Be proactive when it comes to Online Security!

As your financial institution, we work hard to protect you from fraud. But you and your computer are the front line of defense. In just a few simple steps, you can help keep your computer-and your finances-safe.

Secure your passwords

A good password should:

• Not be based on personal information that can be easily guessed (your pet’s name, birth date, etc.)
• Not be a word that can be found in any dictionary of any language.
• Contain 8 characters, at least 1 number, at least 1 uppercase letter, at least 1 lowercase letter, and password cannot contain leading or trailing blanks.
• Not be the same as any password you use for anything else.
• Always memorize your password and do not write it down. Bank of Edmonson County will prompt changing your passwords every 90 days.

We will not ask for your online ID or password by telephone OR by email!Secure your computer

There are certain precautions you should take to keep your computer safe from viruses and hackers.

• Keep your operating system and browser up to date.
• Use up-to-date anti-virus and anti-spyware software – and set them to update automatically.
• Use a personal firewall.
• Activate a pop-up blocker.

Keep in mind:

Security software that comes pre-installed on your computer typically works for just a few months unless you pay to extend its usage. Avoid buying software in response to unexpected pop-up messages or ads that claim to have scanned your computer and detected malware. That’s a scare tactic scammers use to spread malware.

Be wary of spyware and malware

About spyware.

Spyware is software loaded on your computer without your knowledge. It collects personal information about you and your Internet browsing habits in order to launch pop-up ads or change the configuration of your computer. It can also access your usernames and passwords, slow down the functions of your computer and send information from your computer to a third party without your knowledge or permission.

Generally, spyware is downloaded to your computer from websites you visit, or comes along unannounced when you download a new program or feature. In some cases, the spyware is mentioned in the fine print of a user agreement you’re asked to accept for downloading a program.

Clues that you may have spyware on your computer:

• You experience a number of pop-up ads when browsing the Internet
• Your Internet browser takes you to sites you’re not attempting to visit
• You experience a sudden and/or repeated change to your Internet homepage
• New toolbars or icons appear
• You experience error messages that seem random, and/or your computer’s performance drastically slows down

Check your system regularly for spyware. Several third party vendors provide anti-spyware applications you can download, some free of charge.

About malware.

Malware is malicious, unwanted software or code that generally is transmitted online. It is often used to enter a computer system without conforming to standard authentication procedures.

Common forms of malware include:

• Adware – software that displays ads in an unexpected and often unwanted fashion
• Backdoor – software that is often installed through a vulnerability in the operating system or through an existing piece of malware
• Bot – A software application that performs automated, unwanted tasks online
• Computer worm – a program that self-replicates and spreads by exploiting vulnerabilities and bugs in operating systems and old applications
• Rootkit – One or more programs designed to hide the presence of other malware from users and anti-virus programs
• Trojan horse – A form of malware that seems to provide a positive function but actually gives criminals access to your computer
• Virus – A program that self-replicates without the user’s knowledge or permission.

Clues that you may have malware on your computer:

• Advertising pop ups begin to appear every few seconds
• Extra toolbars appear in your browser and can’t be removed
• Your Internet browser takes you to sites you’re not attempting to visit
• Unexplained system slow down and/or sudden system crashes

Check your system regularly for malware. Several third party vendors provide anti-malware applications you can download, some free of charge.

Be smart online

Aside from securing you passwords and computer, the most important thing you can do is simply be careful – and use common sense – online.

Here are some good general rules to follow:

• Maintain current software and take advantage of updates
• Never share passwords or passphrases
• Do not click unknown links
• Beware of unknown email and attachments – if you don’t know what it is or who it’s from, don’t open it
• Don’t download unknown software off of the Internet
• Don’t play along with hoaxes or chain mail
• Log out/lock your computer when you’re not using it
• Remove unnecessary programs
• Restrict remote access to your system
• Frequently back up important files
• Treat sensitive data carefully
• Remove data securely
• Use encryption whenever possible

Be smart with your password.

• Choose passwords and PINs that are hard to guess by using a combination of upper and lower case alpha-numeric characters and symbols.
• Avoid using your Social Security number, your mother’s maiden name, birth dates, your kids’ names or sports teams.
• Change passwords regularly

Computers & Mobile Devices need protection

• Use an anti-virus and anti-spyware software, update frequently.
• Update your computer’s operating system when available.
• Use the most recent version of your web browser software.
• Use caution when installing applications/programs.
• Do not leave your laptop, phone or other mobile devices logged on and/or unattended when in public.
• Password protect and/or lock your laptop, phone or other mobile devices when not in use.
• Do not save financial or personal information on your laptop, phone, or mobile device.

Secure Personal Information

• Be cautious when giving personal information. Check a website’s privacy policy before you give them your email address.
• When creating passwords, they should contain upper and lower case alpha-numeric characters and symbols.
• Never share your passwords.
• Delete an email immediately if you do not know the sender
• Do not open email or click on links or attachments, especially those where the file ends in “.exe”.
• Do not include personal or sensitive data in, or in response to, an email.
• Watch the activity on your account for any unusual activity
• Always log out of your online and/or mobile banking sessions when you are finished.
• Do not store financial or personal information on your laptop, phone, or mobile device.

Be Cautious when Browsing the Web

• Only allow pop-ups from sites that you authorize.
• Do not give out personal information to blogs, forums and other social networking sites.
• Only make online purchases using secure sites that encrypt your information. To determine if a site encrypts your information look for the locked padlock icon in the browser and “https:” in the address line.
• Never access a website from a link in a suspicious email.
• Access online banking sites by typing the address directly into the browser’s address bar.

Identity theft is a serious crime. The damage caused by the theft of personal information can be very extensive, and cleaning up can cost a substantial amount of time and money. In addition, affected persons risk long term damage to their credit and their reputation. Severe consequences of identity theft include lost job opportunities and denial of credit. Some victims have even been falsely accused of crimes they did not commit.

By conducting everyday activities, consumers leave personal information a thief may want to use to steal their identity. These activities include writing a check, renting a car, applying for credit or charging tickets to a sporting event. These activities reveal personal information such as: your bank and credit card account numbers, your income, your Social Security number, your name, address and telephone number. If stolen, this information may be used to commit identity theft or fraud.

Skilled identity thieves use a variety of methods to gain access to your personal information. For example, they may:

• Steal your mail
• Steal your wallet or purse
• Complete a “change of address” form to redirect your mail to another location
• Rummage through your trash
• Collect your information through e-mail or telephone using phishing scams.

Phishing

Phishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here’s how it works:

• You receive an email message, asking you to click on a link in order to update some sensitive personal information.
• The link will redirect you to a “spoofed” website, which is designed to look like a legitimate website.
• The website will ask you to input personal information such as your account numbers, PINs, or a social security number.

Vishing

Vishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here’s how it works:

• You receive a “spoof” email or text message about suspicious account activity.
• The text or voicemail message will ask you to call a “customer service” number.
• When you call the customer service number, a recording will ask you to provide personal information such as account numbers, passwords, a social security number, or other critical information.
• The recording may not mention the company’s name and could potentially be an indication the call is being used for fraud.
• You can also receive a phone call.
• The call could be a “live” person or a recorded message.
• The caller may already have your personal information, which may seem as if the call is legitimate.

Smishing

Smishing is when consumers’ cell phones and other mobile devices are targeted with mobile spam. The spam, or text messages, attempt to trick consumers into providing personal information. Here’s how it works:

• You receive a fake text message, which may include a fraudulent link, asking you to register for an online service.
• The scammer attempts to load a virus onto your cell phone or mobile device.
• The scammer may also send a message ‘warning’ you that your account will be charged unless you cancel your supposed online order.
• When you attempt to log on to the website, the scammer extracts your credit card number and other personal information.
• In turn, your information is used to duplicate credit, debit and ATM cards.
• Scammers may also send you a text message again ‘warning’ you that your bank account has been closed due to suspicious activity.
• The text message will ask you to call a ‘customer service’ number to reactivate your account.
• When you call the number, you are taken to an automated voice mail box that prompts you to key in your credit card, debit card or ATM card number, expiration date and PIN to verify your information.
• Again, your information is used to duplicate credit, debit and ATM cards.

Lottery/Sweepstakes Scams

Lottery/Sweepstakes scams target consumers by a notification, which arrives through the mail, by email, or by an unsolicited telephone call. Here’s how it works:

• The notification advises you have won a prize, but you did not enter in any type of lottery or sweepstake by the promoter contacting you.
• The promoter will ask you to send payment to cover the cost of redeeming the prize when the prize does not exist.
• In this type of scam, you may rarely if ever receive any winnings in return.

Check Overpayment Scams

Check Overpayment scams target consumers who sell items through an online auction site or a classified ad. Here’s how it works:

• The seller takes a big loss when the ‘buyer’ passes a counterfeit cashier’s check, money order, corporate or personal check as payment.
• The counterfeit check is written for more than the agreed price.
• The ‘buyer’ will ask the consumer to wire back the difference after the check has been deposited.
• The check will more than likely bounce and the consumer becomes liable for the entire amount.

1. Never give out your financial information. Such as: credit card number, checking account numbers, and especially your Social Security number, on the phone unless you placed the call and know the person, business, or organization with whom you are dealing. We, at Bank of Edmonson County, will never call you asking for that information; so don’t give out that information to anyone claiming to be from the Bank.
2. Never give out usernames or PINs to anyone calling to advise you of potential card fraud regardless of how “helpful” the caller sounds.
3. If your checks are lost or stolen, report it to the bank immediately! We will block payment on the check numbers involved. Also, when you get each new order of checks, review their numbers to make sure that they are in sequence with the last checks you used.
4. Store all of your checks, both new and used, in a safe place.
5. Guard your ATM Personal Identification Number and ATM receipts. Pick up your receipts from the ATM machine before you leave and take them home to destroy properly.
6. Don’t throw away financial solicitations that you get in your mailbox. Tear them up or shred them so that thieves can’t use them to assume your identity. The same is true for any other financial documents, such as bank statements or invoices.
7. If your regular bills fail to reach you, call the company and find out why. Someone may have filed a false change-of-address notice to route your information to his or her address.
8. Review your bills carefully. If they include suspicious items, don’t ignore them. Instead, investigate immediately to head off any possible fraud before it occurs.
9. Request a copy of your Social Security statements at www.ssa.gov/mystatement to be sure that no one else is using your social security number for employment.
10. Add your phone numbers to the national Do Not Call Registry at www.donotcall.gov or by calling 1 (888) 382-1222. Since February 2008, these registered telephone numbers will no longer expire off the list.
11. Opt out of pre-screened credit offers by calling 1 (888) 567-8688 or at www.optoutprescreen.com.
12. Once a year, contact the major credit reporting companies to review your file and make certain that the information about you is correct. Many states offer residents free credit reports annually at www.annualcreditreport.com or by calling 1 (877) 322-8228. For a small fee, you can get your credit score as well. The three major credit bureaus are:

If you are a victim of identity theft, take the following steps as soon as possible. Also it is important to keep records of your conversations and copies of all correspondence. Contact your account representative at Bank of Edmonson County at (270) 597-2175, to secure your bank accounts.

Contact the credit reporting agencies, and place a “fraud alert” on your credit reports. Also, add a “victim’s statement” to your file requesting that creditors contact you before opening new accounts in your name.

If you know or suspect that an account has been tampered with or opened fraudulently in your name, close it immediately. Call and speak to someone in the security or fraud department. You may also wish to follow up in writing. Send all letters by certified mail, return receipt requested.

Filing a “miscellaneous incidents” report at a police station where the identity theft occurred is also an important step. Get a copy of the police report for your records in the case of dealing with creditors who need proof of the crime.

File a complaint with the Federal Trade Commission. You can file a complaint online at: www.consumer.gov/idtheft; call 1 (877) 438-4338 or write to:

Identity Theft Clearinghouse, FTC
600 Pennsylvania Avenue, NW
Washington, DC 20580If you know or suspect that your mail has been stolen, contact the United States Postal Service.Keep detailed records of any identity theft and your efforts to resolve it. Log the date, time and amount of unauthorized transactions, as well as the names of people you have contacted regarding the theft.

Log the date, time, duration and cost of any telephone calls as well as the date and cost of any mailings. Keep copies of all correspondence for your records.

Helpful Contacts in the event of Identity Theft:

Contact the fraud departments at each of the three credit reporting agencies:

United States Postal Service – your local post office.

Your local police department.