Online Safety Tips
Safeguarding Your Online Information
With today’s technology, we can do many things quicker and more conveniently – whether it’s sending an email, paying bills or shopping online. However, with the increase in speed and convenience also comes increased risk. Every day, unscrupulous individuals are busy developing new scams targeting the public.
At Cornerstone Community Federal Credit Union, the security of member information is one of our highest priorities. We are strongly committed to the safety and confidentiality of your records. Cornerstone Community Federal Credit Union has a robust Member Information Security Program that ensures that adequate security is built into our platforms, which includes the latest cutting-edge technology, internal processes, and staff manpower. We take extensive measures to protect your personal information and are constantly monitoring accounts for fraud and identity theft. We ensure ongoing compliance to industry required frameworks to verify that our internal procedural operations have security built into them. Our two-step verification process provides even more security for your online banking.
We believe that one of the best ways to avoid fraud is to become an educated consumer – and we want to help. Please read this important information on how to keep your account safe when you’re online.
Keeping Safe in Cyberspace
blank
1. Set Strong Passwords
A strong password is a combination of upper and lower case letters, numbers, and special characters. Some examples of special characters are @, #, $, %, etc. Change your password frequently, and never write it down or share it with others. Never use your Social Security number as a username or password on ANY website. Don’t use the same password for multiple logins. Don’t use public information such as a phone number as a password. Make sure your recovery email address is up to date so if you ever forget your password it can be emailed to the correct email address.
2. Don’t Reveal Personal Information via Email
Emails and text messages can be masked to look like they are coming from a trusted sender when they are actually from someone else. Play it safe – do not send your personal information such as account numbers, Social Security numbers, passwords, etc. via email or texting. Email and text messaging should NOT be considered secure forms of communication.
3. Don't Download that File
Opening files attached to emails can be dangerous especially when they are from someone you don’t know. These unknown files can allow harmful malware or viruses to be downloaded onto your computer.
4. Antivirus Software is Crucial
Antivirus software is only a single layer of security. No antivirus program is perfect, nothing catches all malware all of the time. Naturally, if you don’t exercise caution, you may become infected by malware even if you’re using an antivirus.
Be careful about the files you download and run, keep your software updated, uninstall vulnerable software like Java, and more – but don’t drop your antivirus defenses completely just because you’re being careful. A zero-day exploit in your browser, a plugin like Flash, or Windows itself could open the door to infection, and an antivirus is your last layer of protection.
Malware isn’t what it used to be – much of it is created by organized crime to capture financial information and other sensitive data. Antivirus software helps you stay ahead of the bad guys, and it’s worth using. As with all your software applications make sure the most current security patches have been installed.
If you don’t currently use antivirus software – it’s highly recommend you start.
5. Links Aren’t Always What They Seem
Never log in from a link that is embedded in an email message. Criminals can use fake email addresses and make fake web pages that mimic the page you would expect. To avoid falling into their trap, type in the URL address directly, and then log in directly to the site.
6. Websites Aren’t Always What They Seem, Either
Be aware that if you navigate to a website from a link you don’t type, you may end up at a site that looks legitimate, when in fact it’s not. Take time to verify that the web page you’re viewing is an exact match to the URL you expect.
7. Log Off from Websites When You Are Done
When you are ready to leave a site you have logged in to, be sure to log off rather than just closing the page.
blank
8. Monitor All Account Activity
Monitor your account activity regularly either online or by reviewing your monthly statements and report any unauthorized transactions right away.
9. Report Any Suspicious Activity
If you become aware of account activity that you feel is suspicious, you should notify the authorities as well as Cornerstone Community Federal Credit Union, as soon as possible.
10. Assess Your Risk
We recommend periodically assessing your online banking risk and put into place increased security controls where weaknesses are found; particularly for members with business accounts. Some items to consider when assessing your online banking risk are:
- Who has access to your online business accounts?
- How and where are user names and passwords stored?
- How strong are your passwords and how often are they changed? Are they changed before or immediately after terminating an employee who had access to them?
- Do you have dual controls or other checks and balances with respect to access to online banking transactions?
11. Mobile Banking Security Tips
- Use the key lock or phone lock function on your mobile device when it is not in use. These functions protect your device so that nobody else can use it or view your information. Also be sure to store your mobile device in a secure location.
- Frequently delete text messages from Cornerstone Community Federal Credit Union, especially before loaning out, discarding or selling your mobile device.
- Never disclose any personal information (account numbers, passwords, or any of your personal information such as your Social Security number or birth date that could be used in identity theft) via text message.
- For your own protection, never register your mobile device as your primary computer. In doing so you would be enabling anyone who may find your device to bypass your authentication security questions.
12. Use Secure Networks
When on a public WiFi, check to see if the website being used is encrypted. Check to see if the web address begins with https:// – which signals that your connection to the website is encrypted and more resistant to snooping or tampering. At home, secure your WiFi network with a strong password.
13. Lock Your Screen or Device
Set up your phones, tablets and computers with a locking feature as soon as it goes into sleep mode. This will help prevent someone from getting to your personal information if you misplace one of these devices.
Debit & Credit Cards
If you notice suspicious activity on your card, have received text or a call from the Fraud Prevention Center, or suspect your card has been blocked, please call (716) 434-2290.
You may receive a text message from 207-33 if a transaction on your account appears to be fraud. It will prompt you to reply “Yes” or “No.” A “Yes” reply means the transaction is valid. A “No” reply means the transaction is fraud. If you reply “No,” you will receive a follow-up call.
Our card provider, ENFACT, will identify themselves as “Card Service Center” or “Fraud Prevention Center.” They will never ask for your card number, expiration date or CVC (security) code. They will:
- Confirm the individual is the cardholder.
- Verify the last four digits of the primary member’s Social Security number.
They may:
- Ask for the last four digits of your card number.
- Ask to verify the amount of your last transaction or payment.
When the cardholder’s identity is confirmed, they are then prompted to confirm the reported transaction(s) as legitimate or suspect by using their telephone keypad to respond. The cardholder is presented up to five transactions if available on the fraud alert. If the cardholder indicates that they do not recognize any of the reported transactions, the call is automatically routed to a Fraud Alert Specialist for further action. If all transactions are acknowledged as legitimate, the call is completed and the fraud alert will be updated appropriately as No Fraud. If the Interactive Voice Response (IVR) reaches an answering machine or voicemail system, the following message is left for the cardholder:
Hello. This message is for (cardholder name). This is the Card Service Center on behalf of Cornerstone Community Federal Credit Union’s card account. We are calling to verify recent activity that has appeared on your account. Please refer to case number (insert assigned case number) when returning our call. We are available 24 hours a day, seven days a week. Please call us back at 1-877-253-8964. If you are traveling or reside outside Canada or the U.S., you may call us collect at 1-973-682-2652. Thank you.
What to Expect from Cornerstone CFCU
- CCFCU will NEVER call, email or otherwise contact you and ask for your user name, password or other online banking credentials. (If YOU call US, we will ask for some identity verification.)
- CCFCU will NEVER contact you in any form and ask for your credit or debit card number, PIN or three-digit security code. We will never contact you and ask you for your routing or account number. We already have that information. (If YOU call US, we will ask for some identity verification.)
Rights and Responsibilities
With respect to online banking and electronic fund transfers, the federal government has put in place rights and responsibilities for both you and the credit union. These rights and responsibilities are described in the Account Information Disclosures you received when you opened your account with Cornerstone Community Federal Credit Union. You can also find them online under the disclosures link. Ultimately, if you notice suspicious account activity or experience security-related events, please contact the credit union immediately at (716) 434-2290.