Online & Mobile Security

Do’s and don’ts for keeping information protected online.

1. Password Protection

   Do

   • Use strong passwords: at least eight characters with a mix of upper- and lower-case letters, numbers, special characters.
   • Create hard-to-guess passwords (no birth dates, child’s name, pet’s name, or part of User ID).
   • Change passwords frequently, and immediately if compromised.
   • Notify financial institutions if passwords have been stolen.

   Do NOT

   • Share passwords or security devices.
   • Post passwords in or around work areas.
   • Use an automatic login feature that saves usernames and passwords.
2. Computer Safety

   Do

   • Keep operating systems and web browsers up to date, and turn on automatic updates.
   • Protect your home wireless network with a password for a secure connection.
   • Use comprehensive spyware, virus protection software and a firewall, which prevents unauthorized users from gaining access.
   • Ensure online retailers have secure technology: verify "https" and a tiny locked padlock symbol in the address bar.

   Do NOT

   • Send sensitive information over unsecure public Wi-Fi networks.
   • Conduct banking transactions while multiple browsers are open.
3. Mobile Safety

   Do

   • Use the passcode lock on your smartphone and other devices.
   • Be aware of your surroundings, especially when entering sensitive information.
   • Completely log out when finishing a mobile banking session.
   • Install mobile security software to protect against viruses and malicious software.
   • Download updates to keep your phone and mobile apps safe with the newest release.
   • Notify your financial institution if you change your phone number or lose your mobile device.
   • Report suspected fraud immediately to your financial institution.
   • Wipe your device before donating, trading or recycling; if it is lost or stolen, try to do so remotely.

   Do NOT

   • Open links and attachments in emails and texts, especially from senders you don’t know.
   • Store sensitive information: passwords, Social Security number, etc.
   • Perform banking transactions on a potentially unsecure public network; disable the Wi-Fi and use your mobile network.
   • Click ads (not from your security provider) claiming your device is infected.
   • Download all apps asking for unnecessary “permissions” – they may contain viruses or malware.
4. Email Safety

   Do

   • Be careful opening emails, links or attachments from unfamiliar sources: they could be an attempt to collect your confidential information or infect your device.
   • Verify the authenticity of emails by using a phone number or address from your records rather than the contact information in or associated with the email.
   • Watch for language that has an extreme sense of urgency if you do not act.
   • Take note of logos that appear distorted, unfamiliar web addresses, unusual spelling or grammatical errors – all signs that a fraudster may have designed the email.
   • Be wary of messages an automated email from a system saying your password is nearly expired, security alerts, or messages urging you to validate your online banking credentials.
   • Forward phishing emails to the Federal Trade Commission at spam@uce.gov – and to the organization impersonated in the email.

   Do NOT

   • Click on links in emails – sign on to your trusted website directly, using the address from your records or your browser bookmark.
   • Provide confidential information in response to an email request (user names, passwords, account numbers, tax ID numbers, Social Security numbers, etc.).
   • Open attachments without independently verifying the authenticity of the email.
   • Trust emails that appear to be from familiar sources – fraudsters can doctor email ‘from’ names or even addresses.