Click here for the personal banking log onClick here for the business banking log on

Question Mark IconForgot Password? | First time user

Safety and Security Center 

General PC Security

  • Maintain active and up-to-date antivirus protection provided by a reputable vendor.  Schedule regular scans of your computer in addition to real-time scanning. 
  • Update your software frequently to ensure you have the latest security patchesThis includes your computer’s operating system and other installed software (e.g. Web Browsers, Adobe Flash Player, Adobe Reader, Java, Microsoft Office, etc.).
  • Automate software updates, when the software supports it, to ensure it’s not overlooked.
  • If you suspect your computer is infected with malware, discontinue using it for banking, shopping, or other activities involving sensitive information.  Use security software and/or professional help to find and remove malware.
  • Use firewalls on your local network to add another layer of protection for all the devices that connect through the firewall (e.g. PCs, smart phones, and tablets).
  • Require a password to gain access. Log off or lock your computer when not in use.
  • Use a cable lock to physically secure laptops, when the device is stored in an untrusted location. 

Online Security

  • Never click on suspicious links in emails, tweets, posts, nor online advertising.  Links can take you to a different website than their labels indicate. Typing an address in your browser instead of clicking a link in an email is a safer alternative.
  • Only give sensitive information to websites using encryption so your information is protected as it travels across the Internet.  Verify the web address begins with “https://” (the “s” is for secure) rather than just “http://”.  Some browsers also display a closed padlock.
  • Do not trust sites with certificate warnings or errors.  These messages could be caused by your connection being intercepted or the web server misrepresenting its identity.
  • Avoid using public computers or public wireless access points for online banking and other activities involving sensitive information when possible.
  • Always “sign out” or “log off” of password protected websites when finished to prevent unauthorized access.  Simply closing the browser window may not actually end your session.
  • Be cautious of unsolicited phone calls, emails, or texts directing you to a website or requesting information.

Passwords

  • Create a unique password for all the different systems you use.  If you don’t then one breach leaves all your accounts vulnerable.
  • Never share your password over the phone, in texts, by email, or in person.  If you are asked for your password it’s probably a scam.
  • Use unpredictable passwords with a combination of lowercase letters, capital letters, numbers, and special characters.
  • The longer the password, the tougher it is to crack.  Use a password with at least 8 characters.  Every additional character exponentially strengthens a password.
  • Avoid using obvious passwords such as:
- your name 
- your business name
- family member names
- your user name
- birthdates
- dictionary words
  • Choose a password you can remember without writing it down.  If you do choose to write it down, store it in a secure location.

Mobile Device Security

  • Configure your device to require a passcode to gain access if this feature is supported in your device.
  • Avoid storing sensitive information.  Mobile devices have a high likelihood of being lost or stolen so you should avoid using them to store sensitive information (e.g. passwords, bank account numbers, etc.).  If sensitive data is stored then encryption should be used to secure it.
  • Keep your mobile device’s software up-to-date.  These devices are small computers running software that needs to be updated just as you would update your PC.  Use the automatic update option if one is available.
  • Review the privacy policy and data access of any applications (apps) before installing them.
  • Disable features not actively in use such as Bluetooth, Wi-Fi, and infrared.  Set Bluetooth-enabled devices to non-discoverable when Bluetooth is enabled.
  • Delete all information stored on a device before the device changes ownership.  Use a “hard factory reset” to permanently erase all content and settings stored on the device.
  • “Sign out” or “Log off” when finished with an app rather than just closing it.

What Is Identity Theft?

Identity theft is the utilization of another’s personal information for fraudulent purposes. More often than not, personal information is obtained illegally and without the identity theft victim’s knowledge. A common example is when an identity thief uses someone else’s personal information to open a credit card account in the identity theft victim’s name.

How Identity Thieves Get Information

Identity thieves get smarter and smarter regarding ways to steal ID information. The following are commonplace ID theft practices:

  • Stolen wallets or purses.
  • Stolen mail.
  • Residential trash or the trash of local businesses.
  • Fraudulently obtained credit reports.
  • Business or personal records from their workplace.
  • Personal information shared over the internet.

How Identity Thieves Use Information

  • Open new credit card accounts, make purchases without paying the bills. The delinquent accounts are reported against the victim.
  • “Change of Address Forms” are used to divert mail to a different location so time elapses before unauthorized activity is reported.
  • Establish phone or wireless services.
  • Open new bank accounts and write fraudulent checks.
  • Make large purchases, such as an automobile, by applying for loans.

How To Minimize Risk

Before revealing any personal identification information, find out how it will be used and whether it will be shared with others. Don’t divulge unnecessary information.

Other protections include:

  • Pay attention to billing cycles.
  • Follow up with creditors if bills do not arrive on time.
  • Deposit outgoing mail at the post office.
  • Limit identifying information and credit cards carried to those necessary.
  • Do not give out personal information via phone, mail or over the internet to undisclosed sources.
  • Request a copy of your credit report annually from any one of the three major credit bureaus for review.
    - Equifax - www.equifax.com
    - Experian - www.experian.com
    - Trans Union - www.transunion.com

Avoiding Social Engineering Attacks

Social Engineering

In a social engineering attack, an attacker uses human interaction to manipulate a person into providing them information.  People have a natural tendency to trust.  Social engineering attacks attempt to exploit this tendency in order to steal your information.  Once the information has been stolen it can be used to commit fraud or identity theft.

Criminals use a variety of social engineering attacks to attempt to steal information, including:

  • Website Spoofing
  • Phishing

The following sections explain the meaning of these common attacks and provide tips you can use to avoid being a victim.

Website Spoofing

Website spoofingis the act of creating a fake website to mislead individuals into sharing sensitive information.  Spoof websites are typically made to look exactly like a legitimate website published by a trusted organization.

Prevention Tips:

  • Pay attention to the web address (URL) of websites.  A website may look legitimate, but the URL may have a variation in spelling or use a different domain.
  • If you are suspicious of a website, close it and contact the company directly.
  • Do not click links on social networking sites, pop-up windows, or non-trusted websites.  Links can take you to a different website than their labels indicate. Typing an address in your browser is a safer alternative.
  • Only give sensitive information to websites using a secure connection.  Verify the web address begins with “https://” (the “s” is for secure) rather than just “http://”.
  • Avoid using websites when your browser displays certificate errors or warnings.

Phishing

Phishing is when an attacker attempts to acquire information by masquerading as a trustworthy entity in an electronic communication.   Phishing messages often direct the recipient to a spoof website. Phishing attacks are typically carried out through email, instant messaging, telephone calls, and text messages (SMS).

Prevention Tips:

  • Delete email and text messages that ask you to confirm or provide sensitive information. Legitimate companies don’t ask for sensitive information through email or text messages.
  • Beware of visiting website addresses sent to you in an unsolicited message.
  • Even if you feel the message is legitimate, type web addresses into your browser or use bookmarks instead of clicking links contained in messages.
  • Try to independently verify any details given in the message directly with the company.
  • Utilize anti-phishing features available in your email client and/or web browser.
  • Utilize an email SPAM filtering solution to help prevent phishing emails from being delivered.
  • Never provide your personal information in response to an unsolicited request.
  • If you are not sure about the caller or e-mail, contact your financial institution directly.
  • Never provide critical information over the phone or in response to an unsolicited internet request.
  • Double check your account statement.
  • If you think you are the victim of a fraud, contact your financial institution immediately so that fraud alerts can be placed on your credit file.
  • Suspicious e-mails or calls can be reported to the Federal Trade Commission.

Report Fraudulent or Suspicious Activity

Contact us immediately if you suspect you have fallen victim to a social engineering attack and have disclosed information concerning your First Personal Bank accounts. 

Call us at (708) 226-2727 or visit your local First Personal Bank branch location.

If you suspect that someone has been using your personal information, you should contact:

  • The Bank immediately at (708) 226-2727.
  • The fraud departments of the three major credit bureaus
  • The creditors of any accounts that have been misused
  • The local police to file a report.
  • It is wise to cancel existing accounts held in your name and re-open new accounts with new passwords.

Regularly monitoring your account activity is a good way to detect fraudulent activity.  If you notice unauthorized transactions under your account, notify First Personal Bank immediately.

Consumer Education Sources:

Below is a list of websites which contain additional information about information security and fraud prevention.

  • OnGuardOnline.gov

This website was created by the federal government to help people be safe, secure, and responsible online. This website is part of the National Initiative for Cybersecurity Education.  Visit Site

  • National Cyber Security Alliance

NCSA's mission is to educate and therefore empower a digital society to use the Internet safely and securely at home, work, and school. This website provides information and educational programs for protecting the technology individuals use, the networks they connect to, and their digital assets.   Visit Site

  • US-CERT - Cyber Security Tips

This website is published by the United States Computer Emergency Readiness Team (US-CERT) and describes and offers advice about common security issues for non-technical computer users.  Visit Site

  • Federal Trade Commission - Privacy & Security

The Federal Trade Commission (FTC) website contains a Privacy & Security section containing a list of facts for consumers, articles, consumer alerts, and more.  Visit Site

  • BBB Data Security - Made Simpler

The Better Business Bureau (BBB) created this website specifically to educate small businesses on the most common data security issues they face. Data security guidelines and suggestions are presented to help improve the security posture of small businesses.  Visit Site

  • Bureau of Consumer Protection - Data Security

The Bureau of Consumer Protection Business Center website contains a data security section with material to help people learn how to secure their information. The website section contains a list of educational documents discussing information security, information about data security related laws, reports, workshops, and more. It also has an interactive tutorial over protecting personal information.     Visit Site

  • Small Business Information Security: The Fundamentals

This guide was published by the National Institute of Standards and Technology (NIST). The guide identifies recommend practices to improve information security in small businesses. Visit Site

  • Sound Business Practices for Companies to Mitigate Corporate Account Takeover

This document was created by the National Automated Clearing House Association (NACHA) to help companies mitigate the risk of corporate account takeover. The document was developed for companies of all sizes and outlines business processes to consider when reviewing and implementing security procedures. Visit Site

Notice of ATM/Night Deposit Facility User Precautions

As with all financial transactions, please exercise discretion when using an automated teller machine (ATM) or night deposit facility.  For your own safety, be careful. The following suggestions may be helpful.  

  1. Prepare for your transactions at home (for instance, by filling out a deposit slip) to minimize your time at the ATM or night deposit facility. 
  2. Mark each transaction in your account record, but not while at the ATM or night deposit facility. Always save your ATM receipts. Don’t leave them at the ATM or night deposit facility because they may contain important account information.
  3. Compare your records with the account statements you receive.
  4. Don’t lend your ATM card to anyone.
  5. Remember, do not leave your card at the ATM. Do not leave any documents at a night deposit facility.
  6. Protect the secrecy of your Personal Identification Number (PIN). Protect your ATM card as though it were cash. Don’t tell anyone your PIN. Don’t give anyone information regarding your ATM card or PIN over the telephone. Never enter your PIN in any ATM that does not look genuine, has been modified, has a suspicious device attached, or is operating in a suspicious manner. Don’t write your PIN where it can be discovered. For example, don’t keep a note of your PIN in your wallet or purse.
  7. Prevent others from seeing you enter your PIN by using your body to shield their view.
  8. If you lose your ATM card or if it is stolen, promptly notify us. You should consult the other disclosures you have received about electronic fund transfers for additional information about what to do if your card is lost or stolen.
  9. When you make a transaction, be aware of your surroundings. Look out for suspicious activity near the ATM or night deposit facility, particularly if it is after sunset. At night, be sure that the facility (including the parking area and walkways) is well lighted. Consider having someone accompany you when you use the facility, especially after sunset. If you observe any problem, go to another ATM or night deposit facility.
  10. Don’t accept assistance from anyone you don’t know when using an ATM or night deposit facility.
  11. If you notice anything suspicious or if any other problem arises after you have begun an ATM transaction, you may want to cancel the transaction, pocket your card and leave. You might consider using another ATM or coming back later.
  12. Don’t display your cash; pocket it as soon as the ATM transaction is completed and count the cash later when you are in the safety of your own car, home, or other secure surrounding.
  13. At a drive-up facility, make sure all the car doors are locked and all of the windows are rolled up, except the driver’s window. Keep the engine running and remain alert to your surroundings.
  14. We want the ATM and night deposit facility to be safe and convenient for you. Therefore, please tell us if you know of any problem with a facility. For instance, let us know if a light is not working or there is any damage to a facility. Please report any suspicious activity or crimes to both the operator of the facility and the local law enforcement officials immediately.

Commercial E-Banking Risk Assessment and Controls Evaluation

The following e-banking risk assessment and controls evaluation is provided to assist commercial Internet banking users in identifying threats and measure the strength of their controls. Start your evaluation here.

The Bank’s Commitment To Confidentiality

The Bank is committed to safeguarding our customers’ financial information. Maintaining our customers’ trust and confidence is a top priority. To learn more about how we protect your information, please ask for a copy of our privacy policy at any of our branch locations or click on the link below.

Privacy Policy

Back To Top