Read full story for latest details.
MutualBank Secure Login
MutualBank Online Banking
If you’re like most Americans, you probably access the internet most of the time from your home’s wireless network. While this is a nice convenience, having a router (the device that sends out the wi-fi connection signal) opens up some security vulnerabilities that you need to proactively protect against.
Whether your internet service provider gives you a router to use or if you have your own, from time to time there can be different types of router-based vulnerabilities that emerge, potentially putting your browsing privacy and information at risk.
A New Router Vulnerability: The Misfortune Cookie
A new vulnerability has been discovered that affects a least 12 million home or small office routers called the Misfortune Cookie (CVE-2014-9222). This vulnerability can be exploited to give an intruder remote access to a home router and can be used to attack different devices that are connected to that router.
If the attacker can exploit this Misfortune Cookie Vulnerability on your router, the attacker will now be in the middle between you and the internet. The attacker could see all information flowing in and out of that router. This could enable them to capture usernames/passwords, sensitive banking information, and many other types of highly sensitive information flowing though the router.
What can you do about it?
1. Check to see if your router model is on the vulnerability list:
2. Check with the maker of your router to see if they’ve released an update that fixes the Misfortune Cookie Vulnerability.
3. Enable a firewall
A firewall is a software program or piece of hardware that helps screen out hackers, viruses that try to reach your computer over the Internet. Most operating systems that come with a PC or an Apple computer have firewall capabilities. Learn more here (http://www.microsoft.com/security/pc-security/firewalls-whatis.aspx)
4. Make sure there is an “https://” at the beginning of your browser’s address bar when visiting a site.
This simply indicates that the site you are browsing has extra security protocols in place to protect your information shared on the site. This is especially important on sites where provide sensitive information (like your financial institution’s website or an online store).
5. Update all of your software regularly and use an antivirus program
Software programs also have potential to create security risks if they are not updated on a regular basis. Whenever there is an update for software you have, it’s always a best practice to install the update. The same goes for your antivirus software. Always make sure it’s up to date and running on your machine / device.
Many of us are constantly connected to the online world these days. This means that the potential is there for our computers and personal information to be compromised which greatly increases the risk of ID theft and financial fraud to occur. However, by taking some basic precautions you can significantly reduce the risk of your computing environment being compromised. Following these simple guidelines should help your computing environment become more secure:
Keep your computers and network equipment secured with the latest software updates and enable automatic updates whenever possible. This includes updates to third party applications such as Java and Adobe Products.
In the event your machine is lost or stolen, drive encryption can prevent others from accessing the data on your hard drive. The purpose is to encrypt or scramble your data on your machine so that it can only be read with your encryption key.Many operating systems offer drive encryption. Microsoft offers Bitlocker and Apple has FileVault. There are also other third party encryption offerings.
Think of the firewall to your computer as the fence around your property. If there were multiple holes cut in the fence, it wouldn’t be very useful at keeping people out. Firewalls are typically enabled by default on Windows machines, but double check to make sure it’s on. Here are instructions to do so if you are using Windows 7. Only allow necessary applications inbound access through your firewall. The same principles apply to your network firewall.
Set an auto-locking screensaver so your account gets locked out after a few minutes. This is useful if you forget to lock your machine when are away from it. On Windows machines this can usually be done by pressing the “Windows Key” and the “L” button simultaneously.
The longer and more complex the password, the better. At least 16 characters with a combination of upper and lowecase letters, numbers, and special characters is a best practice.
Use the strongest wireless security available (currently WPA2-CCMP) with a long and complex password for your wireless network. Disable WPS on your wireless router for greater security.
Think that some secure banking information
of yours has been compromised?
If you suspect that your personal financial information has been compromised, call MutualBank Customer Support at 800-382-8031.
Whether you own a small business or use your home computer for financial activities, you need to be aware of Email Phishing which can ultimately lead to identity theft and corruption of your small business and home computers.
What is Email Phishing?
Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. – United States Computer Emergency Readiness Team (US-CERT)
Common forms of Email Phishing
Phishing emails are becoming very personalized posing as your cable company, utilities, credit cards, mobile phone carrier, banks, and many more entities that you do business with on a regular basis. The most common threat of Email Phishing right now is malware. If you click on a link inside of an email that was intended for phishing; your computer can become infected with malware. The malware will attempt to steal your personal information, usernames and passwords to systems such as online banking.
Trigger events that can lead to Email Phishing
Here are some trigger events that fraudsters may try to leverage with Phishing Emails.
Here are some steps to take in order to protect you against Phishing.
More information about Email Phishing and Cybersecurity
Here are some good web sites to obtain more information about email phishing.
Information about anti-malware programs
MutualBank does not endorse the products listed below and are provided as examples of free anti-virus/malware detection and removal tools.
Remember, you can call us anytime. Let us know if you have questions or concerns for your bank accounts. Call 800-382-8031or email email@example.com.
Social media is great! We love to post our pictures, chat with friends and connect with companies and people with which we may have lost touch. However, we need to make sure that what we put on social media doesn't affect our security.
I'm sure you're asking me, "how could this happen?" Let me give you a hypothetical example.
Mary Jones has accounts at her local bank. She loves her online banking and bill pay for its convenience. Mary is a busy mother who doesn't have time to write checks and send in payments. Her local bank, who is very security minded, makes Mary set up security questions on her account so they can verify if Mary is the one accessing her account. Mary is very busy so she just does the normal security questions, mother's maiden name, etc. She doesn't want to, nor has time to think about it too much. Mary also loves social media and puts pictures of her family and pets on social media.
One day Mary goes online to check her balance and realizes money is missing. What happened? Did she leave her debit card somewhere? No, it's still in her purse! What happened?
What happened is that Mary chose easy passwords and security questions/answers. A cyber thief figured out Mary's password was her dog's name. And when Mary changed her passwords as her bank advised, the thief was able to get the new one because he knew the security questions. How did he get them, you ask? Her social media account! Remember, she posted pictures of her dog and of her mother, tagging her in the photos, which shows her mother's maiden name!
So what do you do? Get rid of your computer? Live like a hermit? No, I'm not suggesting anything that drastic. Here are a few tips:
Everyone loves social media. It truly is a great tool for connecting with others. But, with just a little work, you can make it safer and help protect against fraud.
Yes, it’s the familiar question many of us get in today’s world of technology…‘Have you changed your password lately?’ Recognizing that it can be challenging to change passwords often it is however something that is necessary to help prevent financial fraud.
MutualBank is taking steps to help you protect your financial records accessible online. In October of 2012 MutualBank Online Banking customers will be required to change their Online Banking passwords every 180 days.
Please consider changing your password now in order to get used to this new process. As you change your password we ask that you follow the guidelines listed below in crafting your new password.
Online Banking Password Requirements
If you need further assistance with changing your password please
call us at 800-382-8031.
When you shop online do you know where you’re shopping? According to the National Consumers League, online shopping is #3 for overall scams and #1 for Internet scams. That would imply that online shopping is a very risky activity. However, there are ways you can still shop online in a safe manner.
Following these guidelines can make your online shopping more secure:
Remember that you are the best defense against online shopping fraud! If you suspect that you have been scammed please call the MutualBank customer support at 800-382-8031.
Also please report any online fraud to Internet Crime Complaint Center.
My age is on my mind. I’m 50, my favorite (& only) hubby just turned 50. I need to simplify my life. I need ‘easy,’ so I can spend more time doing the things I need and I want to do, like:
When it comes to my finances, the benefits of having multiple relationships with my bank are many – everything is in one place; I don’t have to work to remember which loan is where; which financial institution my checking, savings, CDs are – and ditto for my family. After all, my 50-year old brain is getting full, and I do have ‘senior moments’ on occasion.
I admit I have had multiple relationships with other financial institutions. Why? Mostly, my laziness in moving accounts when I built my current banking relationship and just letting them “be” when I knew it was just making my life more complicated. I got numerous paper bank statements – mine, my husband’s, my daughter’s. Translation – more paper for me to file, keep track of, give to my accountant, shred, or heaven forbid, lose….
Having one bank is oh, so much easier. I’m a convert to electronic banking and all that entails – bill pay, e-statements, automatic deposits. And if you’re worried about security, yes (my age-level friends) – it is safe. With FDIC insurance on deposits and multiple electronic safeguards in place to keep my information safe, I’m comfortable – albeit it was not initially easy to convince me. I have had, knock on wood, no instances of fraud or theft since moving to electronic.
Now, I have password protected access to my internet banking, from anywhere, including my cell phone – where I can see on one page – my checking account balance & transactions; my savings account; CD; mortgage, and personal loan. I know, at any point in time, my total balances in each of those. I get most bills electronically (remember – less mail to sort through = more time for ME), and can set up a payment for future dates. My life is incrementally simpler, in many ways thanks to my bank.Come on, fellow 50-year olds – I know we are on the cusp of liking the old ways – paper checks, snail mail, filing, and more filing. But, wouldn’t you like more time for yourself?
What is social engineering?
CSO Magazine defines Social Engineering:
“Social engineering is essentially the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques. For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an information technology (IT) support person, trying to trick the employee into divulging his password.”
– CSO November 2011
Social Engineering can take on many forms and fraudsters can be very successful using this method since it is very low tech and costs very little (if any) money to do. When it comes to banking online, it's even more important to understand the risks and how to keep your information safe and secure.
Here are some common methods of social engineering:
Protect yourself from social engineering:
At MutualBank, we strive to keep you educated of new scams or frauds. For more information about protecting yourself visit our Alerts and Security information.
Visit our Alerts anytime at bankwithmutual.com and click on "Alerts and Security".
MutualBank customers can always call 800-382-8031 to report any instances of fraud or suspicious calls. Together we're working with you to keep your information safe.
I’m 50 now. Shhh – don’t tell anyone. My brain still hasn’t caught up with my physical age in many ways, and I kind of hope it doesn’t. I’m actually working on just the opposite – getting my physicality in a little better shape, and a little ‘younger.’ It’s a long-term commitment, for sure.
My brain does act 50 sometimes though – when it comes to being technology-savvy, I’m a little slow to get on board. It took a lot of poking and prodding to get me on Facebook. I’ve been on it for a few years, and I have to face facts – my technology-driven friends were ‘right on.’ I’ve reconnected & learned more about friends -from my current pals all the way back to elementary school chums. Facebook is as intimidating as I let it be. I’ve learned to manage the urge to be on it incessantly. I’ve become closer with some of my friends as a result, and I know some acquaintances better than before.
I have a Smartphone, read books and magazines on my Kindle, am on LinkedIn (the professional social network, so they say), and I do most of my banking via the internet. I get my bank statements via email, and I have to stop sometimes as I flip through my mail at home – and ask myself why haven’t I signed up for almost everything to come electronically? So much paper is wasted….
Truth is, I’m not quite as tech-savvy as I could be, but I’m solidly above the bottom of the matrix. Maybe I’m in the ‘first quartile’ of tech-savvy? I don’t tweet, use Foursquare or Hootsuite, and frankly, don’t even know what a couple of those are. But I’m trying. Are you?
The New Year gives us the little nudge we need sometimes to try something new. Maybe you’ve been thinking about trying online banking or online bill pay. Maybe you’d like to use mobile banking, but you’re just not sure. Do it. Take that leap and try something new this year. Who knows, maybe you’ll be like this 50 year old and find that technology can be good.