Security Information

First National Bank in Olney would like to make its customers aware of potential security risks from the internet.  This information is intended to forewarn you, not to alarm you.  First National Bank in Olney will NEVER request confidential information through email.  If you feel that someone is impersonating First National Bank in Olney, please call at 618-395-8541 or toll free at 1-888-WE'RE 1ST (888-937-3178) or contact your local branch immediately.

There are security risks that you should be aware of so that you can avoid them. 
These threats are:
"Phishing"
SpyWare

"Phishing"
 

"Phishing" is a ploy Internet scammers have devised to lure victims into releasing personal financial information.  This scam deceives consumers into releasing information such as account numbers, social security numbers, passwords and other personal, confidential information through email by making consumers believe that they are dealing directly
with a trusted, legitimate business.

The Federal Trade Commission (FTC) has developed educational brochures explaining things to watch for to protect yourself and the risks of identity theft:

"Phishing" Fraud: How to Avoid Getting Fried by Phony Phishermen

FTC, "How Not to Get Hooked by the 'Phishing" Scam," July 2003

FTC, "ID Theft:  When Bad Things Happen to Your Good Name," September 2002

FTC, "ID Theft: What's It All About?" October 2003

 

"SpyWare"

"SpyWare" is any software that covertly gathers information about a user while he/she navigates the Internet and transmits the information to an individual or company that uses it for marketing or other purposes.

How you may become infected with SpyWare:

  • Downloaded with other Internet downloads in a practice called “bundling.” In many cases, all the licensing agreements may be included in one pop-up window that, unless read carefully, may leave the user unaware of “bundled” spyware.
  • Directly downloaded by users who were persuaded that the technology offers a benefit. Some spyware claims to offer increased productivity, virus scanning capabilities or other benefits.
  • Installed through an Internet browsing technique called “drive-by downloads.” In this technique, spyware is installed when a user simply visits a Web site. The user may be prompted to accept the download believing it is necessary in order to view the Web page. Another method is to prompt the user to install the program through pop-up windows that remain open, or download the software regardless of the action taken by the user.
  • Automatically downloaded when users open or view unsolicited e-mail messages.

 

Risks associated with SpyWare:

  • Exploiting security vulnerabilities or settings, changing the computer configuration to relax security settings, or allowing a channel into the institution's systems by circumventing the firewall. The result is that attackers can eavesdrop and intercept sensitive communications by monitoring keystrokes, e-mail and Internet communications. This monitoring may lead to the compromise of sensitive information, including user IDs and passwords.
  • Providing attackers the ability to control corporate computers to send unsolicited “junk” e-mail (SPAM) or malicious software (Malware), or to perform denial of service (DoS) attacks against other organizations.
  • Draining system resources and productivity and consuming system resources, even when the user is not browsing the Internet, such as when adware results in voluminous unwanted pop-up advertisements.
  • Compromising the bank's ability to conduct business by disrupting Internet connections as a result of the improper removal of spyware.
  • Increasing the incidence of SPAM to corporate e-mail accounts.
  • Compromising confidentiality. Certain types of spyware route all Internet communications through their own servers, often without the user's knowledge. This allows a third party to read sensitive Internet communications even when Secure Socket Layer (SSL) or other encryption protocols are used. Other forms of spyware install an application on the user's computer that monitors and records all Internet communications and sends the report back to the originator. Identity thieves may then impersonate the customer using the IDs and passwords collected.
  • Increasing vulnerability to “phishing” and “pharming” attacks, as some spyware can redirect Internet page requests. Phishing seeks to lure a user to a spoofed Web site using an e-mail that appears to come from a legitimate site. Pharming seeks to redirect a user to a spoofed Web site by introducing false data into a legitimate domain name server (DNS). The spoofed Web sites are set up to collect private customer information, such as account user IDs and passwords. In addition, objectionable or inappropriate information received by the customer from redirected Web sites can ultimately damage the financial institution's reputation.

 

What you can do to protect yourself:

  • Installing and periodically updating anti-spyware, virus protection and firewall software.
  • Adjusting browser settings to prompt the user whenever a Web site tries to install a new program or Active-X control.
  • Carefully reading all End User Licensing Agreements and avoiding downloading software when licensing agreements are difficult to understand.
  • Maintaining patches to operating systems and browsers.
  • Not opening e-mail from untrustworthy sources.

 

 

 

 

 

 


Home | Deposits | Loans | Online Banking | Other Services | Locations | Kids Page | Community

Have a question for a First National Employee?  Email us* today!

Copyright 2001-2008, First National Bank in Olney
All Rights Reserved

*The e-mail links provided are not transmitted via secure domain and confidential information such as passwords, Social Security numbers, account numbers, etc. should not be included in your correspondence.

Questions or comment welcome
Email the FNB Webmaster