Jones Bank is committed to helping customers keep their personal information and money safe. Fraud is everywhere and fraudsters are getting better and more deceptive. It is important to protect your personal and business finances.

Holiday Online Safety Tips

Person sitting at computer entering a password to a website
Tip #1: Check Your Devices
Tip #2: Only Shop Through Trusted Sources
Tip #3: Use Safe Methods for Purchases
Before making any online purchases, make sure the device you’re using to shop online  is up-to-date. Next, take a look at your accounts and ask, do they each have strong  passwords? And even better, if two-factor authentication is available, are you using it?
Think about how you’re searching online. Are you searching from home, on public  Wi-Fi? How are you finding the deals? Are you clicking on links in emails? Going to  trusted vendors? Clicking on ads on webpages? You wouldn’t go into a store with  boarded up windows and without signage, the same rules apply online. If it looks
suspicious, something’s probably not right.
If you’re going to make that purchase, what information are you handing over? Before providing personal or financial information, check the website’s privacy policy. Make sure you understand how your information will be stored and used.

Four Easy Ways to Stay Safe Online

Woman looking at phone and laptop father and daughter looking at tablet
Use Strong Passwords Turn On MFA Recognize & Report Phishing Update Software
Strong passwords are long, random, and unique and include all four character types (uppercase, lowercase, numbers, and symbols). Password managers are a powerful tool to help you create strong passwords for each of your accounts. You need more than a password to protect your online accounts; enabling MFA makes you significantly less likely to get hacked. Enable MFA on all your online accounts that offer it, especially email, social media, and financial accounts. Be cautious of unsolicited messages asking for personal information. Avoid sharing sensitive information or credentials with unknown sources. Report phishing attempts and delete the message. Ensuring your software is up to date is the best way to make sure you have the latest security patches and updates on your devices. Regularly check for updates if automatic updates are unavailable.

Information courtesy of: https://www.cisa.gov/cybersecurity-awareness-month

CREATING A PASSWORD TIP CARD
Creating a strong password is an essential step to protecting yourself online. Using long and complex passwords is one of the easiest ways to defend yourself from cybercrime. No citizen is immune to cyber risk, but there are steps you can take to minimize your chances of an incident.
SIMPLE TIPS
Creating a strong password is easier than you think. Follow these simple tips to protect yourself online:
•  Make your password eight characters or longer. Create a password with eight characters or more and a combination of letters, numbers, and symbols.
•  Use a long passphrase. Use a passphrase such as a news headline or even the title of the last book you read. Then add in some punctuation and capitalization.
•  Don’t make passwords easy to guess. Do not include personal information in your password such as your name or pets’ names. This information is often easy to find on social media, making it easier for cybercriminals to hack your accounts.
•  Avoid using common words in your password. Instead, substitute letters with numbers and punctuation marks or symbols. For example, @ can replace the letter “A” and an exclamation point (!) can replace the letters “I” or “L”.
•  Get creative. Use phonetic replacements, such as “PH” instead of “F”. Or make deliberate, but obvious misspellings, such as “enjin” instead of “engine”.
•  Never share your password. Don’t tell anyone your passwords, and watch for attackers trying to trick you into revealing your passwords through email or calls.
•  Unique account, unique password. Use different passwords for different accounts and devices so that if attackers do guess one password, they will not have access to all of your accounts.
•  Use stronger authentication. Always opt to enable stronger authentication when available, especially for accounts with sensitive information including your email or bank accounts. A stronger authentication helps verify a user has authorized access to an online account. For example, it could be a one-time PIN texted to a mobile device, providing an added layer of security beyond the password and username.

Stop.Think.Connect. is a national public awareness campaign aimed at empowering the American public to be safer and more secure online. The Campaign’s main objective is to help you become more aware of growing cyber threats and arm you with the tools to protect yourself, your family and your community. For more information visit www.dhs.gov/stopthinkconnect.

————

More information about using passwords to protect your devices and data

An infographic explaining the red flags of social engineering.

Passwords

Passwords are the locks on your account doors.  You keep a lot of personal information in your online accounts, including your email, bank accounts, tax returns and more, so you want good protections in place.  Here are some ways to make sure your passwords are secure.

  • Make sure your password is long and strong. That means at least 12 characters.  Making a password longer is generally the easiest way to make it stronger.  Consider using a passphrase of random words so your password is more memorable, but avoid using common words or phrases.  If the service you are using does not allow long passwords, you can make your password stronger by mixing uppercase and lowercase letters, numbers and symbols.
  • Don’t reuse passwords you’ve used on other accounts.  Use different passwords for different accounts.  That way if a hacker gets your password for one account, they can’t use if to get into your other accounts.
  • Use multi-factor authentication when it’s an option.  Some accounts offer extra security by requiring something in addition to a password to log into your account. This is called multi-factor authentication.  The “something extra” you need to log into your account fall into two categories:
    • Something you have – like a passcode you get via an authentication app or a security key.
    • Something you are – like a scan of your fingerprint, your retina or your face.
  • Consider a password manager.  Most people have trouble keeping track of all their passwords. The longer and more complicated a password is, the stronger it is, but they can be more difficult to remember.  Consider storing your passwords and security questions in a reputable password manager.  Make sure to use a strong password to secure the information in your password manager.
  • Pick security questions only you know the answer to. If a site asks you to answer security questions, avoid providing answers that are available in public records or easily found online, like your zip code, birthplace or your mother’s maiden name.  Also don’t use questions with a limited number of responses that attackers can easily guess, like the color of your first car.
  • Change passwords quickly if there’s a breach.  If a company tells you there was a data breach where a hacker could have gotten your password, change the password you use with that company right away and on any account that uses a similar password.

Source:  Federal Trade Commission – Consumer Information


Reduce Your Risk for Fraud

It is very important to protect your bank accounts by following these tips and best practices.

  • We will never call you to request information you received via text or pressure you to reset your online banking password.
  • Don’t trust Caller ID, it can be modified to show any name.
  • Don’t provide your online banking log in credentials, one-time password, account number or personal information by email, text or phone call. Use one of our published phone numbers to call us to confirm the request is legitimate.
  • Don’t give information over the phone if you receive a call saying a transaction is cancelled, even if the caller claims to be with the bank. Once again, contact us at one of our published numbers to inquire about the transaction.
  • Don’t click on links in unsolicited emails or texts.
  • Don’t give an unsolicited caller remote access to your computer.

Protect your personal information! Sign up for Online Banking, Mobile Banking and Jones Bank Alerts to stay on top of your finances!