Heartbleed Open SSL Vulnerability
As you know, the media has reported a serious flaw referred to as Heartbleed which was recently discovered on computers that utilize OpenSSL. This technology is used to secure communication sessions between your web browser and secure websites. First International Bank & Trust has reviewed online banking access and our other systems which utilize this technology and have identified that none of them are currently vulnerable to this flaw.
You may be asking why is this important to me? This is important to everyone, not just Bank customers as this flaw could lead to the compromise of passwords which you use to access many popular sites. If an individual uses the same password and login ID on many websites on the Internet, this means that a weakness in one site could lead to unauthorized access on another webiste. Changing your password is the solution. Please refer to the Login ID and Password section below for password change best practices.
Be alert to common internet scams.
Phishing is an internet scam that involves an email which appears to be from a legitimate company, bank, or government agency. The emails typically warn of a potential problem with your account and request that you follow a link and provide personal or account information to update your information. You should NEVER reply to these emails, open any attachments, or follow any of the links provided.
Pharming is a type of fraud that involves redirection from a legitimate site to a site that appears to be legitimate but has been created by fraudsters in an attempt to gain your personal or account information. Always be sure to access our internet banking by typing in the URL, https://www.firstintlbank.com/ into your browser.
Email has become a quick and easy way in which to communicate with others, however, email is NOT SECURE. Never include personal or account information in an email as it can be intercepted and read by anyone having access to the servers on which it resides. Emails are like sending a postcard through the US Mail system.
First International Bank & Trust will never ask you to provide any personal or account information via email. Remember, the bank has your account information so there would never be a need to request it from you or ask you to update it.
First International Bank & Trust uses a SendSecure option through a password protected environment if email communication must include confidential information be sent to you.
Login ID and Password
Your login ID and password for your online banking should be protected just as you protect other personal confidential information.
- Do not write down your login ID or password or share them with anyone.
- Do not use the same password for your online banking that you use for other websites.
- Make the password at least 8 characters long. The longer the better. Longer passwords are harder to crack.
- Use a complex password that is not easily guessed. Create passwords that are easy to remember but hard for others to guess. When possible, use a phrase such as "I started 10th grade at Joes School in 2010" and use the initial of each word like this: "Is10gaJSi2010".
- Include numbers, capital letters and symbols. Special characters can be used in place of letters. For example use a $ instead of an S.
- Don't use dictionary words. If it's in the dictionary, there is a chance someone will guess it. There is software that criminals use that can guess words used in dictionaries. Also don't use names of friends, family members, and pets as they are frequently referrenced and visible via social media sites and easily guessed.
- Do not share your password with anyone.
- Change your password on a regular basis.
- Our Online Banking system automatically prompts you to change it every 6 months. You may change it more often by clicking on the "Options" button once logged into the site.
- Consider a password for your phone too. Many phones can be locked so the only way to use them is to type in a code, typically a string of numbers.
- Be certain you are only entering your login credentials on our website, http://www.firstintlbank.com/.
It is important to use and maintain up to date anti-virus software and install updates as they become available for your operating system. Ensure you also regularly patch Java and Adobe produts. These items are frequently updated because of vulnerabilities that have been found to exist within the software.
In addition to being protected by using up-to-date anti-virus software, you should also regularly use software to remove any potential spyware from your computer. In some circumstances, this can compromise your PC security. Current anti-virus software does not catch 100% of every virus.
Use a firewall. This can protect against potential hackers and prevent access to questionable connections.
Password protect your wireless internet connection. Be vigilant if you use public wireless internet access as hackers and identity thieves have the ability to monitor these types of unsecured networks.
When undertaking any banking on the internet, check that the session is secure. There are two indicators that will tell you if the session is secure. One is the presence of https:// in the URL. The other is the presence of a digital certificate represented by a padlock or key in the bottom right hand corner or to the right of the URL text box at the top of the screen. If you double click on this icon it should provide you with information about the organization with which you have entered into a secured session.