Security Tips

A Few Simple Rules Regarding The Safety of Your Online Experience

Know that First Southern Bank NEVER uses emails or telephone calls to verify personal financial information. If you're ever in doubt, just call the bank back using a trusted, published phone number, such as the phone number listed on your bank statement.
Make use of a firewall or router for personal computers.
Use anti-virus software and keep it up to date on all devices, including computers, smartphones and tablets.
Keep computer software up to date, especially the security patches.
Use a unique password and change it on a regular basis.
Don't share passwords with anyone.
Always clear the computer cache and/or properly exit the Web browser after logging into an Internet banking account.
Carefully type the financial institutions Web address.
Don't be fooled by similar looking Web sites that trick users into attempting to log in or redirect you to another Web site that asks for confidential information.
Don't open emails from unknown sources.
Never open an email attachment you are not expecting (even from a trusted source).
Never email any sensitive information, even to a trusted recipient, unless that information is encrypted and secure.
Regularly audit Internet banking accounts.

Signs of a Compromised System

Below is a list of ways to identify if your system may have been compromised:

Dramatic loss of computer speed.
Changes in the way things appear on the screen.
Computer locks up so the user is unable to perform any functions.
Unexpected rebooting or restarting of the computer.
Unexpected request for a one-time password (or token) in the middle of an online session.
Unusual pop-up messages, especially a message in the middle of a session that says the conncection to the banking system is not working (system unavailable, down for maintenance, etc.)
New or unexpected toolbars and/or icons.
Inability to shut down or restart the computer.

Deceptive Ways a Criminal May Contact a Customer

The FDIC does NOT directly contact bank customers (especially regarding issues related to ACH and wire transactions, account suspension, or security alerts), nor does the FDIC request bank customers to install software upgrades.
Such messages should be treated as fraudulent and the account holder should permanently delete them and not click on any links.
Messages or inquiries from the Internal Revenue Service, Better Business Bureau, NACHA, and almost any other organization asking the customer to install software, provide account information or access credentials is probably fraudulent and should be verified before any files are opened, software is installed, or information is provided.
Calls and\or text messages requesting sensitive information are very likely to be fraudulent.
If in doubt, account holders should contact the organization at the phone number that was obtained from a different source.
Do not use the numbers that are listed on your screen.
Contact your financial institution using the resources that you may currently have from a different source.
Account holders should not call phone numbers (even with local prefixes) that are listed in the suspicious email or text message.

Protecting Yourself and Your Systems

Get to know standard Internet safety features.
For example, when banking or shopping online, look for a padlock symbol on a page (that means it is secure) and ''https://'' at the beginning of the web address (signifying that the website is authentic and encrypts data during transmission).

Have computer security programs running and regularly updated to look for the latest threats.
Install anti-virus software to protect against malware and use a firewall to prevent unauthorized access to your computer.

Ignore unsolicited emails asking you to open an attachment or click on a link if you're not sure it's who truly sent it and why.
Cybercriminals are good at creating fake emails that look legitimate, but they can install malware. Your best bet is to either ignore unsolicited requests to open attachments or files or to independently verify that the supposed source actually sent the email to you by making contact using a published email address or telephone number.

Be smart about where\how you connect to the Internet for banking or other communications involving sensitive personal information.
Public Wi-Fi networks and computers at places such as libraries or hotel business centers can be risky because the end user cannot control the network or the information that is being shared and\or protected.

Be suspicious if someone contacts you unexpectedly online and asks for your personal information.
A safe strategy is to ignore unsolicited requests for information, no matter how legitimate they appear, especially if they ask for information such as a Social Security number, bank account numbers and passwords.

Use the most secure process you can when logging into financial accounts.
Create ''strong'' passwords and try not to use the same passwords or PINs (personal identification numbers) for several accounts.

Be discreet when using social networking sites.
Criminals use these types of sites looking for information such as someone's place of birth, mother's maiden name or a pet's name, in case those details can help them guess or reset passwords for online accounts.

Be careful when using smartphones and tablets.
Don't leave your mobile device unattended and use a device password or other method to control access if it's stolen or lost.

Small business owners need to have policies and training employees on topics similar to those provided in this checklist for customers, plus other issues that are specific to the business.

Mobile Device/Banking Security Tips

Use the passcode\fingerprint lock on your smartphone and other devices.
This will make it more difficult for thieves to access your information if your device is lost or stolen. Using a fingerprint to access your mobile device and\or mobile banking related products is preferable.

Log out completely when you finish a mobile banking session.

Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.

Use caution when downloading apps.
Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.”

Download the updates for your phone and mobile apps.

Avoid storing sensitive information like passwords or a social security number on your mobile device.

Tell your financial institution immediately if you change your phone number or lose your mobile device.

Be aware of shoulder surfers.
The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.

Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.

Beware of mobile phishing.
Avoid opening links and attachments in emails and texts, especially from senders you don’t know. And be wary of ads (not from your security provider) claiming that your device is infected.

Watch out for public Wi-Fi.
Public connections aren't very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.

Report any suspected fraud to your bank immediately.