Security Info & Fraud Alerts
Our security protocols have been time-tested and are widely used throughout the banking industry. The encryption of your ID and password, using Secure Socket Layer (SSL) or HTTPS protocol, occurs automatically when you select "Click to login," and is in place before your information is transferred across the Internet. Protect your personal information. Use a secure internet connection when logging into Online Banking.
Choose strong passwords that are at least 8 characters, contain numbers, lower and upper case letters, and special characters. Do not use the same passwords between websites and do not share your password with others.
Protect your devices from malware by keeping your software up to date and run updated anti-virus software if appropriate.
Control physical access to your computer or mobile device to prevent unauthorized access to your online accounts, and prevent the possibility of malicious software, such as key loggers or tracking software from being installed. Use a password to lock your computer or mobile device and make sure to lock it when away.
Do not provide personal information by email, text, or phone call. We will never contact you and ask for passwords or personal account information.
Beware: Scammers claiming to be First National fraud department
Fraudsters are calling Alaskans claiming to be First National fraud department representatives. The scammers claim the customer’s card cannot be used until the cardholder’s identity is verified. If you receive a suspicious call, hang up immediately and call your local bank to report the incident.
First National and other legitimate financial institutions will never call to ask a customer for login information or for the three-digit code on the back of a card. Legitimate calls do not lead with “your card cannot be used until you verify your identity,” which is a sure sign of a scam. Stay vigilant and share this information with fellow Alaskans to help keep others safe from this scam attempt.
FBI issues healthcare fraud warning
The FBI has reported a string of cyber-attacks where scammers have used stolen healthcare portal credentials to send money to their own accounts. Stay alert and be aware of these potential signs a criminal is trying to gain access to your information:
- Phishing emails, specifically targeting financial departments of healthcare payment processors.
- Unwarranted changes in emails and/or custom rules for specific accounts.
- Requests to reset both passwords and two-factor authentication phone numbers within a short timeframe.
- Being locked out of payment processor accounts due to failed password recovery attempts.
Learn more about these fraud attempts and how you can protect yourself with information from the FBI.
Beware: Scammers are using fake caller IDs
First National has received reports of scammers making cold calls using fake caller ID and impersonating our fraud department or claiming to be federal agents for various government agencies. The scammers then request personal details or demand payment from potential victims. When you receive a suspicious call – hang up right away and call a known number.
On legitimate outbound fraud verification calls, First National’s fraud team does not ask for security questions. Bankers already know your security questions and will only ask for the answers to your questions, not for the questions themselves. The bank only asks for details about questionable transactions to determine whether or not they were authorized. When bankers ask for answers to security questions, it is to authorize giving out account information, not to validate fraud transactions.
If you receive a call from someone claiming to represent the bank who begins asking for security questions and answers, hang up and call a known number. If there is a particular card product involved, such as a debit or credit card, call the number on the back of the card.
Business Email Compromise fraud on the rise
The FBI’s Internet Crime Complaint Center reported nearly $2.4 billion in losses due to Business Email Compromise (BEC) fraud in 2021. Stay vigilant - do not click on links or open emails from sources you don't know.
While traditional spear phishing methods such as using fake emails to pose as vendors, CEOs, or other trusted managers are still common, fraudsters never stop refining their methods. In 2021, scammers began using compromised account credentials and/or virtual meetings to request fraudulent wire transfers. This new variant on the BEC scheme typically begins with an email compromise of a financial director, such as a CEO or CFO. The fraudsters monitor email communications and gain insight into the organization before using the hacked email account to set up a virtual meeting with unsuspecting employees. During the meeting, the fraudsters may use a profile picture of the CEO (and claim their audio/video isn’t working) before instructing employees to send money via wire transfer.
Protect yourself from fraud with these tips:
- Ensure purchasing/procurement and payment processes are in dual control
- Follow established procedures to prevent fraud. Do not accept payment requests outside of normal channels
- Closely review emails to ensure the sender’s address has not changed
- Always call to confirm account change requests received via email
- Always use a known contact number. Do not use phone numbers provided via email
- Use multi-factor authentication and a strong, unique password to protect your email accounts
- Beware of requests to join virtual meeting platforms not normally used by the bank
- Recognize red flags such as requests for secrecy or urgency, or the inability to join audio/video
If you suspect you’ve fallen victim to fraud, notify First National immediately and file a detailed complaint through the FBI’s Internet Crime Complaint Center.