Learn How to Protect Your Information
Security and protecting your information is our top priority. We encourage you to take an active role in safeguarding your information as well.
Learn where to begin by reading our quick tips below on how to spot phishing, spyware, and malware attacks.
We’ve included additional security topics with simple steps and suggestions that may help you prevent issues and detect if you’re being targeted.
If something looks suspicious, it probably is.
If something looks suspicious, it probably is.
- Contact the company by using contact information you already have that does not appear on the suspicious email or website.
- Website and email addresses can easily be manipulated to look like an authentic website or email.
- If you were not expecting an email from someone and it has links and/or attachments, don’t click on anything.
- Make sure your computer is updated regularly when security updates are available.
Install a firewall.
- A firewall limits the potential for unauthorized access to your network and computers.
- You should not see a maintenance page after entering login credentials. Legitimate maintenance pages are displayed when first reaching a website and before entering login credentials.
Be on the lookout.
- These may indicate an issue. If a pop-up window displays a login message or error this is a sign of a potential threat. Error messages related to logins are typically displayed directly on the login screen. Also, you should not receive pop-up messages that indicate you cannot use your current browser.
Watch for errors.
- Error messages should not include an amount of time to wait before trying to login again.
Keep your guard up.
- Repeatedly being asked to enter your user ID, password, or security questions are signs of potentially harmful activity.
Take the following steps immediately if you think your security or personal information has been compromised.
- Call your bank and credit card issuers immediately so that the necessary steps can be taken to protect your accounts.
- File a police report and call the fraud unit of the three credit-reporting companies.
- Consider placing a victim statement in your credit report and a fraud alert on your account.
- Keep a log of all the contacts you make with authorities regarding the matter. Write down names, titles, and phone numbers in case you need to re-contact them or refer to them in future correspondence.
- Contact the FTC’s ID Theft Consumer Response Center at 1-877-ID THEFT (1-877-438-4338) or gov/idtheft.
- Create complicated passwords.
Avoid using birthdays, social security numbers, pet names, other personal information, and simple passwords like ‘12345’. Use capital letters, numbers, and symbols to make your password strong. For example, take the word ‘complicated’. Rather than using that word exactly how it appears, incorporate our tips to create ‘[email protected]’.
- Change your passwords.
It is recommended that you change your passwords regularly. Set a reminder to notify you to create new passwords at least three times a year.
- Keep your confidential information confidential.
Friendly theft—theft by someone the victim knows—is the most common type of identity theft or fraud. Do not share your passwords with family members, friends, or colleagues. Be mindful of who has access to your personal information. Additionally, you should avoid using automatic sign-in features that remember your login credentials. That way, no one can access your information if your device is stolen or lost.
- Review your accounts.
Check your account activity and online statements often instead of waiting for the monthly statement. You’re the best person to detect fraudulent transactions because you’ll be able to recognize a charge you didn’t make. If you notice unusual or unauthorized activity, notify your bank right away. When a customer reports an unauthorized transaction in a timely manner, the bank will cover the loss and take measures to protect the account. Take advantage of account alert features that notify you of changes and/or transactions.
- Stay alert online.
Be sure your computers and mobile devices are equipped with up-to-date security, anti-virus, and malware protection. Never give out your personal financial information in response to an unsolicited email no matter how official it may seem. We will never ask for your passwords, PIN, or account information via email. Only open links and attachments from trusted sources. When submitting financial information on a website, look for the padlock or key icon at the top or bottom of your browser. Before submitting information make sure the Internet address begins with “https.” This signals that your information is secure during transmission. If making changes or transactions online, close unnecessary browser windows. Also, do not use public or other unsecured computers and devices to access your personal information. Never leave a computer or device unattended while accessing your data. Check your web browser security and privacy settings to select and confirm the appropriate level of safety. Clear your cached web history before logging in to your accounts.
- Mobilize your defenses.
Use the passcode lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen. Before you donate, sell, or trade your mobile device; be sure to clear or wipe the data from the device by using specialized software or using the manufacturer’s recommended technique. Purchase software and/or apps that allow you to wipe your device remotely if it is lost or stolen. Use caution when downloading data. Never download data from a source you do not recognize as secure.
- Create online alerts.
Set-up custom alerts that notify you when your account is accessed from a new device or if your account information is changed or updated.
Customizing your alerts specifically to your preferences can be accomplished quickly. Start by logging in to your online banking account and selecting ‘Customer Service’ from the dashboard menu. Under this menu, you can manage a variety of options and review your account information. To change your alert notifications, select ‘Manage Alerts’ under ‘Contact Options’.
Following is a list of the types of alerts that you can set.
|Change password||Manage Contact Information|
|Change User ID||Manage Mobile Banking Settings|
|Change Address||Change Statement Delivery Method|
|Customize Accounts||Change ATM/Debit Card Overdraft|
|Stop a Check||View Stopped Checks|
|View Messages||Contact Us|
|Service Agreement||Privacy Statement|
Currently, your default alert settings are set to notify you when the following actions take place:
User ID Change
External Account Added
New Payee Added
Phone Number Change
- Download and use our Mobile Banking App to review transactions.
- Use Bill Pay instead of checks to limit account number dissemination exposure and to obtain better electronic record keeping.
- Register your computer or mobile device to avoid having to re-enter challenge questions and other authentication information with each login.
Most security breaches result from malware introduced into a computer or network, or by using personal, confidential information (e.g., passwords, tax identification numbers, bank account information) gleaned using social engineering techniques. Since fraud perpetrators frequently use email for these purposes, email best practices represent a critical first line of defense. Following are best practices all email users should follow:
- Do not assume an email is legitimate based on the sender information. This information is easily copied and embedded in documents.
- Be careful of email addresses received from public email addresses (e.g., gmail.com, yahoo.com). Most large organizations do not use public email addresses.
- Corporate logos can also be easily copied and embedded in documents. Do not assume an email is legitimate just because you recognize a logo.
- If you question the validity of an email, contact the sender through another channel, such as a phone number, that is from another source. Never verify a sender with other contact information contained within the same email.
- Offers that appear in the subject line or body of the email that appear to be too good to be true are likely fraudulent.
- Offers that are time sensitive, asking for you to respond immediately or suggest penalties for not doing so, are likely fraudulent.
- Consider twice before clicking on embedded links in emails. These are sometimes used to download malware onto your computer. See “Understanding internet addresses” below for details on identifying potentially dangerous links.
- Attachments are another way that malware can be downloaded onto your computer. Do not open attachments in emails that you are not expecting.
- Spelling and grammatical errors are usually another indication that an email may not be legitimate.
- Never respond to an email requesting confidential information, or through a phone number provided within the email. Reputable companies will never ask for this type of information through email.
- Forms embedded in an email are never secure. Do not fill out a form embedded in an email.
Internet addresses, or URLs, identify the website where you will be taken when you click on it. Before clicking on any link embedded in an email it’s a best practice to hover or long press over the link to view the address behind the link. You should not click on the link if the address cannot be viewed. Also be careful to make sure the address is correct even if you think you recognize it. Perpetrators often create a slight misspelling in the URL that misleads you to believe it is legitimate.
Here’s how Internet addresses are formatted:
- The part of the URL between the “https://” and the next “/” is known as the domain.
This controls where the link takes you.
- A domain can consist of multiple sections:
The area immediately proceeding the first “/” (fakelogin.net), represents the actual domain name. The area appearing before this section (rbankchicago.), is referred to as the sub-domain. If you click on the link you would be taken to fakelogin.net, not rbankchicago. Therefore you must make sure the URL is accurate and that it is located properly in the URL.
- Sometimes recognizable information will appear to the right of the first “/”, however, as always, the domain is indicated by the information preceding the first “/”.
If you are ever in doubt about the validity of a URL, enter the domain name associated with the site you wish to validate into an Internet search engine, such as Google or Yahoo. When you view the search results, the first result should precisely match the domain name you entered. If this is not the case, you should not click on the link. Also consider the following:
- If the domain consists of a series of numbers, then it is not easily identifiable. Avoid these domains.
- If you doubt the legitimacy of a domain name, contact the sender through another channel, not listed within the email.
- Utilize information system professionals to help you safeguard your computer and network.
It's about more than debits and credits.
At Republic Bank, it’s important to us to provide you with the resources you need to have a bright financial future.
Explore our posts and learn more about credit score myths, savings strategies, the benefits of smaller local banks, and more.
At Republic Bank, our bankers work hard to learn your story and become your advocate.
Get connected with us, and put Chicago’s hardworking bank to work for you today.