Security & Fraud
We recognize, respect and protect the personal privacy rights of all our customers. Our customers entrust us with personal information and it is our responsibility to maintain that information in a confidential manner. We are committed to providing the highest level of security and privacy regarding the collection and use of our customers’ personal information including visits to our website. Cybersecurity is everyone’s responsibility, so we provide the following information to enable you to practice good, safe cyber hygiene.
Access to our products and services begins with logon credentials, consisting of a User ID and a password. We build the security of our applications with industry-leading technology to protect the security of your data and online session, but your password is the most important component to secure access to your account. The success of password attacks by bad actors can be minimized by using a complex password.
The following table demonstrates the importance of selecting a longer, more complex password to keep your account safe:
|Password Length||Amount of Time to Discover a Password (approximate)|
Here are recommendations in selecting a password:
- Password length should be at least 10 characters. Industry recommendation today is at least 15 characters.
- If you use a 15-character password, industry guidance suggests to change the password annually or sooner if you detect the password has been compromised. Shorter passwords should be changed more frequently.
- Include letters, numbers, and special characters.
- Avoid common information found on your social media accounts (child’s name, geographic features near your location, geographical sports teams)
- Never reuse a financial website password for other sites
- Use a password phrase to memorize a complex password easier.
- My grandfather took me fishing at Lake Michigan in 1993 and had Chicago-style pizza = Mgtmf@LMi93&hCp
We care about you and your data and want to keep it secure. Let’s keep it that way! Here are a few additional tips to safeguard your data:
Unsolicited requests for information
- Do not disclose personal or account information when responding to requests online or over the phone. BND will not contact you by phone, send you a text message or email, or send a letter asking you to validate or provide logon information or other confidential information, such as your social security number, date of birth, or account information. Contact us if you receive a similar request at (800) 472-2166 or firstname.lastname@example.org.
- Ensure anti-virus software is installed on your computer and keep it updated frequently.
- Update Operating System software on computer and mobile devices.
- Update browsers to the latest version.
- Verify the website is secure if entering sensitive information by ensuring it begins with “https”. This indicates the information entered on the website will be encrypted. The website will also display a padlock icon next to the web address as an indication the website has enhanced security controls to protect your entries.
Don’t go Phishing
- Phishing is an email designed to make you think it is coming from a reputable person or organization to try to make you click on a link to download malicious software or enter your logon credentials on a fake site.
- Always verify the sender. If you need to call, use a number published on the company’s website.
- Hover over any links without clicking on them in the email to determine what website you would be directed to.
- For attachments, pay attention to the file type and name of the file.
- Businesses like airports, restaurants, and hotels sometimes provide wireless access for guest convenience in accessing the internet. However, that convenience comes with reduced security controls on open, sometimes free, wireless networks. If you need to enter User IDs, Passwords, view or enter financial information, it is better to wait until you are on a trusted, secured network.
- Another alternative that provides better security controls than guest wireless networks is to switch to your cellular network if you need to transmit sensitive information. If you have VPN software installed on your computer or mobile device, that will provide encrypted transmission of information to safeguard your data.
Detect Identity Fraud
If you notice any suspicious or unusual activity regarding your Bank account, please contact us at (800) 472-2166.
To detect identity fraud:
- Monitor credit reports for suspicious activity,
- Check financial statements monthly and verify charges,
- Identify if credit cards or other accounts were opened under your name without your approval, and
- Look for errors on your tax return.
Credible Security Sources
In addition to our partners at Knowbe4 (monthly articles posted below), a few great websites to stay up-to-date with the latest security trends and threats have been provided for you, below:
- National Cybersecurity Alliance
- National Institute of Standards and Technology
- Think. Connect.
Knowbe4 Monthly Article Spotlight
Knowbe4 is an excellent resource to visit for various cybersecurity-related information, training, and attack vectors used by criminals. Here is this month’s focus: