Ensuring the security and confidentiality of your account and personal information is essential to us. Below are some of the safeguards we have in place to protect against security breaches in the online environment:
- Username and Password – Our online banking requires a User ID and password to enter. Remember, the username and password are a key part of the security of your accounts. Do not share your password with anyone else. Credit union employees will never ask for your password. In addition, make sure your password is something you can remember, but no one else may guess. Make it random by including numbers and letters as well as changing the case of letters. It is recommended that you do not save your username or password anywhere on your PC.
- Encryption – ATCU's online banking site requires the use of 128 bit encryption which is supported by the current version of the most popular browsers. You will not be able to connect to the site without it.
- Timeout – Our system is designed to log you out automatically after 10 minutes of inactivity.
Identity Theft, Phishing, Pharming, Email Scams
- Phishing is a technique used to gain personal information for purposes of identity theft, using fraudulent e-mail messages that appear to come from legitimate businesses.
- "Spoofed" emails are sent to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, User ID's, passwords and social security numbers. Phishers often convince recipients to respond.
- Pharming schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware.
- ATCU will NOT ask for private information via email.
Social Network Attacks
- Subscribing to social networks such as Facebook via mobile phone also means that users transmit their mobile numbers to the web and thus become a target for hackers who are searching for the personal information of Internet users.
Things You Should Do To Protect Yourself Online
Use Strong Passwords and Change Them Regularly
- A simple password, such as your dog's name, your birth date, other easily guessed letters or numbers, is not sufficient protection. To protect yourself against security threats, choose a strong password.
- Never disclose your password to anyone
- Memorize your User ID and password; do not write them down
- Change your password every 30-60 days
- Do not be fooled by fraud. WE WILL NEVER SEND YOU AN EMAIL OR TEXT MESSAGE ASKING FOR YOUR USER ID OR PASSWORD.
HTTPS Is Your Friend
- When you're browsing the Web, protect yourself by using HTTPS (Hypertext Transfer Protocol Secure) whenever possible.
- Our online banking system provides you with the date and time of your last session ("last login"). This allows you to check the most recent online session and could tell you whether someone else has been accessing your information.
- When you have completed using our online site, log out (look for the "Log Out" link we provide). We suggest you do this before you shut your computer off and before you surf to any other websites.
- Do not use email to send us sensitive information (such as social security numbers, account numbers, financial information, etc).
- Email is not a secure method of transmitting personal information using services such as Gmail, Hotmail, MSN, Yahoo, or Outlook. Using our online banking email is a secure way to transmit information to us.
- If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.
- Delete unwanted email.
Phishing, Spoofs, Hoaxes and Other Deceptive Emails
- Be careful when responding to email messages that appear to be from us. Thieves or hackers send email messages which direct you to click on a link which redirects you to a fraudulent website, or pop-up window where you may be asked to "confirm", "verify", "update", or otherwise provide sensitive information (such as your account number, password, PIN, or social security number). Do not respond to these requests.
- Sometimes these email messages will falsely say that your account will be shut down if you do not act quickly. Do not be intimidated by these threats. These links, websites and pop-up windows may look like ours, but they are not.
- Clicking a link in one of these emails can expose your computer to viruses and spyware, even if you do not supply the sensitive information thieves want.
- We will never send you an email that asks you to verify an account number, password, PIN, or social security number. If you receive such a request, it is probably fraudulent.
- If you have any doubts about whether an email from us is authentic, do not reply to it; do not open any attachment; do not use the link in the email. Instead, contact us through our website or telephone number obtained through your own records.
Links to Other Websites
- If you click a link to another website, that website may collect, use, and disclose information about you in ways that are different from what we do. You should review that website's policies. We are not responsible for what the operators of other websites do with your information.
- We will give you a pop-up notice to let you know you are going to an unaffiliated third party's website.
Avoid Public Computers and Wi-Fi
- As convenient as free Wi-Fi and publicly available computers may be at, say, a public library or café, using them can leave you and your personal information exposed. Public computers might be infected with spyware and other types of malware designed to track your movements online and harvest your passwords.
Protect Your Data/Device
Install, Maintain and Apply Anti-Virus Programs
- If you're running antivirus software from two or three years ago, you should upgrade to the most recent version, even if you still receive up-to-date malware signature files for the older edition. The underlying technology for antivirus software has improved significantly in recent years.
- Anti-virus software scans incoming communications for troublesome files.
- Purchase anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
Keep Your Software Up-to-Date
- One of the simplest but most important security precautions you should take is to keep your PC's software up-to-date. This includes updating Windows, Adobe products, Microsoft Office, Java, Microsoft's Internet Explorer, and Apple software.
- Cybercriminals commonly exploit known vulnerabilities, Java and Adobe Reader are constant targets of such assaults.
- Your handset may contain lots of personal information--e-mail addresses, photos, phone contacts, Facebook and Twitter apps, and the like.
- That accumulation of valuable data makes smartphones a tempting target for thieves and cybercriminals, which is why the smartphone is shaping up as the next big security battleground.
- Keep your operating system and applications updated with the latest security patches.
- Only download applications from trusted sources.
- Do not root or jailbreak your mobile device or phone.
- Lock all mobile devices with a strong password and enforce a timeout to lock the device. Change your password every 30-60 days; use strong passwords; and never share your password with anyone.
Install a Personal Firewall
- A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources.
- It is important to run a firewall if you have a broadband connection.
- Operating systems (like Windows, Apple, or Linux) or browsers (Internet Explorer, FireFox, or Chrome) also may offer free software "patches" to close holes in the system that hackers or phishers could exploit.
Other Ways to Protect Your Computer
- Install a personal firewall.
- Scan your computer for spyware on a regular basis.
- Do not download programs or files from unknown sources.
- Install a pop-up blocker from a trustworthy source.
- Disconnect from the Internet when you are not online.
- Only connect trusted hardware to your computer or access device. For example, only plug in USB devices you trust and from sources you trust.
Additional Things You Should Do To Protect Yourself
Your Account Number
- Do not share your account number with anyone.
- Do not give your account number to someone over the phone, especially if you did NOT call them.
- Be aware of people who try to trick you by saying you must reveal your account number in order to award you a prize.
- Store new checks, account statements, and other sensitive information in a safe place.
Do Not Share Your Cards
- Do not share your ATM, Debit or Credit cards with anyone.
Review Your Accounts
- Review your online account information frequently and your statements promptly.
- Let us know right away if you see something you do not recognize.
- Balance your checkbook at least monthly.
- If your statement is late by more than a couple of days, call us to confirm your address and account balances.
Review Your Credit Reports
- Obtain and review a copy of your credit report periodically. This is one way to find out about identity theft.
- You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report.
- Check your mailbox every day.
- Consider dropping your outgoing mail in a US Postal Service mailbox (instead of your home mailbox).
- Use Online Bill Pay and sign up for Paperless Statements
- Do not give sensitive information to unknown callers.
- Hang up and call the company using a phone number that you located in the phone book or your own records.
- We will never make an unsolicited telephone call requesting sensitive information from you.
- Shred materials containing sensitive information before you throw them away.
- Do not carry your social security card, birth certificate or passport in your wallet or purse.
Social Security Number
- Do not print or write your social security number on your checks.
- Limit your information that is made available to the public.
Computer Viruses or Worms
- A computer virus passes from computer to computer like a biological virus passes from person to person.
- A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents.
- Most viruses are a nuisance, but some are quite dangerous.
- A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quickly.
- A worm usually exploits some sort of security hole in a piece of software or the operating system.
- Your best protection from acquiring a computer virus or a computer work is to use a personal firewall, updated anti-virus software, and monitor emails and web surfing activity of people using your computer.
If You Are a Victim of Identity Theft, Follow These Steps
1. Contact the fraud departments of each of the three major credit bureaus and report that your identity has been stolen. Ask that a "fraud alert" be placed on your file and that no new credit be granted without your approval.
2. For any accounts that have been fraudulently accessed or opened, contact the security departments of the appropriate creditors.
3. File a report with your local police or the police where the identity theft took place. Get a copy of the report in case ATCU or Visa® needs proof of the crime at a later date.
Children's Online Information Privacy
We recognize that protecting children's identities and privacy online is important. We do not solicit or collect individually identifiable information on visits to the children's page on our website without parental consent and do not knowingly solicit or collect individually identifiable information from children on any other area of our site.