Security

Online Security, Everyday, Everywhere

Your online security has always been a top priority. That's why Enhanced Login Security is so important. This new security service is free, easy, and most importantly, gives you extra protection from fraud and identity theft. Enhanced Login Security identifies you as the true "owner" of your accounts. Now, not only will your password be recognized, your computer will be recognized as well. For more information on how to protect your accounts against fraud with Enhanced Login Security, click here.

Enhanced Login Security

Overview

The Federal Financial Institutions Examination Council (FFIEC), the regulators overseeing banks and credit unions, communicated that passwords alone will no longer be the sole means of achieving online security. Enhanced Login Security is the recommended solution. ENHANCED LOGIN SECURITY requires online users to provide something additional beyond today's user ID and password. This enhanced security means that even if your password is stolen in a phishing attack or by malicious software, the fraudster cannot access your online accounts because they do not possess the additional factors needed, which are harder to steal. ENHANCED LOGIN SECURITY strengthens security at login while providing peace of mind for retail online banking.

Features:

Browser-based secure cookie with an additional individualized credential (ID) stored on your computer acts as a second factor in addition to your user ID and password.
You can enroll multiple computers
Prevents unauthorized access using stolen credentials on a non-enrolled computer
You can authenticate temporarily on a computer they do not wish to enroll using your individualized challenge questions.

Some terms to be familiar with:

Browser: A computer software program that is used to view and interact with Internet material on the World Wide Web. Examples are: Internet Explorer and Netscape.

Enhanced Login Security: Provided security at Login, no matter what computer you sign in from, using additional end user authentication that helps to protect against online fraud.

Points to Know:

Currently, Investors uses the Forgotten Password questions feature. With the launch of ENHANCED LOGIN SECURITY you will be prompted upon first Login to re-submit these questions and answers. If you do not remember the questions, please call the Internet Banking Department to have your Login reset.

You can enroll multiple computers. We do not recommend enrolling a public computer at the library, coffee shop, etc.

Risk Alert

Fraudulent Emails Claiming to be from NACHA (Phishing Alert Update 3/29/2011)

Further to notices issued on March 11 and February 22, 2011, NACHA – The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.

Always use anti-virus software and ensure that the virus signatures are automatically updated.

Ensure that the computer operating systems and common software application security patches are installed and current.

Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation (FDIC).

FBI Warning about Fraudulent Complaint e-mails

The Federal Bureau of Investigation (FBI) is warning consumers to be cautious of e-mails claiming that someone has filed a complaint against them or their company with a government agency or other organization against you or your company. The fraudulent e-mails state that a complaint has been filed with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau. The e-mails are likely an effort to collect personally identifiable information.

The e-mails address the recipients by name, and other personal information may be contained within the e-mail. Some of the fraudulent e-mails refer to a complaint that is in the form of an attachment. It is believed that the attachment actually contains virus software designed to steal passwords and other personal information from the recipient. Once downloaded, the virus is designed to monitor username and password logins and record the activity entered on the compromised machine.

Consumers and businesses should be wary of any e-mail received from an unknown sender. They should not open any unsolicited e-mail or click on any hyperlinks provided. If you receive a scam e-mail please notify the Internet Crime Complaint Center (IC3) by filing a complaint at www.ic3.gov.

E-Mails Claiming to Be From the FDIC

Con artists know that people trust the FDIC name. That's why they may use our name and seal in fraudulent e-mails trying to obtain valuable information from consumers and businesses. These types of scams are commonly referred to as "phishing." Con artists use fake Web sites and e-mails to obtain valuable personal information from consumers.

The FDIC does not send out unsolicited e-mails or ask for detailed personal information. Additionally, the FDIC does not ask people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts. If you get this sort of e-mail appearing to be from the FDIC, you should assume that it is fraudulent.

To report a fraud, send an e-mail to the FDIC financial crimes unit at alert@fdic.gov or call the FDIC toll-free at 1-877-ASK-FDIC (1-877-275-3342).