Learn simple ways to protect yourself online and help prevent identity theft.
Online Banking Security
Online Banking utilizes the latest technology, developed to safeguard data through encryption or coding of information. This creates barriers between systems that can only be crossed with authorized passwords, and by creating safe pathways to and from each system.
Multiple layers of advanced security tools including cryptography, firewalls, and trusted operating systems are used to prevent tampering and ensure the privacy of your account information. Before gaining access to any account information, each individual is authenticated by a personal username and password.
Banks themselves, including the Federal Reserve, transmit billions of dollars electronically every day. Just imagine the security such transfers must require. And it is that type of powerful security – and the knowledge that makes it possible – that is making online banking as secure as it is convenient.
Select a case-sensitive password that:
- Contains at least one alpha character.
- Contains at least one numeric character.
- Contains at least one special character. Special characters include the following symbols: – ! @ # $ % ^ & *.
- Is a minimum of eight characters in length, including number(s), upper and lower case letter(s), and special character(s).
The use of numbers, upper and lower case letters, and special characters provides maximum security.
Choose passwords that are difficult for others to guess. Use a different password for each of your online accounts.
- Make sure your computer has the most up-to-date anti-virus software. Anti-virus software has frequent updates to guard against new viruses. Download the update as soon as you are notified it is available.
- Install a personal firewall to help prevent unauthorized access to your home computer. This is important if you connect to the internet via a cable modem or a digital subscriber line (DSL) modem.
- Monitor your transactions. Review your order confirmations, credit card transactions, and bank statements as soon as you receive them to make sure you are only charged for the transactions you made.
- Immediately report any irregularities in your CNB account by calling your local CNB office.
Be alert for email scams. Don’t reply to emails that request your personal information.
- Be suspicious of emails from a business or person that asks for your password, Social Security number, or other highly-sensitive information – or one that sends you personal information and asks you to update or confirm it.
- If you get an email that warns you that your account will be shut down unless you reconfirm your billing information, do not reply or click on the link in the email. Instead, contact the company cited in the email using a telephone number or website address you know to be genuine.
- If you need to update your information online, use the process you’ve used before, or open a new browser window and type in the website address yourself. If a website address is unfamiliar, it’s probably not real. Only use the address that you have used before, or start at your normal homepage. Do not click on links within the suspected phishing email – they may be spoofed. Open emails only when you know the sender. Be especially careful about opening an email with an attachment. Even a friend may accidentally send an email with a virus.
A fraudulent (also known as spoofing, imposter, or phishing) e-mail involves the mass distribution of spoofed email messages with return addresses, links, and branding which falsely appear to come from a particular organization. These fraudulent messages are designed to fool the recipients into divulging sensitive personal data. Because these emails look official, on average 5% of recipients respond to them. This results in financial losses, identity theft, and other fraudulent activity. It’s often hard to detect a fraudulent email because the visible email address of the sender seems genuine (such as firstname.lastname@example.org), as do the design and graphics. But there are signs to be aware of.
For example, fraudulent emails often try to extract personal information:
- By luring you into providing it on the spot (e.g., by replying to the email).
- By including links to a ‘phishing’ website that tries to get you to disclose personal data.
- By threatening to close or disable your account if you don’t provide the requested information.
- By announcing that someone wants to send you money and needs your bank account information to complete the transaction.
- By asking you to re-activate or verify your account information because of recent security upgrades or software enhancements.
- By name impersonation. Be sure the name referenced in the email is the exact name of the business or person you believe it to be from. Oftentimes fraudsters will use a name that’s close, but not exactly right.
A new form of phishing, known as Facebook phishing has materialized. In this scam, prompted by a Facebook message sent from a friend’s account, users are sent to websites constructed to mirror Facebook’s log-in page. They then enter an email address and password. It perpetuates the scam by hacking into users’ accounts and re-sending the link to their friends in a message simply labeled “Hello” that contains the link. This allows the hacker access to the Facebook user’s friend list. Users should never click an unidentified link and should be vigilant about checking the web address in the browser window. CNB will never message its fans with just a “Hello” in the subject line, nor will we ever ask for private information, such as a username or password through instant message or by email.
Fraudulent email messages from sources claiming to be either CNB or something with the Citizens name in the title have been reported, as well as fraudulent emails claiming to be from the FDIC. These messages have not compromised our systems or accounts. These incidents are taken seriously and law enforcement agencies do investigate them.
If you ever receive a suspicious email claiming to be from CNB, please notify your local CNB office right away.
Citizens National Bank will never send you an email asking for personal information such as passwords, social security number, credit card numbers, or other sensitive information.
Leave suspicious sites. If you suspect that a website is not what it claims to be, leave the site immediately.
- Do not follow any of the instructions it presents.
- Do not send sensitive personal or financial information unless it is encrypted on a secure website.
- Regular emails are not encrypted and are more like sending a postcard through the mail – anyone can see it.
- Look for the padlock symbol on the bottom bar of the browser to ensure that the site is running in secure mode BEFORE you enter sensitive information. When you click on our secure contact form, you will see the secure padlock at the bottom of the browser window.
- Be aware! Phony look-alike websites are designed to trick consumers and collect their personal information.
- Make sure that websites on which you transact business post privacy and security statements, and review them carefully.
- Take note of the header address on the website. Most legitimate sites will have a relatively short internet address that usually depicts the business name followed by .com, or possibly .org. Spoof sites are more likely to have an excessively long string of characters in the header, with the legitimate business name somewhere in the string, or possibly not at all.
- Do business only with companies you know and trust.
Suspicious about the identity of a website page:
- Right-click on any open space on the page. (not a link, graphic, or text)
- Choose Properties from the pop-up menu.
- You’ll see a box with the real address displayed.
- Imposter websites will likely have a long address and may contain cnbohio.
- To ensure you are visiting an authentic CNB site the beginning of the address should always appear like this http://www.cnbohio.com.
- In certain cases, there may be additional file info following the http://www.cnbohio.com such as https://www.cnbohio.com/contact_us.
- This is still a legitimate CNB website page because the cnbohio immediately follows the http://www.
Never trust that the link address you “see” is the link you’ll be connected to if you click on it. For example, you might expect that the link below will connect you to the FDIC website. However, when you click on it you will see that what is displayed in the main message body is not what is programmed into the message code. If you click the example link below you will see that it is scripted to open a website for the American Cancer Society.
In a real phishing situation, you might see http://www.FDIC.gov in your message body, but it would link you to a hoax website where you would be asked to divulge personal information. To avoid clicking on a suspicious link, hold your cursor over the link and see what is displayed at the bottom of your browser window.