- Online Banking
- Personal Banking
- Business Banking
- Investments & Trust
- About Us
If you’re like most Americans, you probably access the internet most of the time from your home’s wireless network. While this is a nice convenience, having a router (the device that sends out the wi-fi connection signal) opens up some security vulnerabilities that you need to proactively protect against.
Whether your internet service provider gives you a router to use or if you have your own, from time to time there can be different types of router-based vulnerabilities that emerge, potentially putting your browsing privacy and information at risk.
A New Router Vulnerability: The Misfortune Cookie
A new vulnerability has been discovered that affects a least 12 million home or small office routers called the Misfortune Cookie (CVE-2014-9222). This vulnerability can be exploited to give an intruder remote access to a home router and can be used to attack different devices that are connected to that router.
If the attacker can exploit this Misfortune Cookie Vulnerability on your router, the attacker will now be in the middle between you and the internet. The attacker could see all information flowing in and out of that router. This could enable them to capture usernames/passwords, sensitive banking information, and many other types of highly sensitive information flowing though the router.
What can you do about it?
1. Check to see if your router model is on the vulnerability list:
2. Check with the maker of your router to see if they’ve released an update that fixes the Misfortune Cookie Vulnerability.
3. Enable a firewall
A firewall is a software program or piece of hardware that helps screen out hackers, viruses that try to reach your computer over the Internet. Most operating systems that come with a PC or an Apple computer have firewall capabilities. Learn more here (http://www.microsoft.com/security/pc-security/firewalls-whatis.aspx)
4. Make sure there is an “https://” at the beginning of your browser’s address bar when visiting a site.
This simply indicates that the site you are browsing has extra security protocols in place to protect your information shared on the site. This is especially important on sites where provide sensitive information (like your financial institution’s website or an online store).
5. Update all of your software regularly and use an antivirus program
Software programs also have potential to create security risks if they are not updated on a regular basis. Whenever there is an update for software you have, it’s always a best practice to install the update. The same goes for your antivirus software. Always make sure it’s up to date and running on your machine / device.
When the New Year rolls around, we often focus our time and energy on resolutions relating to health and fitness. While these are worthy goals, taking a look at your financial habits is also something you should consider and could result in big payoffs.
Better yet, setting and reaching financial resolutions may be easier to stick with. According to a recent study, 42% find it easier to pay down debt and save more for retirement than, say, lose weight or give up smoking. Among those who made a financial resolution last year, 29% reached their goal and 73% got at least half way there. Only 12% of resolutions having to do with things like fitness and health do not end in failure, other research shows.
So make 2015 the year where you simplify your finances and develop healthier financial habits. Here’s 6 quick ways you can do so:
1. Enroll for direct deposit & remote deposit
If your employer offers direct deposit, be sure to take advantage of it. It eliminates unneeded trips to the bank and keeps your money working longer for you. Additionally, be sure to take advantage of a newer convenience, remote deposit, that allows you to deposit checks via simply taking a picture of it on your smartphone or tablet! Our mobile app offers that capability for you.
2. Establish an automatic savings plan
The odds are if you have money accessible and ready to spend, you will end up spending it. One way around this is to set up automatic saving from each paycheck. Regular, automatic transfers to a savings account will add up and will reduce the temptation to spend money on things you may not need.
3. Pay bills electronically
Eliminate the tedious task of writing checks and mailing them by utilizing electronic bill pay online! This is a great feature that financial institutions offer (including MutualBank) that allows you to designate payees, amounts to be paid, and dates payments need to be sent. With a few clicks, your bill payments will be sent in the mail, saving you the time of physically mailing a check yourself!
4. Consolidate your financial relationships
Dealing with one financial partner that has a complete view of your financial picture makes everything easier and comes with lots of benefits. And in our case, a unique benefit that we offer is loyalty pricing for current customers on select direct loans.
5. Build a savings safety cushion
Having savings for unexpected expenses or life transitions like career switches can reduce a lot of stress and uncertainty about the future. Start to develop a financial cushion in 2015 for your peace of mind!
6. Review your investments
If you’re considering investing or have been for some time, it’s a good idea to meet with a financial adviser to review your strategy and investigate ways to better meet your financial goals. Be sure to consider MutualFinancial if you haven't already!
Purchasing holiday gifts online curled up under a blanket and sipping hot chocolate sure beats braving the elements and shopping crowds sometimes.
But with the added convenience of online shopping comes some increased risk of valuable information being stolen, such as credit card numbers or your account log in information for online retailers.
With the holiday season and Cyber Monday upon us, here are 5 easy tips to keep in mind when making any online purchase:
1. Make sure the device you are using is secure.
Use an antivirus program that is set to automatically update. It is also a best practice to install all the latest updates of your operating system as well as updates to all programs you have installed. Apple, Microsoft, and other software providers regularly release updates to protect against all types of security risks.
2. Make sure the wireless network you’re on is secure.
Many public wireless networks offered by businesses, while convenient, are not always the most secure. When making a purchase online, make sure the network you are on is using some sort of security measure that requires you to enter a password to connect. The latest and most secure wireless network encryption is WPA2-CCMP. If the network is not secured, it’s best to purchase online from a secured network.
3. Make sure the retailer’s website is secure.
When shopping online, always look in the address bar for https:// at the beginning of a web address. The “s” used in “https” signifies an encrypted connection from your computer to the company’s webserver. This is used to pass sensitive data between the two devices and prevents criminals from snooping the contents of the information sent (credit card number, SSN, etc.).
4. Use strong and unique passwords.
If you’re like the majority of individuals, you probably have 2-3 passwords that you use for all of your online accounts. While these are easy to remember, this isn’t a best practice. If someone discovers your password(s), they now have access to many of your important accounts. We instead recommend using unique and strong passwords for all your online retailer accounts. Strong passwords generally contain a combination of upper and lower case letters, numbers, and special characters (!, #, *, etc.).
5. Watch for phishing emails.
During the holiday season, the amount of phishing emails sent out increases as many criminals seek to falsely represent retailers. If an email looks suspicious or asks for your account information, do not open it or click on any links inside of it. Additionally, the majority of retailers will never include attachments in their emails but phishing emails sometimes do so don’t open any suspicious attachments.
Stay warm and stay safe this holiday season!
In light of the fun fact countdown we have been posting for our 125th Anniversary, our Information Security Department has put together a list of interesting facts about computer security. While they aren't "fun", they should give you an idea of how important it is to take proactive steps to protect you and your data!
- SQL Injection
- Cross-Site Scripting
- Use of Default Passwords
- Configuration Issues
- Weak Encryption Ciphers
- 78.92% are Trojans
- 10.78% are worms
- 7.44% are viruses
- 2.69% are adware
- 0.17% are other malware
Do you remember that scene from The Office (the American version), where Michael Scott discusses conflict resolution methods and introduces the “Win-Win-Win” method? Here’s a refresher in case you need a laugh: http://www.youtube.com/watch?v=BBO1_XBrbzQ
Jokes aside, a win-win-win is the way we view our internship opportunities. It’s a win of course for the students who get valuable real-world work experience and build professional relationships. It’s a win for MutualBank, as we gain access to bright, young talent that adds value to a variety of our departments. And finally, it’s a win for the college/university these students attend as internship opportunities provide a hands-on education not possible from the typical classroom.
In the summer of 2014, that university is Ball State University. MutualBank has been privileged to enjoy a long-standing relationship with Ball State and its internship program. We’re thrilled that the opportunities we provide align with Ball State’s immersive learning initiative and to have an active, yearly role in it.
This summer MutualBank has been pleased to welcome Alex Gorman, Nick Miles, Nick Plavchak, and Jake Sciaudone as interns. Below is a short description of each's job duties and quotes from their managers.
We very much appreciate all the hard work of our 2014 summer interns! We hope the experience has proved valuable and is a springboard to their continued growth and success. We have a hunch it will be!
Android-based phones currently account for 79% of the smartphone marketplace (http://www.engadget.com/2014/01/29/strategy-analytics-2013-smartphone-share/). With that said, we wanted to share a few tips to keep your Android phone and its data secure. Just like a typical desktop computer or laptop, it’s smart to take active steps to improve its security and limit access to your important information if it’s hacked, lost, or stolen.
Lock your phone after a few minutes of inactivity
Using the screen lock feature on your phone is the first line of defense from a physical attack on your phone. If your phone gets lost or stolen, the screen lock is there to slow down or stop an attacker from getting access to your data. Typical lock choices are:
Use device encryption
Do you remember those magic eye images - you know the ones you stare at trying to decipher what the image is behind the random and undecipherable pattern? Think of the process of data encryption similar to those images – except that after data encryption, you’re the only one who can “see” the actual image beneath the surface. It essentially makes your data only readable by you. If your phone supports it, it’s a good idea to encrypt your phone’s operating system and storage to prevent unauthorized access of your data in the event your phone is lost or stolen. Remember to encrypt the external storage card also.
Do not jailbreak your device
When you “jailbreak” or “root” your Android device, it means you are bypassing important security controls to gain full access to your phone’s operating system. Rooting your phone often voids your warranty and can create additional security risks.
Just like your personal computer, your smartphone is susceptible to virus, malware, and spyware attacks. Antivirus products are not fool proof, but most have features that can snap photos of an attacker trying to break the screen lock, automatically scan your phone to find infections and delete them, locate your phone if lost, and much more. Antivirus software can be downloaded in the Google Play store. Here are a few top rated antivirus products for an Android smartphone. Remember to enable automatic updates for your antivirus product.
Keeping your phone up-to-date
Keeping your apps and Android operating system up-to-date is essential to patch various vulnerabilities. Enable automatic updates for all apps and operating system updates to stay current.
Be cautious of connecting to open networks
Public and other unsecured networks can be a dangerous place to connect your phone. A cellular data connection is far more secure than an open Wi-Fi network.
Do not click on suspicious links and attachments
Just like your computer, hacking/phishing attempts can be written to effect phones as well. Only open web links and attachments from trusted sources to reduce your risk of compromise.
Turn off unused features
Bluetooth and NFC (near field communications) are good examples because they can dramatically increase your risk of unauthorized users in your physical vicinity gaining access to your data. Turn features off when not in use.
While no one tip listed above will keep your Android phone completely secure in itself, acting on all of them will give you the best chance to protect your phone and data when you need it the most (hacking attempts or a lost/stolen phone). Let us know in the comments below if you have any questions/comments about utilizing these tips!
You may have heard recently about a major security vulnerability that was found in the Internet Explorer browser, specifically for those using it on the Windows XP operating system. This issue has since been addressed by Microsoft, but we thought we would provide you a more detailed understanding of what a vulnerability is and share some tips to protect your computer against them.
What is a software vulnerability?
A software vulnerability is a flaw in an application that can be used in a certain manner by hackers to perform an unwanted action. You may also have heard of vulnerabilities being referred to as security bugs. These bugs are typically fixed by the software vendor in a short period of time after the vulnerability is made public by updating the affected software. Almost all software is vulnerable at one time or another.
How are vulnerabilities exploited by hackers?
Hackers write software that takes advantage of the vulnerability making the application perform in an unwanted manner. The hacker can deliver the malicious software to the victim by a number of mechanisms. This is typically done by sending the victim an email that appears to be legitimate, but actually contains a link to an infected site. If the victim clicks the malicious link in the email, their machine could become infected due to the vulnerable software on their machine. Hackers are constantly discovering and writing exploits for vulnerable software in an attempt to make money, gain notoriety, and steal confidential information.
Programs with Frequent Vulnerabilities
Java and Adobe exploits make up a large percentage of the total exploits available to hackers. Java runs on approximately 3 billion machines worldwide. That’s a large attack footprint. Java usually runs in the background and helps many applications function. Adobe makes various products like Reader, Flash, Photoshop, Adobe AIR, and etc. Most people have these programs installed on their machines. Historically, these two companies release urgent security updates every few weeks.
Tips to Remember
Two of the most important tips to remember when it comes to securing your computer are to:
It’s best to think of the security of your information in terms of layers. Updating all your software is the first security layer. Using an updated antivirus is the second layer of protection against an exploit. Employing this dual layered strategy will greatly reduce your risk to potential vulnerabilities.
If you have any specific questions or thoughts, please let us know below!
Many of us are constantly connected to the online world these days. This means that the potential is there for our computers and personal information to be compromised which greatly increases the risk of ID theft and financial fraud to occur. However, by taking some basic precautions you can significantly reduce the risk of your computing environment being compromised. Following these simple guidelines should help your computing environment become more secure:
Keep your computers and network equipment secured with the latest software updates and enable automatic updates whenever possible. This includes updates to third party applications such as Java and Adobe Products.
In the event your machine is lost or stolen, drive encryption can prevent others from accessing the data on your hard drive. The purpose is to encrypt or scramble your data on your machine so that it can only be read with your encryption key.Many operating systems offer drive encryption. Microsoft offers Bitlocker and Apple has FileVault. There are also other third party encryption offerings.
Think of the firewall to your computer as the fence around your property. If there were multiple holes cut in the fence, it wouldn’t be very useful at keeping people out. Firewalls are typically enabled by default on Windows machines, but double check to make sure it’s on. Here are instructions to do so if you are using Windows 7. Only allow necessary applications inbound access through your firewall. The same principles apply to your network firewall.
Set an auto-locking screensaver so your account gets locked out after a few minutes. This is useful if you forget to lock your machine when are away from it. On Windows machines this can usually be done by pressing the “Windows Key” and the “L” button simultaneously.
The longer and more complex the password, the better. At least 16 characters with a combination of upper and lowecase letters, numbers, and special characters is a best practice.
Use the strongest wireless security available (currently WPA2-CCMP) with a long and complex password for your wireless network. Disable WPS on your wireless router for greater security.
Think that some secure banking information
of yours has been compromised?
If you suspect that your personal financial information has been compromised, call MutualBank Customer Support at 800-382-8031.