Why Cyber Security Is Important
Satisfying our customers' financial needs in a secure manner and helping them succeed financially has been a cornerstone of First Carolina Bank since we first opened our doors. At First Carolina Bank, protecting our customers, their data, and other information is a top priority, and one that we take very seriously. While our privacy policies are the same whether you are online or not, we have extra measures in place to protect your privacy when you bank online with First Carolina Bank.
Virtually every financial institution is using the Internet to communicate and allow customers to conduct transactions online. Customers today expect this convenience, and if done securely, these transactions can be as safe as those conducted in person.
We continue to enhance our systems and processes as online services evolve. Because no single solution can ensure online security, we have developed a layered security approach with industry-leading solutions.
We have two major objectives in selecting the right electronic safeguards:
- Protecting our customers' information
- Minimizing customer impact while providing multiple layers of protection wherever customer transactions call for added security
Security, quite simply, protects the confidentiality of your account information and prevents theft of your financial assets.
Internet Security Basics
Ask yourself the following four questions below. If your answer to all four is a yes, your chances of being impacted by a cyber incident are low. If any of your answers are no, then your chances of being impacted by a cyber incident are higher. Understand these risks and take the recommended actions.
1. Is My Computer as Secure as Possible?
Using an unsecured computer is like leaving the door of your house wide open: you are making it easy for someone with malicious intent to access your property. An unprotected machine can become infected with malware in a matter of moments, leaving you vulnerable to identity theft or other crimes.
Having up-to-date security software protection isn’t an option; it’s a requirement and should become as automatic as locking your doors when you leave your house. Be sure your computer is current with all operating system and application software updates. Anti-virus and anti-spyware software should be installed, running, and receiving automatic updates.
In addition to taking precautions when using your own computer, practice vigilance when using someone else’s. Don’t use public computers or public networks for financial or other sensitive transactions. You have no control over the security of a public computer or public wireless network.
2. Is My Connection to the Internet as Secure as Possible?
Simply connecting to the Internet makes you vulnerable to a potential attack. Using a firewall helps minimize risks by blocking malicious traffic to your computer. Make sure you have a firewall that it is turned on and kept updated. New computers may be shipped with it on by default, but double-check.
When entering sensitive information into a website, look for the “https://” and check that the lock icon is present in the URL bar. This indicates that your communications are encrypted. Also, pay attention to the browser you use to connect to the Internet. Keep it updated, patched, and set to automatically update. If you are using a wireless network to connect to the Internet, make sure encryption is enabled and change the default network name and password that come with the wireless router.
3. Is My Password as Secure as Possible?
Strong passwords don’t have to be hard to remember, just hard to guess. A good password is at least ten characters and uses a mix of upper case, lower case, and numeric or special characters. Each of your online accounts, especially financial ones, should have its own strong password so that if one is compromised, the attacker does not have automatic access to your other accounts.
4. Do I Know How to Recognize a Scam?
Keeping your computer secure is only part of the equation when conducting online banking. You need to be alert for scams and the things you can do to protect yourself.
Phishing is one of the most common scams attackers use. A phishing scam typically consists of an email, trying to entice the recipient into clicking a link or downloading an attachment. A phishing scam targeting your financial accounts will consist of an email message notifying you of a “problem” with your account and ask you to click on a link to your “bank’s” site and submit sensitive information. This site, however, is a very convincing fake version of the legitimate site. This website may then prompt you to provide personal information such as Social Security, bank account, or credit card numbers. It may also download malicious software onto your computer.
Instead of clicking on the link to your bank’s website embedded in an email, navigate to the financial institution’s website on your own by typing the address directly into your browser. Beware of attached files, as they may contain malware. Open attachments only from trusted sources, and if you are in doubt, don’t open it at all. You may also consider using anti-phishing software to help block many phishing-related emails.
Remember, no legitimate financial institution will ever ask you to provide sensitive information in an email. First Carolina Bank will NEVER contact you by such means requesting such information.
Specific Security Elements
Logging In To Online Banking:
It is important to verify that only authorized users log into our Online Banking system. We use multi-layered security, including password verification to ensure user authorization. We limit the number of times you can enter your password incorrectly. We monitor and record incorrect login attempts to detect suspicious activity, such as someone trying to guess your password. You play a crucial role in preventing others from logging on to your account. Never use weak passwords that are easy to guess. Examples of poorly crafted passwords are: birth dates, first names, pet names, addresses, phone numbers, and social security numbers. Never reveal your password to another person. You should periodically change your password, which is an option within our Online Banking system.
Our Enhanced Login Security provides additional peace of mind when using First Carolina Bank Online Banking. Enhanced Login Security strengthens security and protects against online fraud by requiring an additional authentication factor beyond your ID and password each time you login to Online Banking. This additional layer of security is a browser-based secure cookie, a piece of information that is stored on your computer and is recognized by our system when you login.
We also time out an Online Banking session after a specified period of inactivity. This keeps others from viewing or continuing Online Banking activity if you leave your PC unattended. However, we recommend that you always sign off (log out) when you have finished your online banking.
E-mail:
Messages sent by e-mail may not be secured, may be intercepted by third parties, and may not be immediately received by the appropriate department at First Carolina Bank. Please do not use e-mail to send us communications that contain confidential information, which we require in writing or which need our immediate attention. Please contact your local branch instead. Be aware that a "receipt" acknowledgment on an e-mail message means only that the message has routed into the Internet, not that the message has been received by First Carolina Bank. Urgent or confidential matters should be addressed via phone or in person. Written authorizations should be provided via U.S. mail, private delivery service (i.e. overnight delivery), or in person.
Website Links:
The links in this website will let the user leave the First Carolina Bank site. The linked sites are not under the control of First Carolina Bank, and First Carolina Bank IS NOT RESPONSIBLE FOR THE CONTENT AVAILABLE ON OTHER INTERNET SITES. These links are provided as a convenience to users. Access to any other Internet sites linked to this website is at the user's own risk. The inclusion of any link does not imply a recommendation or endorsement by First Carolina Bank of the linked site.
Cookies:
Cookies are commonly used on web sites and do not harm your system. By configuring your preferences or options in your browser, you determine if and how a cookie will be accepted. We use cookies on our Online Banking system for the sole purpose of providing additional security to our customer.
Bank Expectation of Customer Responsibilities
The security systems that are in place, however, cannot protect those customers who do not follow secure and proper computer practices. It is vitally important that customers take all necessary precautions to ensure that their computer access credentials are not compromised. This includes, but is not limited to, avoiding any activity that increases the likelihood of identity theft; not opening fraudulent email messages that contain harmful viruses or malware; not falling prey to social engineering whereby perpetrators obtain computer access information with direct communications via phone calls, fax, or mail; not sharing user ID and passwords with co-workers or friends; limiting or discontinuing the use of weak passwords; keeping computer anti-virus and similar programs up to date; and not falling prey to internet sales and get-rich-quick scams. Therefore, First Carolina Bank has the expectation that each customer will take any and all reasonable precautions to reduce the likelihood of computer-related fraud and the resulting financial losses.
Fraud Types and Prevention Strategies
Below are common types of fraud and recommendations for how customers—both consumer and business—can best protect themselves. If you notice suspicious activity or suspect fraud of any kind on your account, contact your local branch immediately. Phone numbers for each of our locations can be found here.
ACH & Wire Fraud:
ACH and wire fraud can occur when fraudsters infiltrate business communications to strategically hack into online banking and disburse the funds themselves or when they send seemingly legitimate instructions to those with the permissions and authority to process payments. These threats can be mitigated by implementing dual control practices, limiting the number of people with transaction access, and completing due diligence on payment or information change requests. Additionally, for ACH fraud specifically, products such as positive pay or fraud filter can assist in monitoring your transactions for fraudulent activity.
Online Banking Fraud:
In addition to the above tips on strong passwords, at First Carolina, we also require customers to utilize two-factor authentication to log in to their online banking. This means that you will need to enter some kind of secondary code in order to gain access, and we will never ask you to share that code. If you receive a call from someone claiming to be from First Carolina seeking that code, or if your phone notifies you with a code when you did not try to log in, change your password immediately.
Debit Card Fraud:
Physical precautions for debit cards involve treating the cards like cash and not making your PIN accessible to anyone—this includes being aware of your surroundings when you enter your PIN at an ATM or a store. More common current fraud tactics with debit cards, though, involve phone calls. Do not give your information about your account or debit card number or PIN over the phone; we will never ask for it.