Security
Preventing fraud is a priority. That’s why Concordia Bank & Trust Co. is committed to ensuring the security of our customers.
Become educated about fraud and security by reading the valuable information below:
Lost or Stolen VISA Debit Card
If you card has been lost or stolen, please contact your local Concordia Bank & Trust Branch location immediately.
If after hours, you may contact your local Concordia Bank branch location and follow the instructions provided by our recorded message.
Conducting Your Transactions Online – Helpful Tips
Federal financial regulators are reporting that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers.
In order to help ensure the security of your online transactions, we want you to know that:
- We will never email, call or otherwise ask you for your user name, password or other electronic banking credentials
- You can help protect yourself by implementing alternative risk control processes like:
- Making sure you choose an adequate user name and password that, at a minimum, mixes in small case letters, upper case letters and numbers
- Periodically changing your password (e.g. at least every 90 days)
- Safeguarding your username and password information
- Making sure you have a firewall in place when conducting your financial transactions
- Logging off the system when you’re done conducting business (don’t just close the page or “X” out of the system)
- Monitoring your account activity on a regular basis
- Updating your computer operating system on a regular basis
- Installing an anti-virus and anti-spyware software and maintaining updates
In addition, we may require owners of commercial accounts to perform their own risk assessments and controls evaluations. For example:
- Make a list of the risks related to online transactions that your business faces including:
- Passwords being written down and left out in the open
- The use of old or inadequate passwords
- The possibility of internal fraud or theft
- Delays in terminating the rights of former employees
- The lack of dual control or other checks and balances over individual access to online transaction capabilities
- An evaluation of controls your business uses may include:
- Using password protected software to house passwords
- Conducting employee background checks
- Initiating a policy and process to terminate access for former employees
- Segregating duties among two or more people so no one person has too much access or control
- Conducting internal or third party audits of controls
- Using firewalls to protect from outside intrusion or hackers
Potential warning signs your computer has possibly been compromised are:
- Decrease in access speed of the operating system or internet connection
- Suspicious hard drive activity
- Unexpected popup windows
- Computer system or Software programs crash on a constant basis
- Unusual messages or programs that start automatically
- Your email account is sending out spam messages
Federal regulations provide customers with some protections for electronic fund transfers. These regulations generally apply to accounts with Internet access. For example, these federal laws establish limits on a consumer’s liability for unauthorized electronic fund transfers. They also provide specific steps you need to take to help resolve an error with your account. Note, however, that in order to take advantage of these protections, you must act in a timely manner. Make sure you notify us immediately if you believe your access information has been stolen or compromised. Also, review your account activity and periodic statement and promptly report any errors or unauthorized transactions. See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these types of procedures.
SMALL BUSINESS TIPS
1. Train employees in security principles
Establish basic security practices to protect sensitive business information and communicate them to all employees on a regular basis. Establish rules of behavior describing how to handle and protect customer information and other vital data. Clearly spell out the penalties for violating business policies.
2. Protect information, computers and networks from viruses, spyware and other malicious code
Install, use and regularly update antivirus software on every computer used in your business. Such software is readily available online from a variety of vendors. Most software packages now offer subscriptions to “security service” applications, which provide additional layers of protection. Set the antivirus software to automatically check for updates at a scheduled time of low computer usage, such as at night (midnight, for example), and then set the software to do a scan after the software update.
3. Provide firewall security for your Internet connection
A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Install and maintain firewalls between your internal network and the Internet. If employees work from home, ensure that their home systems are protected by firewalls. Install firewalls on all computers – including laptops – used in conducting your business.
4. Download and install software updates for your operating systems and applications as they become available
All operating system vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install such updates automatically.
5. Make backup copies of important business data and information
Regularly backup the data on every computer used in your business. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files and accounts receivable/payable files. Backup data automatically, if possible, or at least weekly.
6. Control physical access to your computers and network components
Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft, so make sure they are stored and locked when unattended.
7. Secure your Wi-Fi networks
If you have a Wi-Fi network for your workplace, make sure it is secure and hidden. To hide your Wi-Fi network, set-up your wireless access point or router so it does not broadcast the network name, also known as the Service Set Identifier (SSID).
In addition, make sure to turn on the encryption so that passwords are required for access. Lastly, it is critical to change the administrative password that was on the device when it was purchased.
8. Require individual user accounts for each employee
Setup a separate account for each individual and require that strong passwords be used for each account. Administrative privileges should only be given to trusted IT staff and key personnel.
9. Limit employee access to data and information, and limit authority to install software
Do not provide any one employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install any software without permission.
10. Regularly change passwords
Passwords that stay the same will, over time, be shared and become common knowledge to coworkers and can be easily hacked. Passwords should be changed at least every three months.
If you become aware of suspicious activity, you should immediately contact the authorities and contact us:
Concordia Bank & Trust Co., 904 Carter Street / PO Box 518, Vidalia, LA 71373, (318) 336-5258.
The FCC’s Cybersecurity Hub at www.fcc.gov/cyberforsmallbiz has more information, including links to free and low-cost security tools.
For more information about identity theft and other tips on how to protect yourself and your information please visit the following websites (by clicking on the links below you will be leaving Concordia Bank & Trust Co.’s secure website):
Federal Trade Commission: www.ftc.gov/bcp/edu/microsites/idtheft
United States Department of Justice: www.usdoj.gov/criminal/fraud
Equifax, P O Box 105069, Atlanta, GA 30349-5069 www.equifax.com
Experian, P O Box 2002, Allen, TX 75013-0949 www.experian.com
Trans Union, P O Box 1000, Chester, PA 19022 www.transunion.com
ADDITIONAL RESOURCES
The following links are provided solely as a convenience to our Business/Commercial Online Banking clients. Concordia Bank & Trust Co. neither endorses nor guarantees in any way the organizations, services, or advice associated with these links. Concordia Bank& Trust Co. is not responsible for the accuracy of the content found on these sites.
- Federal Trade Commission https://www.ftc.gov/tips-advice
- OnGuard Online: https://www.consumer.ftc.gov/features/feature-0038-onguardonline
- National Institute of Standards and Technology (NIST) http://csrc.nist.gov/
- The Better Business Bureau’s website on Data Security Made Simpler: http://www.bbb.org/data-security
- The Federal Trade Commission’s (FTC) interactive business guide for protecting data: http://www.ftc.gov/bcp/edu/multimedia/interactive/infosecurity/index.html
- The National Institute of Standards and Technology’s (NIST) Fundamentals of Information Security for Small Businesses: http://csrc.nist.gov/publications/nistir/ir7621/nistir-7621.pdf
- The jointly issued “Fraud Advisory for Businesses: Corporate Account Takeover” from the U.S. Secret Service, FBI, IC3, and FS-ISAC available on the IC3 website (http://www.ic3.gov/media/2010/CorporateAccountTakeOver.pdf
- NACHA – The Electronic Payments Association’s website has numerous articles regarding Corporate Account Takeover for both financial institutions and banking customers: http://www.nacha.org/c/Corporate_Account_Takeover_Resource_Center.cfm
- The FCC’s Cybersecurity Hub www.fcc.gov/cyberforsmallbiz has more information, including links to free and low-cost security tools.
CONSUMER CONTACTS
Bureau of Consumer Protection
https://www.ftc.gov/contact
Department of Justice
Fraud Information Center
http://www.usdoj.gov/criminal/fraud
Econsumer.gov
E-commerce Complaint Center
http://www.econsumer.gov
FCC
Federal Communications Commission
Consumer Affairs Bureau
http://www.fcc.gov/cgb/
FDIC
Federal Deposit Insurance Corporation
Consumer Resources
http://www.fdic.gov/consumers/consumer/index.html
Federal Citizen Information Site
Consumer Action Site
http://www.consumeraction.gov/
Federal Government Consumer Site
http://www.firstgov.gov/Citizen/Topics/Consumer_Safety.shtml
Federal Reserve Board
http://www.federalreserve.gov/consumers.htm
FMS
Financial Management Service
U.S. Treasury
https://www.fiscal.treasury.gov/
FTC
Federal Trade Commission
Identity Theft Center
https://www.consumer.gov/scams
IRS
Internal Revenue Service
Consumer Information
http://www.irs.gov/individuals/index.html
Internet Fraud Complaint Center
https://www.consumer.gov/content/take-action?
National Do Not Call Registry
https://www.donotcall.gov/
OCC
Office of the Comptroller of the Currency
Public Information Resources
http://www.occ.treas.gov/pubinf.htm
OTS
Office of Thrift Supervision
Consumer Center
https://www.helpwithmybank.gov/
States Attorneys General
http://www.naag.org/ag/full_ag_table.php
State Banking Authorities
http://www.consumeraction.gov/banking.shtml
State Consumer Protection Offices
http://consumeraction.gov/state.shtml
U.S. Treasury Department
Personal Finance
https://www.treasury.gov/resource-center/faqs/Personal-Finance/Pages/default.aspx
USA PATRIOT ACT
As part of the Bank’s overall compliance with Bank Secrecy Act, Section 326 of the USA Patriot Act of 2001 requires prescribed regulations setting forth minimum standards for financial institutions that relate to the identification and verification of any person who applies to open an account. Those regulations require financial institutions to come into compliance that provided for adoption and implementation of a Customer Identification Program.
The Objective of the USA Patriot Act of 2001 is to have a clear and concise understanding of all bank customer practices in order to avoid criminal exposure to the bank by any customer who may use the bank’s resources for illicit purposes. Also, the objective is to attempt to ensure the immediate detection and identification of customers and any suspicious activity at the institution. Customers established prior to October 1, 2003, will not require additional identification as the bank has a reasonable belief that it knows its existing customers. However, it is imperative that the bank keep the most current records available on these existing customers. New customers will be notified by signage visibly posted in the lobby of the bank, prior to opening an account, that additional information will be required.
The notice is as follows:
IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING A NEW ACCOUNT
To help our government fight the funding of terrorism and money laundering activities, Federal Law requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account.
What this means for you: When you open a depository account, apply for a loan, open a trust relationship or open a safe deposit box, we will ask for your name, date of birth, and other information that will allow us to identify you. We may also ask to see your driver’s license or other identifying information. Concordia Bank and Trust Company will retain a copy of any document we rely on to verify your identity. Thank you for your cooperation in helping us comply with these identity requirements.
To learn more about online security, please call us at 1.318.336.5258 or visit one of or seven convenient locations.