Security Info & Fraud Alerts

Security Info

Our security protocols have been time-tested and are widely used throughout the banking industry. The encryption of your ID and password, using Secure Socket Layer (SSL) or HTTPS protocol, occurs automatically when you select "Click to login," and is in place before your information is transferred across the Internet. Protect your personal information. Use a secure internet connection when logging into Online Banking.

Prevent Fraud

Choose strong passwords that are at least 8 characters, contain numbers, lower and upper case letters, and special characters.  Do not use the same passwords between websites and do not share your password with others.

Protect your devices from malware by keeping your software up to date and run updated anti-virus software if appropriate.

Control physical access to your computer or mobile device to prevent unauthorized access to your online accounts, and prevent the possibility of malicious software, such as key loggers or tracking software from being installed. Use a password to lock your computer or mobile device and make sure to lock it when away.

Do not provide personal information by email, text, or phone call. We will never contact you and ask for passwords or personal account information.

Fraud Alerts



Check fraud is costing Alaska businesses millions. The Financial Crimes Enforcement Network reported check fraud nearly doubled in 2022 compared to the previous year. We are seeing our customers and those of other financial institutions victimized by a greater amount of check fraud than ever before. The Anchorage Daily News reported, "Check fraud is back in a big way, fueled by a rise in organized crime that is forcing small businesses and individuals to take additional safety measures..."

Follow these best practices to protect yourself and your business from check fraud:

  • Go digital - Digital payment solutions offer additional protections and help remove the risks of using paper checks.
  • Real-time alerts - Sign up to receive real-time alerts to keep you informed of your account and card activity.
  • Review your accounts - Review transactions and balances daily to help detect unusual or suspicious activity.
  • Report fraud immediately - Reporting fraud in a timely manner can help minimize the impact and may lessen your liability.
  • Use fraud prevention services - Help protect your business from fraud with check fraud prevention solutions such as Positive Pay and Check Block.
  • Review your business practices - Train employees to spot signs of fraud. A customer-friendly but offender-hostile workplace will help prevent fraud from impacting your bottom line.




Alaskans are experiencing a large number of fraud attempts as criminals continue to target consumers and businesses using enhanced tactics.

The recent fraud schemes involve fake caller ID, unexpected text messages, and the hijacking of real email threads from compromised email accounts. Impersonating someone you know or trust, such as an employee, customer, vendor or government agency, the fraudster requests changes to existing payment methods or provides falsified invoices with new deposit account details.

Characteristics of these schemes may include:

  • Targeted emails or calls from a trusted sender
  • Replies on existing email threads
  • New payment methods
  • Change requests to payment accounts
  • An element of urgency or secrecy

How to avoid falling victim to these scams:

  • Do not trust caller ID or the sending email address.
  • Independently verify the requestor’s identity.
  • Always authenticate requests and confirm new payment instructions via a different communication method, such as a known phone number.
  • Do not attempt to verify the emailed instructions by calling a phone number provided in the email or replying to the email. The fraudster will continue pretending to be the person or company you know.
  • Secure external access to employee email with multi-factor authentication.

Always follow established procedures to reduce the risk of loss.



Don’t let fraud ruin your holidays

Be wary of payment requests via email

Criminals are targeting business email accounts to steal contact information and company-branded signature blocks. They use the information to create convincing emails (whether they be legitimate email accounts of victims, spoofed emails, or look-a-like domains) to target accounts payable and/or human resources employees. The scammers will often send falsified invoices or request payments be redirected to illegitimate accounts.

Don’t take the bait! Be cyber smart by following these steps to prevent fraud:

Procedural measures

  • Always follow proper payment handling procedures. Do not accept payment requests outside of established and verified methods.
  • Always use a known phone number to confirm account change requests. Do not call a number provided via email.
  • Handle payments in dual control where transactions are verified before initiation and during approval.
  • Beware of red flags such as false urgency, confidential requests, or unrecognized email domains.
  • Question unusual transactions – it’s better to be safe than sorry.

​​​​​​​Technical measures

  • Utilize multi-factor authentication and shield networks from unauthorized access. Learn more about multi-factor authentication.
  • Regularly update systems, back up important data and test backups.
  • Do not plug external devices into USB ports.

If you suspect you’ve fallen victim to fraud, notify First National immediately and file a detailed complaint through the FBI’s Internet Crime Complaint Center.



Beware: Scammers claiming to be First National fraud department

Fraudsters are calling Alaskans claiming to be First National fraud department representatives. The scammers claim the customer’s card cannot be used until the cardholder’s identity is verified. If you receive a suspicious call, hang up immediately and call your local bank to report the incident. 

First National and other legitimate financial institutions will never call to ask a customer for login information or for the three-digit code on the back of a card. Legitimate calls do not lead with “your card cannot be used until you verify your identity,” which is a sure sign of a scam. Stay vigilant and share this information with fellow Alaskans to help keep others safe from this scam attempt. 



FBI issues healthcare fraud warning

The FBI has reported a string of cyber-attacks where scammers have used stolen healthcare portal credentials to send money to their own accounts. Stay alert and be aware of these potential signs a criminal is trying to gain access to your information:

  • Phishing emails, specifically targeting financial departments of healthcare payment processors.
  • Unwarranted changes in emails and/or custom rules for specific accounts.
  • Requests to reset both passwords and two-factor authentication phone numbers within a short timeframe.
  • Being locked out of payment processor accounts due to failed password recovery attempts.

Learn more about these fraud attempts and how you can protect yourself with information from the FBI.



Beware: Scammers are using fake caller IDs

First National has received reports of scammers making cold calls using fake caller ID and impersonating our fraud department or claiming to be federal agents for various government agencies. The scammers then request personal details or demand payment from potential victims. When you receive a suspicious call – hang up right away and call a known number.

On legitimate outbound fraud verification calls, First National’s fraud team does not ask for security questions. Bankers already know your security questions and will only ask for the answers to your questions, not for the questions themselves. The bank only asks for details about questionable transactions to determine whether or not they were authorized. When bankers ask for answers to security questions, it is to authorize giving out account information, not to validate fraud transactions.

If you receive a call from someone claiming to represent the bank who begins asking for security questions and answers, hang up and call a known number. If there is a particular card product involved, such as a debit or credit card, call the number on the back of the card.



Business Email Compromise fraud on the rise

The FBI’s Internet Crime Complaint Center reported nearly $2.4 billion in losses due to Business Email Compromise (BEC) fraud in 2021. Stay vigilant - do not click on links or open emails from sources you don't know.

While traditional spear phishing methods such as using fake emails to pose as vendors, CEOs, or other trusted managers are still common, fraudsters never stop refining their methods. In 2021, scammers began using compromised account credentials and/or virtual meetings to request fraudulent wire transfers. This new variant on the BEC scheme typically begins with an email compromise of a financial director, such as a CEO or CFO. The fraudsters monitor email communications and gain insight into the organization before using the hacked email account to set up a virtual meeting with unsuspecting employees. During the meeting, the fraudsters may use a profile picture of the CEO (and claim their audio/video isn’t working) before instructing employees to send money via wire transfer.

Protect yourself from fraud with these tips:

  • Ensure purchasing/procurement and payment processes are in dual control
  • Follow established procedures to prevent fraud. Do not accept payment requests outside of normal channels
  • Closely review emails to ensure the sender’s address has not changed
  • Always call to confirm account change requests received via email
  • Always use a known contact number. Do not use phone numbers provided via email
  • Use multi-factor authentication and a strong, unique password to protect your email accounts
  • Beware of requests to join virtual meeting platforms not normally used by the bank
  • Recognize red flags such as requests for secrecy or urgency, or the inability to join audio/video

If you suspect you’ve fallen victim to fraud, notify First National immediately and file a detailed complaint through the FBI’s Internet Crime Complaint Center.