Security Info & Fraud Alerts
Our security protocols have been time-tested and are widely used throughout the banking industry. The encryption of your ID and password, using Secure Socket Layer (SSL) or HTTPS protocol, occurs automatically when you select "Click to login," and is in place before your information is transferred across the Internet. Protect your personal information. Use a secure internet connection when logging into Online Banking.
Choose strong passwords that are at least 8 characters, contain numbers, lower and upper case letters, and special characters. Do not use the same passwords between websites and do not share your password with others.
Protect your devices from malware by keeping your software up to date and run updated anti-virus software if appropriate.
Control physical access to your computer or mobile device to prevent unauthorized access to your online accounts, and prevent the possibility of malicious software, such as key loggers or tracking software from being installed. Use a password to lock your computer or mobile device and make sure to lock it when away.
Do not provide personal information by email, text, or phone call. We will never contact you and ask for passwords or personal account information.
Business Email Compromise fraud on the rise
The FBI’s Internet Crime Complaint Center reported nearly $2.4 billion in losses due to Business Email Compromise (BEC) fraud in 2021. Stay vigilant - do not click on links or open emails from sources you don't know.
While traditional spear phishing methods such as using fake emails to pose as vendors, CEOs, or other trusted managers are still common, fraudsters never stop refining their methods. In 2021, scammers began using compromised account credentials and/or virtual meetings to request fraudulent wire transfers. This new variant on the BEC scheme typically begins with an email compromise of a financial director, such as a CEO or CFO. The fraudsters monitor email communications and gain insight into the organization before using the hacked email account to set up a virtual meeting with unsuspecting employees. During the meeting, the fraudsters may use a profile picture of the CEO (and claim their audio/video isn’t working) before instructing employees to send money via wire transfer.
Protect yourself from fraud with these tips:
- Ensure purchasing/procurement and payment processes are in dual control
- Follow established procedures to prevent fraud. Do not accept payment requests outside of normal channels
- Closely review emails to ensure the sender’s address has not changed
- Always call to confirm account change requests received via email
- Always use a known contact number. Do not use phone numbers provided via email
- Use multi-factor authentication and a strong, unique password to protect your email accounts
- Beware of requests to join virtual meeting platforms not normally used by the bank
- Recognize red flags such as requests for secrecy or urgency, or the inability to join audio/video
If you suspect you’ve fallen victim to fraud, notify First National immediately and file a detailed complaint through the FBI’s Internet Crime Complaint Center.