Best Practices For Preventing Fraud


Convenience is paramount in the world of online banking, but this kind of premium accessibility can lead to an increased risk of data breaches. In today’s rapidly-evolving digital landscape, it’s more important than ever to keep confidential information secure across your devices.

Consumers expect business to take routine measures to keep the data they provide safe. Businesses have an ethical and legal obligation to keep their clients’ information safe. You can never take too many precautions, so ensure that you’re taking the proper ones to maintain your personal and company's data security.

Texas Partners Bank advises adopting these best practices for avoiding fraud listed below. We strongly recommend everyone to implement the following procedures to help prevent criminals from accessing their information.

SENDING FUNDS

  • Set up internal procedures to verify changes to payment instructions.
  • Be sure to have all payment instruction changes verified verbally (not electronically) by speaking with a known contact before sending funds. Note the name of the person that verified the payment instruction change. This includes payment instructions or check, ACH, wires, and credit/debit cards.
  • Establish strong internal controls to include voice payment authorization, dual control, secondary review, separation of duties, timely reconciliation, and use of bank fraud protection tools.
  • Never purchase gift cards, or send funds to someone based on a text message, email, or social media message, even if you know the person. Call to confirm and if they are not available, do not honor the request.

MOBILE DEVICE

  • Always keep your mobile device’s software up to date and configure it to require a passcode to gain access.
  • Avoid using your mobile device to store sensitive information. If sensitive data is already stored, enable encryption to secure it. Never jailbreak your device or otherwise circumvent security controls.
  • Before installing any apps, review the privacy policy and data access for each, and always remember to “Sign Out” or “Log Off” when you’re finished, rather than just closing the app.
  • Disable features like Bluetooth, Wi-Fi, and infrared when you’re not using them. This provides security while improving your device’s overall performance.
  • When Bluetooth is enabled, set your devices to “non-discoverable” as an extra precaution.
  • If you plan on selling or trading in your device, don’t forget to delete all information before the device changes ownership. You can permanently erase all content and settings stored on your device by using a “hard factory reset.”

PASSWORDS

  • Use multi-factor authorization (MFA) or out-of-band (OOB) whenever possible on your work and personal accounts (token, phone or text code, challenge question, etc.).
  • A layered security approach is the key to information security protection.
  • Preserve the security of your personal data with a strong password. Create a unique iteration for each of the different systems and websites you use.
  • Never share your passwords over the phone, in texts, by email, or in person. If you are asked for your password, it’s probably a scam.
  • Choose a password you can remember without writing it down. If you have to write it down, store it in a secure location.
  • Be sure your password is as unpredictable as possible by using a combination of lowercase letters, capital letters, numbers, and special characters. Try to utilize at least eight characters.
  • Refrain from using obvious passwords such as: Names (e.g., your name, family members’ names, business name, username, etc.), dates (e.g., birthdays, anniversaries, etc.), and dictionary words.

COMPUTERS

  • Update your computer’s operating system and other installed software (e.g., web browsers, Adobe Flash Player, Adobe Reader, Java, Microsoft Office, etc.) to ensure you’re equipped with the latest security patches.
  • Schedule regular scans of your computer and maintain active and up-to-date antivirus protection provided by a reputable vendor.
  • Make sure your computer requires a password to gain access, and consistently log off or lock it when not in use.
  • If you suspect your computer is infected with malware, discontinue using it for banking, shopping, or other activities involving sensitive information.
  • Install security software and/or consult professional help to find and remove the damaging malware.
  • Use firewalls on your local network to add another layer of protection for all the devices that connect through the firewall (e.g., PCs, smartphones, and tablets).
  • As a final line of defense, use a cable lock to physically secure your laptop when it’s stored in an untrusted location.

EMAIL & INTERNET BROWSERS

  • Resist the urge to click suspicious links. Questionable links in emails, tweets, social posts, and online advertising can take you to different websites than their labels indicate.
  • Type any address you find into your browser instead of clicking a link in an email.
  • Submit sensitive information only to websites that use encryption. Be cautious of unsolicited phone calls, emails, or texts directing you to a website or requesting personal information.
  • Verify that the web address begins with “https://” (the “s” stands for “secure”) rather than just “http://”. Some browsers also display a closed padlock icon in the search bar to designate a secure connection.
  • If a site contains certificate warnings or errors, do not trust it. These error messages could mean your connection is being intercepted or that the web server is misrepresenting its identity.
  • Avoid using public computers or public wireless access points for online banking and other activities involving sensitive information.
  • Always “Sign Out” or “Log Off” of password-protected websites when you’re finished browsing to prevent unauthorized access.

If you suspect someone is attempting to gain access — or has already gained access — to your online banking information, stop using any computers that may be affected immediately and contact us to request help in preventing further loss and in possibly recovering funds that were fraudulently transferred.

In addition to the steps listed above, we also offer a variety of services that can help you protect your accounts from check and ACH fraud. For more information about these products and services, please contact your personal banker or a Treasury Management professional.

JENNIFER DUNEM
Vice President, Treasury Management Sales Manager 

How are you protecting your business from fraud?

Get an assessment of your business's fraud protection at no cost from one of our Treasury Management advisors.