Banking Security with the State Bank of
Online Security is a top priority with the State Bank of Richmond. We are committed to providing safe and secure access to your accounts through Online Banking and have taken all the precautions necessary to ensure the highest level of protection. You can be sure that access to your account(s) and your account information is private, secure and confidential.
User ID and Password –You will choose your specific Access ID and Initial Password when you enroll for Online Banking. Your password should never be written down or shared with anyone. Passwords are required to be changed every 90 days and need to consist of both alpha and numeric characters. If you forget your Access ID or Password, you can click on the “Forgot Your Password” link and follow the security steps to send a temporary password to the email listed in your Profile, or you can contact us at 320-597-2145 and we will reset your password after we verify your identity. We suggest to always logout or close your browser after completing your online transactions.
Advanced Authentication for Online Banking Security
–We provide multifactor authentication for our Online Banking Customers. The first part involves user authentication – how we identify you when you log into Online Banking. For computers that you use regularly to access Online Banking, you will have the opportunity to “register” that computer with us. Logging in using a known computer gives us another way of identifying you. You will be asked to set up a series of Challenge questions, which will be used to help identify you when you are logging into Online Banking from an unknown computer.
The second part involves institution authentication – how you verify that you are entering our legitimate State Bank of Richmond web site. You will have the ability to create your own unique welcome phrase and image, which will appear each time you log in. This will be another way you can tell you are entering our legitimate bank website.
Encrypted Software –Once your Online connection is established your Access ID and Password are encrypted using Secure Socket Layer (SSL) technology. Secure Socket Layer encryption protects information sent over the Internet by scrambling the information into a secret code, keeping your information secure and ensuring that no one else can read it. You can determine that encryption is being used and that you are connected to a secure server by looking for two things:
- A small key or padlock in the status bar on the bottom of your
browser indicates that your session is secure and encrypted. A
locked padlock, or a key, indicates a secure connection and an
unlocked padlock, or a broken key, indicates an unsecure connection.
- Another way to verify that your session is secure is to look
for https:// in the URL rather than the normal http://. The “s”
following http indicates that the session is secure.
protecting your privacy and will follow our procedures to ensure
the safety of your account information. Click here to view our Privacy
Protect Your PC - To prevent computer problems
and keep your information safe, it is extremely important to take
preventative measures by using anti-virus software and following
- Install and use virus management software on your computer.
Be sure to use it each time you download files.
- Keep your virus protection software up-to-date (product upgrades,
signature files, etc.). Stay current with the latest anti-virus
releases and patch levels for the software you use.
- Only use virus management software from reputable vendors.
- Use caution when downloading and running programs with executable
(.exe) files or those which may contain data that cannot be scanned
or filtered by anti-virus software.
- Be certain that you know the origin of e-mails that contain
attachments. Do not open an attachment from an unknown source.
E-mail sent from the State Bank of Richmond – Other than for E-Statement Delivery, we will NEVER send e-mails requesting personal information. We will NEVER ask you to “verify” information. We will NEVER ask you to click on a special site link to do so. While e-mails of this nature may look like they are from us, and even use our logo, they are most likely a “phishing” scam (see “Phishing” description below). DO NOT ANSWER THEM. If you receive an e-mail supposedly from us, please call us to confirm it first.
Identity Theft is when someone steals your personal information to use for illegal purposes – it is a crime that can damage your credit, your reputation, and your peace of mind. You can reduce the possibility of becoming a victim by keeping your personal information secure.
How to Protect Yourself
- If bank accounts were set up without your consent, close them.
- For information about how to put a “fraud alert”
on your files at the credit reporting bureaus and other advice
for ID theft victims, contact the Federal Trade Commission’s
ID Theft Clearinghouse, http://www.ftc.gov/bcp/edu/microsites/idtheft/
or toll-free, 877-438-4338. The TTD number is 202-326-2502. Ask for a free copy of Take Charge: Fighting Back Against Identity Theft, a guide that will help you guard against and recover from your theft – and guard against it in the future.
- Contact your local police department to file a criminal report.
- Contact the Social Security Administration’s Fraud Hotline
to report unauthorized use of your personal identification information.
Their number is 1-800-269-0271 or report online at http://oig.ssa.gov/report-fraud-waste-or-abuse.
- Notify the Department of Motor Vehicles of your identity theft.
- Check to see whether an unauthorized driver’s license
number has been issued in your name.
- Notify the passport office to be on the lookout for anyone
ordering a passport in your name.
- File a complaint with the Internet Crime Complaint Center (IC3)
by visiting their Web site: www.ic3.gov.
IC3 is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), with a mission to address fraud committed over the Internet. For victims of Internet fraud, the Center provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.
- Document the names and phone numbers of everyone you speak
to regarding the incident. Follow-up your phone calls with letters.
Keep copies of all correspondence.
Identity Theft Resources
– Minnesota Attorney General’s Office publication Guarding
- The Federal Trade Commission’s Identity Theft Site
- Department of Justice Web site
– Internet Crime Complaint Center
Phishing involves the use of seemingly legitimate e-mail messages and Internet Web sites to deceive you into disclosing sensitive information, such as account information, Social Security numbers, credit card numbers, passwords, and personal identification numbers (PIN’s). In most phishing schemes, the fraudulent e-mail message will request that you “update” or “validate” your personal information in order to maintain their accounts, and direct you to a fraudulent Web site that may look very similar to the Web site of the legitimate business. These Web sites may include copied or “spoofed” pages from legitimate Web sites to further trick the recipient into thinking they are responding to a bona fide request.
Act immediately if you’ve been hooked by a phisher.If you provided account numbers, PIN’s, or passwords to a phisher, notify the companies with whom you have the accounts right away. For information about how to put a “fraud alert” on your files at the credit reporting bureaus and other advice for ID theft victims, contact the Federal Trade Commission’s ID Theft Clearinghouse, http://www.ftc.gov/bcp/edu/microsites/idtheft/ or toll-free, 877-438-4338. The TTD number is 202-326-2502.
Even if you didn’t get hooked, report Phishing:
We suggest reporting phishing e-mails or spoofed Web sites to any
of the following groups:
- Forward the e-mail to the Federal trade Commission at firstname.lastname@example.org.
Always include the entire original e-mail with its original information
- Notify the Internet Crime Complaint Center of the FBI by filing
a complaint on their Web site: www.ic3.gov.
– Pharming is the process of redirecting Internet domain requests to false Web sites to collect personal information. Information collected from these sites may be used to commit fraud and identity theft. Online Banking customers should install current versions of virus detection software, firewalls and spyware scanning tools to reduce computer infections, and regularly update these tools to combat new threats.
- Spyware is a form of software that electronically collects – or can intercept - personal and confidential information about a person without their knowledge or informed consent, and reports it to a third party. The data collected may include account numbers, Social Security numbers, passwords, or other sensitive and personal information that puts privacy at risk.
It may be installed on your computer by being downloaded with other Internet downloads in a practice called “bundling”. In many cases, all the licensing agreements on software you download may be included in one pop-up window that, unless read carefully, may leave the user unaware of “bundled” spyware. It can also be automatically downloaded when a user opens or views unsolicited e-mail messages.
Spyware may cause further damage to your computer by installing other spyware programs onto your computer. It may relax your computer’s security settings or firewall, resulting in the hacker eavesdropping and possibly intercepting sensitive communications you type in. It may monitor keystrokes or view e-mail messages, all of which may lead to a compromise of your system. Attackers have the ability to control computers to send unsolicited “junk” e-mail (SPAM) or malicious software (Malware), or to perform denial of service (DoS) attacks against other organizations. Spyware can drain your system’s resources and productivity, even when you are not browsing the Internet, resulting in large amounts of unwanted pop-up advertisements.
Spyware Detection and Prevention
- Installing and periodically updating anti-spyware, virus protection
and firewall software.
- Adjusting browser settings to prompt the user whenever a Web
site tries to install a new program.
- Carefully reading all End User Licensing Agreements and avoiding
downloading software when licensing agreements are difficult to
- Maintaining software patches to operating systems and browsers.
- Do not open e-mail from untrustworthy sources.
to Practice Safe Computing
Here is a list of recommendations to follow in order to avoid
becoming a victim of scams:
- Be suspicious of any e-mails with urgent requests for personal financial information. Phishers have been known to include upsetting or enticing (but false) statements in their e-mails to get people to react immediately. Be suspicious of any e-mail that asks for personal financial information, user names, passwords, credit card numbers, Social Security numbers, etc.
- Be careful of e-mails that are not personalized and/or may contain spelling errors and/or awkward syntax and phrasing. Many phishing e-mails are sent in great bulk and, therefore, are not personalized. Many also are being sent from other countries from individuals for whom English is a foreign language, thus resulting in misspelled words and awkward syntax and phrasing.
- Do not use links in an e-mail to get to any Web page. Instead, call the bank on the telephone to confirm the address, or log onto the Web site directly by typing in the Web address in your browser.
- Only communicate information, such as credit card numbers or account information, via a secure Web site or the telephone. When submitting financial information to a Web site, look for the padlock or key icon at the bottom of your browser, and make sure the Internet address begins with “https”. A secure Web server designation can be found by checking the beginning of the Web address in your browser’s address bar – the address should be begin https://... Rather than just http:// .
- Memorize your passwords and PIN numbers. Don’t leave them in your wallet or on your desk where someone else could find them.
- Regularly monitor your online accounts and check your bank, credit and debit card statements to ensure that all transactions are legitimate. One of the real advantages of banking online is being able to regularly review your account for unauthorized or unusual activity. If anything is suspicious, contact us immediately at 320-597-2145.
- Ensure that your browser is up to date and security patches applied. Always visit your browser’s home page to download the latest security updates even if they don’t alert you to do so.
Order a free copy of your credit report every year from the three
credit reporting agencies and make sure all the information is correct,
especially your name, address, and Social Security number. Look
for indications of fraud, such as unauthorized applications, unfamiliar
credit accounts, credit inquiries and defaults and delinquencies
that you did not cause.
You can call one number (1-877-322-8228), and request the report
from all three credit bureaus at one time or you can call each one
separately as listed below. You can also request your free report
by visiting the Web site www.annualcreditreport.com.
Equifax – www.equifax.com
- To order your report, call: 800-685-1111 or write: P.O. Box 740241 , Atlanta , GA 30374-0241
- To report fraud, call: 800-525-6285 and write: P.O. Box 740241 , Atlanta , GA 30374-0241
- Hearing impaired call 1-800-255-0056 and ask the operator to call the Auto Disclosure Line at 1-800-685-1111 to request a copy of your report.
Experian – www.experian.com
- To order your report, call: 888-EXPERIAN (397-3742) or write: P.O. Box 2002 , Allen , TX 75013
- To report fraud, call: 888-EXPERIAN (397-3742) and write: P.O. Box 9530 , Allen , TX 75013 . TDD: 1-800-972-0322
Trans Union –
- To order your report, call: 800-888-4213 or write: P.O. Box 1000 , Chester , PA 19022
- To report fraud, call: 800-680-7289 and write: Fraud Victim Assistance Division, P.O. Box 6790, Fullerton , CA 92634 TDD: 1-877-553-7803.