolicited, or suspicious websites, emails, text messages, telephone calls, mobile device Apps, or social media messages and posts.
  • Personal financial information should never be sent by email or any online submission in an unencrypted state, even to trusted parties. Most financial institutions offer secure email services that encrypts messages, to ensure protection of emailed information.
  • Unfamiliar or suspicious emails, text messages, instant messages, phone calls, websites, and social media solicitations that request personal financial information should be deleted immediately. They should not be replied to or forwarded, and any links that they contain should not be opened.
  • Be especially careful of clicking on hyperlinks to or completing online applications as they may be used to gather personal financial information.
  • If you accidentally provide any of your personal financial information, you should change your passwords and contact all applicable parties immediately for further assistance.
  • Be cautious of offers that seem too good to be true; they probably are!  Many scams request a wire transfer be sent before the benefit will be received.  Wire transfers are exactly like sending cash since the funds cannot be recovered once sent.  Examples include:
    • Receiving a check for a large amount and being told to deposit it and pay a fee
    • Winning an expensive prize, but having to pay a fee before it will be shipped
    • Being offered to receive a large job salary or wage, but you must pay for supplies or to become certified up front
    • Winning a foreign lottery, but having to pay the taxes before it can be collected
    • Inheriting money from a long lost relative you don’t even know, but you must pay the legal processing fees
  • Scams may also play on your emotions, leading you to believe you must act immediately or there will be consequences.  Examples include:
    • Receiving a call claiming to be from the IRS stating that you owe taxes and must pay immediately
    • Receiving a call that a friend is in trouble and needs your help
  • Remember, personal financial information (Access IDs and passwords, Social Security Numbers, account numbers, ATM/credit/debit/ prepaid card numbers, etc.) should not be provided in response to unfamiliar, unsolicited, or suspicious websites, emails, text messages, telephone calls, mobile device Apps, or social media messages and posts.
  • Financial transactions that are conducted on websites should only be conducted on secure websites. An indicator of a secure website is a URL that begins with “https” in the address; the “s” stands for “secure.” The “https” prefix should be on every page of websites used to conduct transactions, in addition to the log-in page.
  • Most Wi-Fi networks do not encrypt information and are not secure. Some use encryption and are more secure, however, if any Wi-Fi network is to be used, a virtual private network (VPN) should be established and used to encrypt communications as it applies all the way from your computer to the host computer, regardless of the type of network used.
  • Computers and other devices should be locked, logged off, or shut down before stepping away and set to lock or log off automatically after two minutes of non-use, with a password required to log back in.
  • Computers, other devices, and external storage such as USB drives and storage discs should be physically secured when not in use.
  • Lost or stolen computers and other devices should be reported to applicable service providers, software vendors, or carriers immediately.
  • Computers and other devices no longer in use should have hard drives removed and shredded, or a software program that wipes and eliminates all data from their hard drives should be used.
  • Cybercriminals often use hyperlinks to install malicious software on devices to perform fraudulent acts, so take steps to verify that hyperlinks correspond to legitimate websites and have been posted by known and trusted parties.
  • Unfamiliar or suspicious emails, text messages, instant messages, websites, and social media solicitations that contain hyperlinks should be deleted immediately and not opened.
  • Operating system software updates, referred to as patches, should be accepted, downloaded, installed and ran promptly and as recommended.
  • Reputable antivirus/security software that has been reviewed and rated as satisfactory by independent analysts should be installed, updated, and utilized as recommended.
  • If the antivirus/security software can scan and update automatically, set it to do so; if not, scan and update after each log-in.
  • If viruses, malicious software, or malware are detected, the recommendations provided by the antivirus/security software should be followed promptly.
  • New cards should be activated and signed upon delivery.
  • Cards should not be left in visible or unsecured locations.
  • Transaction receipts should be saved to compare to statements later and incorrect transaction receipts should be voided. Blank transaction receipts should not be signed and a line should be drawn through any blank spaces above the total on any transaction receipt before signing.
  • Options to “Remember My Card Number” on websites where transactions are conducted should not be used.
  • Lost or stolen cards should be promptly reported to the card issuer.
  • Cards that are unused, have been canceled, or have been replaced by a new card should be destroyed by cutting them into small pieces so they cannot be read.
  • Access IDs and passwords should use the maximum allowable number and type of characters, such as upper and lower case letters, numbers, and special characters and should not contain predictable text patterns, such as a part of your name, Social Security Number, or email address.
  • A different Access ID and password should be used for each website.
  • Options to “Remember Me” or “Remember My Password” on websites where transactions are conducted should not be used.
  • If you must write down your Access IDs or passwords, don’t leave them in visible or unsecured locations.
  • Accept only known and trusted individuals into your social network.
  • Select the highest available level of privacy and security settings on any social media site and do not allow social media sites to scan your address book.
  • No information that can be used to compromise your information security should be viewable on any social media site. Such information includes the names of financial institutions, card companies, eCommerce websites, Internet service providers, utilities, and wireless carriers you have accounts with. This also includes personal financial information, passwords, phone numbers, email addresses, addresses and dates of significance (for example, birth dates and anniversaries).
  • Statements, both electronic and delivered in paper form, should be reviewed promptly upon receipt to verify that all transactions were made by authorized parties. Any transactions made by unauthorized parties should be reported to the appropriate financial institution, card issuer, or biller.
  • Saved receipts from ATM, Credit, Debit, and Prepaid Cards should be compared to statements to ensure that unauthorized charges have not posted. Any transactions made by unauthorized parties should be immediately reported to the appropriate financial institution, card issuer, or biller.
  • Paper statements to be discarded should be shredded.
  • Many financial institutions offer a messaging service that sends emails/texts for balances and transactions. Take advantage of these services to detect fraud before the statement is produced.
  • Credit should be monitored on a regular basis. In addition to several credit/identity monitoring services, which may or may not charge fees, each of the nationwide credit reporting companies must provide you with a free copy of your credit report, upon your request, once every 12 months.
  • Report any unauthorized or suspicious credit activity immediately.
  • For more information on requesting your free credit report and reporting unauthorized or suspicious credit activity, visit https://www.consumer.ftc.gov/articles/0151-disputing-errors-credit-reports.