The following terms are frequently used to describe online security and identity theft. You should become familiar with them so you avoid any possible security breach. Our list is not meant to be your total source of information or to cover the whole universe of security information; however, building familiarity is critical to maintaining your long term internet security program.
Anti-virus software should be installed on your home computer and laptop to scan your email and the files on your computer for potential viruses that may be attached. If a virus is detected, you are notified immediately and the anti-virus software will prevent the email or file from being sent to you before it is opened. You should run your anti-virus software on a frequent basis to prevent computer infections like viruses, worms, or Trojan Horses from entering your computer system. Purchase a program that automatically upgrades your virus protection on a regular basis. Three popular sources for anti-virus and firewall protection software are Symantec®, McAfee®, and Computer Associates®.
A browser is a software application that works with the Internet to provide you a way to find, view and interact with websites and web pages. Two popular web browsers are Microsoft® Internet Explorer and Netscape® Navigator.
Cable modems provide high-speed internet access using cable television networks. They use either the traditional coaxial cables or newer fiber optic cables for the transmission of data. Cable modems offer continuous connection to the internet without having to dial into an Internet Service Provider (ISP) each time you connect to the internet.
A credit monitoring program can be purchased through a credit bureau (i.e., Equifax) and is designed to keep you aware of your credit report and current credit status. These programs typically alert you to changes in your credit or credit inquiries from financial sources. If you suspect illegal activity regarding your credit, you should contact the financial institution, your creditors, and your credit monitoring program company.
Like a driver's license or passport, digital certificates allow individuals or organizations on the internet to verify each other's identity to prevent unauthorized access. A digital certificate is a randomly generated set of characters that a computer sends to your browser. The browser on your computer stores this information and uses it as a digital stamp to certify the authenticity of the information sent to you and as a means of establishing identity. You may see a digital certificate issuer logo at the bottom of a browser page for your reference.
When you apply for credit at County Commerce Bank, or conduct account management transactions, the information you enter online is “encrypted” or transformed into a string of unrecognizable characters before being sent over the internet. This helps to keep the information between the financial institution's computer system and your internet browser private. The strongest level of encryption is 128-bit, used on popular web browsers such as Microsoft® Internet Explorer and Netscape® Navigator. Your session is in a secured “encrypted” environment when you see https:// in the web address, or when you see the locked “padlock” symbol at the bottom right corner of your browser window.
Firewall software can be installed on company and home computers as a barrier against hackers and viruses. Firewalls are used to filter potentially destructive information or prevent unauthorized access. This is especially important on computers that use a broadband connection to access the internet (cable modems or DSL) since your internet connection is on when your computer is on. Three popular resources for firewall protection are Symantec®, McAfee®, and Computer Associates®.
Keystroke capturing or keystroke logging is a surveillance tool that is illegally used to record the keystrokes of unsuspecting victims in order to determine password and log-in information that can be used for theft purposes. To help reduce your risk, an additional password called a Security Key will now be required for use with the County Commerce Bank Online Bill Pay service. The Security Key provides an extra level of protection online if your primary password were to be compromised.
Phishing schemes typically start with fraudulent email messages that masquerade as communications from reputable banks, credit card companies, online auctions, and department stores. The email messages include links to fraudulent websites known as “spoof” sites that are crafted to resemble sites from reputable companies. The spoof site asks consumers to provide or update their personal information. When consumers provide the requested information to the spoof site, the consumer is “phished” and becomes at risk for account theft, identity theft and computer infection.
Review the Anti-Phishing Working Group site to read about current phishing and spoofing attacks that have been reported. No reputable company would request personal information via email and you should contact the company in question if you suspect the email is fraudulent.
County Commerce Bank will NEVER request password or personal information through email.
A plug-in is a software module that adds a specific functionality to the web browser. For example, plug-ins for Netscape® Navigator and Internet Explorer allow the browsers to display various types of audio and video messages or popular Adobe® Acrobat PDF files.
Secure Socket Layer (SSL) technology encrypts your personal information before it leaves your computer, insuring that no one else can read it. You will know that you are on a “secured” page when you see the “https://” before the web address. You also will see a padlock symbol in the lower right hand corner of your browser window. A closed padlock indicates that your online session is “secured” by encryption to protect your personal information.
Secure Socket Layer (SSL) protocol provides a high level of security for internet communications. SSL provides an encrypted communications session between your web browser and a web server. SSL helps verify that sensitive information (e.g., credit card numbers, account balances and other proprietary financial and personal data) sent over the internet between your browser and a web server remains confidential during online transactions.
Security Holes / Bugs
Security holes / bugs are faults, defects or programming errors exploited by unauthorized users to access computer networks or web servers from the internet. As these holes or bugs become known, software publishers develop “patches”, “fixes” or “updates” that users can download to fix the problems.
In a continuing effort to bring you the latest online banking security, an additional password, called a Security Key, will be required for use with the County Commerce Bank Online Bill Pay service. The Security Key provides an extra level of protection if your primary password were to be compromised. You will create your Security Key using your mouse and a virtual keyboard that will appear on your screen. The added Security Key is for your online protection and will help prevent your password from being obtained by key logging software. Once your Key has been entered correctly, you can continue to use the Bill Pay service just as you do today.
When you log into an internet site that requires authentication, you input a specific Customer ID or user name and password to gain access to your account information. The encrypted information then passes through a rigorous test on County Commerce Bank's computer systems to insure proper authorization before your account information is displayed.
For your added online security, County Commerce Bank uses a session time-out feature. If your internet account management session is idle for a given amount of time, your session is ended automatically. This will insure that your online session is in a “secured” environment and that the personal information you enter is protected. A closed padlock symbol indicates a secured page is being used. Never input personal information on a website form or application that does not display the https:// before a website address or a padlock symbol.
Social engineering is an identity theft process that relies on human interaction and often involves tricking individuals into providing personal information such as bank account information or passwords. Social engineers do things such as search dumpsters for valuable information, memorize access codes by looking over someone's shoulder, and take advantage of people's natural inclination to choose passwords that are meaningful to them, but can be easily guessed (e.g., children's names, addresses, or birth dates). The personal information discovered is then used illegally to apply for credit, purchase goods and services, or gain access to funds.
Any unsolicited email is defined as “spam”. It fills up email files and could add additional pop-up windows on your computer screen. You can purchase anti-spam software to filter unwanted email or spam from your email list until you delete it.
As part of a “phishing” scam, some individuals or groups commit internet fraud by creating authentic-looking websites to resemble other sites. Financial institutions are the most targeted groups to be “spoofed” (or have their sites copied). Through email, the spoofed or forged sites attempt to persuade readers to input personal and banking details by creating a sense of urgency around the request.
Many spoofed sites are difficult to detect as fraud. They use company logos, graphics, text and credible-looking links, and website addresses. Don't be fooled by the email or the links and don't provide information without checking directly with the bank or company first. Visit the Anti-Phishing Working Group repository to learn about business sites that have been spoofed and the traits of known fraud attacks.
Spyware / Adware
Adware is a software application in which advertising banners or “pop-ups” are displayed on your computer screen while the program is running. Similar to adware, spyware is software that also includes codes to track a user's personal information, which is then passed on to third parties without the user's knowledge. The spyware programs are typically bundled with other freeware or shareware programs that are downloaded from the internet. Spyware is like a Trojan Horse computer infection because it is installed when users install something else.
Pop-ups caused by adware and spyware programs slow system performance, using memory and system resources that can lead to system crashes and instability. Adware and spyware programs invade your online privacy and are considered to be another form of identity theft. The programs may have the ability to monitor keystrokes, scan files on your hard drive, change the default homepage on your browser, and relay information about your web visits for marketing purposes. Several companies offer anti-adware or anti-spyware software to detect and delete the programs include: Lavasoft, SpyBot, Trend Micro, PC World, Symantec, McAfee, and Computer Associates®.
A Trojan Horse is the name of another type of virus, which is simply a computer program that masks as another program. Trojan Horses are sent as an email file attachment. Once opened, it can cause damage to your computer and send itself to other people in your address book to propagate itself.
A virus is a program that replicates itself without the user's knowledge, then disrupts the computer or keeps programs from running properly. Viruses are spread through file sharing and downloaded programs and are often sent in email attachments. Never open an email attachment unless first scanned through anti-virus software.
A worm is a small program that searches through networks to find security holes to replicate itself from machine to machine. Worms use up computer time, space, and speed when replicating, with an intent to slow or bring down web servers and halt internet use.