FDIC-Insured - Backed by the full faith and credit of the U.S. Government

Videos

Click-Thrus

Cybersecurity Tips

Conducting Your Transactions Online

Federal financial regulators are reporting that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers. In order to help ensure the security of your online transactions, we want you to know that:

  • We will never email, call or otherwise ask you for your user name, password or other electronic banking credentials
  • You can help protect yourself by implementing alternative risk control processes like:
    • Making sure you choose an adequate user name and password that, at a minimum, mixes in small case letters, upper case letters and numbers
    • Periodically changing your password (e.g., at least every 90 days)
    • Safeguarding your user name and password information
    • Making sure you have a firewall in place when conducting your financial transactions
    • Logging off the system when you're done conducting business (don't just close the page or "X" out of the system)
    • Monitoring your account activity on a regular basis

In addition, we may require owners of commercial accounts to perform their own risk assessments and controls evaluations. For example:

  • Make a list of the risks related to online transactions that your business faces including
    • Passwords being written down and left out in the open
    • The use of old or inadequate passwords
    • The possibility of internal fraud or theft
    • Delays in terminating the rights of former employees
    • The lack of dual control or other checks and balances over individual access to online transaction capabilities
  • An evaluation of controls your business uses may include
    • Using password protected software to house passwords in
    • Conducting employee background checks
    • Initiating a policy and process to terminate access for former employees
    • Segregating duties among two or more people so no one person has too much access or control
    • Conducting internal or third party audits of controls
    • Using firewalls to protect from outside intrusion or hackers

Federal regulations provide consumers with some protections for electronic fund transfers. These regulations generally apply to accounts with Internet access. For example, these federal laws establish limits on a consumer's liability for unauthorized electronic fund transfers. They also provide specific steps you need to take to help resolve an error with your account. Note, however, that in order to take advantage of these protections, you must act in a timely manner. Make sure you notify us immediately if you believe your access information has been stolen or compromised. Also, review your account activity and periodic statement and promptly report any errors or unauthorized transactions. See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these types of protections. These disclosures are also available online (or ask us and we will gladly provide you with a copy).

If you become aware of suspicious account activity, you should immediately contact the authorities and contact us at 1-715-822-2249.

Fraud

Understand the difference between fraud and identity theft; recognize common tactics used to obtain your information, and learn the steps you can take to help protect your account and personal information.

Online fraud occurs when someone poses as a legitimate company to obtain sensitive personal data and illegally conducts transactions on your existing accounts. Often called “phishing” or “spoofing,” the most current methods of online fraud are fake emails, Web sites and pop-up windows, or any combination of these.

Always keep in mind that Cumberland Federal Bank will never send email containing attachments or require customers to send personal information to us via email or pop-up windows. Any unsolicited request for Cumberland Federal Bank account information you receive through emails, Web sites, or pop-up windows should be considered fraudulent and be reported immediately.

Fake Emails Will Often:

Appear To Be From A Legitimate Source

While some emails are easy to identify as fraudulent, others may appear to be from a legitimate address and trusted online source. However, you should not rely on the name or address in the “From” field, as this is easily altered.

Ask You For Personal Information

Fake emails often contain an overly generic greeting and may claim that your information has expired, been corrupted or been lost, and that you must immediately resend it.

Link To Counterfeit Web Sites

Fake emails may direct you to counterfeit Web sites carefully designed to look real, but which actually collect personal information for illegal use.

Link To Real Web Sites

In addition to links to counterfeit Web sites, some fake emails also include links to legitimate Web sites. The fraudsters do this in an attempt to make a fake email appear real.

Contain Fraudulent Phone Numbers

Fake emails often contain telephone numbers that are tied to the fraudsters. Never call a number featured on an email you suspect is fraudulent, and be sure to double-check any numbers you do call.

 

Contain Real Phone Numbers

Some of the telephone numbers listed in fake emails may be legitimate, connecting to actual companies. Just like with links, fraudsters include the real phone numbers in an effort to make the email appear to be legitimate.

Trojan Horses

These fake emails may also contain a virus known as a “Trojan Horse” that can record your keystrokes. The virus may live in an attachment or be accessed via a link in the email.

Again, Cumberland Federal Bank customers should keep in mind that we do not request personal information via email or send email attachments. Never respond to emails, open attachments, or click on links from suspicious or unknown senders.

If you’re not sure if a Cumberland Federal bank email is legitimate, report it to us without replying to the email.

How Can I Help Protect Myself?

With a few simple steps, you can help protect your Cumberland Federal Bank accounts and personal information from fake emails and Web sites:

  • Delete suspicious emails without opening them. If you do open a suspicious email, do not open any attachments or click on any links it may contain.
  • Never provide sensitive account or personal information in response to an email. If you have entered personal information, call Cumberland Federal Bank immediately at 1-715-822-2249.
  • Install and regularly update virus protection software.
  • Keep your computer operating system and Web browser current.

Fraudulent Pop-Up Windows

Pop-up windows are the small windows or ads that appear suddenly over or under the window you are currently viewing. Fraudulent pop-up windows are a type of online fraud often used to obtain personal information. Online fraud occurs when someone poses as a legitimate company – like a popular shopping site, your bank, or your internet service provider – to obtain sensitive personal data and illegally conducts transactions on your existing accounts. Often called “phishing” or “spoofing,” the most current types of online fraud include fake pop-up windows, emails and Web sites, or any combination of these.

Always keep in mind that Cumberland Federal Bank will never send email containing attachments, or require customers to send personal information via email or pop-up windows. Any unsolicited requests for Cumberland Federal Bank account information you receive through pop-up windows, emails, or Web sites should be considered fraudulent and reported immediately.

When encountering a pop-up window, be aware of the following:

  • Cumberland Federal Bank does not use pop-up windows to request customer account information.
  • We will never display a pop-up window on our site that you haven’t requested by clicking on a link – all of our pop-up windows are user-initiated.
  • Pop-up windows are often the result of programs installed on your computer called “adware” or “spyware.” These programs look in on your Web viewing activity and regularly come hidden inside many free downloads, such a music-sharing software or screen savers. Many of these programs enable harmless advertisements, but some contain “Trojan Horse” programs that can record you keystrokes or relay other information to an unauthorized source.

How Can I Help Protect Myself?

With the proper precautions, you can help protect your Cumberland Federal Bank accounts and personal information from harmful pop-up windows:

Activate A Pop-Up Window Blocker

There are free programs available online that will block pop-up windows. Perform an Internet search for “pop-up blocker” or look at the options provided by major search engines. You should confirm that these programs are from legitimate companies before downloading. Once you have installed a pop-up blocker, you should determine if it blocks information that you need to view or access. If this is the case, you should consider turning off the blocker when you are on Web sites you know use pop-up windows to provide information you need or want to view.

Scan Your Computer For Spyware Regularly

You can eliminate potentially risky pop-up windows by removing any spyware or adware installed on your computer. Spyware and adware are programs that look in on your Web viewing activity and potentially relay information to a disreputable source. Perform an Internet search for “spyware” or “adware” to find free spyware removal programs. As with a pop-up blocker, you will want to be sure that your removal program is not blocking, or removing, wanted items, and if it is, consider turning it off for some web sites.

Avoid Downloading Programs From Unknown Sources

Downloads may contain hidden programs that can compromise your computer’s security. Likewise, email attachments from unknown senders may contain harmful viruses.

Keep Your Computer Operating System And Web Browser Current.

Measures to Respond to Phishing:
Cumberland Federal Bank works constantly to help protect our customers from criminal activity. As an informed customer, you are a great ally in this effort. Report suspicious activity to the Federal Trade Commission. Send the actual phishing e-mail to uce@ftc.gov. If you believe you have been defrauded, file your complaint at http://www.ftc.gov, and then visit the FTC’s Identity Theft website at http://www.ftc.gov/idtheft to learn how to minimize the financial damage from identity theft. For additional guidance on how to avoid falling victim to phishing attempts, visit the Federal Trade Commission’s (FTC) consumer help site at http://www.consumer.gov.

Identity Theft

Be informed about identity theft and how you can protect yourself.

What Is Identity Theft?

Identity theft occurs when someone illegally obtains your personal information – such as your Social Security number, bank account number, or other identification – and uses it repeatedly to open new accounts or initiate transactions in your name. For example, someone might do a combination of the following: open new credit cards, open new bank accounts, forge checks, and even apply for loans using your name and personal information. This can cause financial loss and damage your credit, which can lead to a lengthy resolution process.

How Can I Help Protect Myself?

  • Do not open or respond to online solicitations for personal information. Cumberland Federal Bank will never send email containing attachments, or require customers to send personal information via email or pop-up windows.
  • Carry only necessary identification. In particular, do not carry your Social Security card.
  • When a Social Security number is requested to sign up for a service, confirm that it is actually needed rather than some other identifier.
  • Make photocopies of all the information you carry daily and store it in a secure location like a safety deposit box.
  • Shred financial or personal documents before discarding. Most fraud and identity theft incidences happen as a result of mail and garbage theft.
  • Always put outgoing mail in a U.S. Postal Service mailbox, which is more secure than your home mailbox.
  • Collect your mail promptly each day.
  • Use passwords on all accounts and your PC that are difficult to guess – and don’t use the same password for everything. Don’t use passwords that relate to family names, birthdates, your SSN, addresses, or your job.
  • Do not keep passwords on you, and don’t write such information on debit or ATM cards.
  • Don’t give private information to anyone unless you are positive who the person is and they have a legitimate need to know.
  • Never lend your password to anyone – you will probably be responsible for everything that results.
  • Do not give out personal data over the phone, through the mail, or on the Internet unless you have initiated the contact.
  • Periodically check your credit report to see if there are loans or credit cards outstanding that you don’t know about.
  • Do not allow your credit card out of your sight when paying for products or services.

Sources For Assistance

The Federal Trade Commission (FTC) is the Federal government’s primary agency for dealing with identity theft matters. They operate a hotline devoted only to identity theft. The toll-free number is 1-877-IDTHEFT (438-4338). FTC Website is http://www.ftc.gov.