Conducting Your Transactions Online

February 13, 2024

Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls and engaging in online account takeovers and fraudulent electronic funds transfers.

To help the security of your online transactions, we want you to know that we will never email, call or otherwise ask you for your username, password or other electronic banking credentials. You can help protect yourself by implementing alternative risk control processes like:

  • Making sure you choose an adequate username and password that, at a minimum, mixes in lowercase letters, uppercase letters and numbers
  • Periodically changing your password (i.e., at least every 90 days)
  • Safeguarding your username and password information
  • Having updated anti-malware and anti-virus software
  • Making sure you have a firewall in place when conducting your financial transactions
  • Logging off the system when you're done conducting business (don't just close the page or "X" out of the system)
  • Monitoring your account activity on a regular basis

In addition, we may require owners of commercial accounts to perform their own risk assessments and controls evaluations. For example, make a list of the risks related to online transactions that your business faces, including

  • Passwords being written down and left out in the open
  • The use of old or inadequate passwords
  • The possibility of internal fraud or theft
  • Delays in terminating the rights of former employees
  • The lack of control or other checks and balances over individual access to online transaction capabilities 

An evaluation of controls your business uses may include the following:

  • Using password-protected software to store passwords in
  • Conducting employee background checks
  • Initiating a policy and process to terminate access for former employees
  • Delegating duties among two or more people where no person has too much access or control
  • Using firewalls to protect from outside intrusion or hackers 

Federal regulations provide consumers with some protections for electronic fund transfers. These regulations generally apply to accounts with Internet access. For example, these federal laws establish limits on a consumer’s liability for unauthorized electronic fund transfers. They also provide specific steps to take to help resolve an error with your account. However, in order to take advantage of these protections, you must act in a timely manner. Notify us immediately if you believe your access information has been stolen or compromised. Additionally, review your account activity and periodic statements and promptly report any errors or unauthorized transactions. See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these types of protections. These disclosures are also available online (or ask us and we will gladly provide you with a copy).

If you become aware of suspicious account activity, you should immediately contact the authorities and contact us at the number listed below.



Tips to avoid phishing, spyware and malware

  • Do not open emails from unknown sources. Be suspicious of emails purporting to be from a financial institution, government department or other agency requesting account information, account verification, or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on Web links in suspicious emails could expose your system to malicious code that could hijack your computer
  • Never respond to a suspicious email or click on any hyperlink embedded in a suspicious email. Call the purported source if you are unsure who sent an email.
  • If an email claiming to be from your financial organization seems suspicious, checking with your financial organization may be appropriate.
  • Install anti-virus and spyware detection software on all computer systems. Free software may not protect against the latest threats compared with an industry-standard product.
  • Update all of your computers regularly with the latest versions and patches of both anti-virus and anti-spyware software.
  • Ensure computers are patched regularly, particularly operating systems and key applications.
  • Install a dedicated, actively managed firewall, especially if using a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to your network and computers.
  • Check your settings and select, at least, a medium level of security for your browser.
  • Clear the browser cache before starting any Consumer eBanking session to eliminate copies of web pages that have been stored on the hard drive. How the cache is cleared depends on the browser and version you are using. This function is generally found in the browser's preferences menu.
  • Be advised that you will never be presented with a maintenance page after entering login credentials. Legitimate maintenance pages are displayed when first reaching the URL and before entering login credentials.
  • Consumer eBanking will never display pop-up messages indicating that you cannot use your current browser.
  • Consumer eBanking error messages will never include an amount of time to wait before trying to log in again.
  • Be advised that repeatedly being asked to enter your user ID or password are signs of potentially harmful activity.
  • Being asked challenge questions if your computer was previously registered is a sign of potentially harmful activity.