Internet Security Tips

Tips to Protect Yourself in a Digital World

Whether you’re banking, shopping or keeping in touch with friends and family online, it’s important to know how to keep your personal information safe and secure. Do not share your passphrases or passwords with anyone.  They are for your knowledge only.  A Cross County Savings Bank representative will never ask you to reveal your login credentials.

  • Create a long, random, and memorable passphrases instead of a password to maximize safety and security online. For example, “CoffeeMugBlue#2025!” or “CorrectHorseBatteryStaple” offers better protection than “password123.” Avoid using the same passphrases across multiple accounts.
     
  • Enable multi-factor authentication (MFA): This adds a second layer of security by requiring, for example, a code sent to your phone in addition to your passphrase. Even if someone steals your passphrase, they won’t access your account without this extra step.
     
  • Monitor your accounts frequently: Check your bank statements and transactions online often to detect unauthorized activity early. Set up text or email alerts for transactions or large withdrawals for extra monitoring.
     
  • Use official bank channels: Always download banking apps from official sources like Google Play or Apple App Store and type website addresses directly rather than following links in emails or texts.
     
  • Use device security features: Secure your devices with PINs, passwords, and biometric features such as fingerprints or facial recognition to prevent unauthorized access.
     
  • www.StaySafeOnline.org - Visit the National Cyber Security Alliance website, sponsored by the Department of Homeland Security and the Federal Trade Commission.
     
  • consumer.ftc.gov/features/identity-theft – Visit FTC's Website for information about Identity Theft.

Top Tips to avoid becoming a victim of phishing and other scams:

  1. Be suspicious of any e-mail with urgent requests for personal financial information. The most common form of phishing is emails pretending to be from a legitimate retailer, bank, organization, or government agency. The sender asks to "confirm" your personal information for some made-up reason: your account is about to be closed, or because they suspect you may be a victim of identity theft! In one case, a phisher claimed to be from a state lottery commission and requested the victim’s banking information to deposit their "winnings" in their accounts.
     
  2. Don't open emails or click on links that ask for your personal information. Fraudsters use these links to lure people to phony websites that look just like the real sites of the company, organization, or agency they're impersonating. If you follow the instructions and enter your personal information on the website, you'll deliver it directly into the hands of identity thieves. To check whether the message is really from the company or agency, call them directly or go to its website (use a search engine to find it).
  3. Consider adjusting your email settings so that images are not automatically downloaded. Some viruses can be spread simply by opening an email that includes images and graphics. This means some fraudsters no longer need to rely on tricking users to open attachments or clicking on hyperlinks, but only need to entice you to open an email. Protect yourself by changing your email settings to not automatically download images.
     
  4. Never enter your personal information in a pop-up screen. Sometimes a phisher will direct you to a real company's, organization's, or agency's website, but then an unauthorized pop-up screen created by the scammer will appear, with blanks in which to provide your personal information. If you fill it in, your information will go to the phisher. Legitimate companies, agencies and organizations don't ask for personal information via pop-up screens. Install pop-up blocking software to help prevent this type of phishing attack.
     
  5. Protect your computer with spam filters, anti-virus and anti-spyware software, and a firewall, and keep them up to date. A spam filter can help reduce the number of phishing emails you get. Anti-virus software, which scans incoming messages for troublesome files, and anti-spyware software, which looks for programs that have been installed on your computer and track your online activities without your knowledge, can protect you against pharming and other techniques that phishers use. Firewalls prevent hackers and unauthorized communications from entering your computer‚ which is especially important if you have a broadband connection because your computer is open to the Internet whenever it's turned on. Look for programs that offer automatic updates and take advantage of free patches that manufacturers offer to fix newly discovered problems. Go to www.onguardonline.gov and www.staysafeonline.org to learn more about how to keep your computer secure.
     
  6. Beware of "pharming." In this latest version of online ID theft, a virus or malicious program is secretly planted in your computer and hijacks your web browser. When you type in the address of a legitimate website, you're taken to a fake copy of the site without realizing it. Any personal information you provide at the phony site, such as your password or account number, can be stolen and fraudulently used.
     
  7. Only open email attachments if you're expecting them and know what they contain. Even if the messages look like they came from people you know, they could be from scammers and contain programs that will steal your personal information.
     
  8. Know that phishing can also happen by phone. You may get a call from someone pretending to be from a company or government agency, making the same kinds of false claims and asking for your personal information. Legitimate credit card issuers and other companies may contact you if there is an unusual pattern indicating that someone else might be using one of your accounts. But usually they only ask if you made particular transactions; they don't request your account number or other personal information. Law enforcement agencies might also contact you if you've been the victim of fraud. To be on the safe side, ask for the person's name, the name of the agency or company, the telephone number, and the address. Get the main number from the phone book, the Internet, or directory assistance, then call to find out if the person is legitimate.
     
  9. Only communicate information, such as debit card numbers or account information, via a secure website or the telephone. When submitting financial information to a website, look for the padlock or key icon at the bottom of your browser, and make sure the Internet address begins with "https." A secure Web server designation can be found by checking the beginning of the Web address in your browser's address bar - the address should begin https:// rather than just http://. While you cannot be completely sure the website is secure when its address starts with "https," you can be sure the website is not secure when it does not start with "https."
     
  10. Regularly log on to your online accounts and check your bank, debit card statements to ensure that all transactions are legitimate. One of the real advantages of banking online is being able to regularly review your account for unauthorized or unusual activity. If anything is suspicious, contact your bank and all card issuers immediately.
     
  11. Ensure that your browser is up to date and security patches applied. Always visit your browser manufacturer's home page, such as Microsoft Edge or Google Chrome, to download the latest security updates even if they don't alert you to do so.  Also, enable the auto-update feature on your operating system for automatic updates.