Online Security

As technology continues to improve, it's more important than ever to be aware of security as you surf the web. Check out the topics below to learn different tips to keep your information safe while using the internet.

Cyber Security

As technology continues to improve, it's more important than ever to be aware of security as you surf the web. Check out the different tabs below to learn different tips to keep your information safe while using the intranet.

{beginAccordion h2}

Spam and Phishing

Malicious Email

A malicious email can look just like it comes from a financial institution, an e-commerce site, a government agency or any other service or business.

It often urges you to act quickly, because your account has been compromised, your order cannot be fulfilled or there is another urgent matter to address.

If you are unsure whether an email request is legitimate, try to verify it with these steps:

• Contact the company directly – using information provided on an account statement, on the company’s official website or on the back of a credit card.
• Search for the company online – but not with information provided in the email.

Spam

Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Here are ways to reduce spam:

• Enable filters on your email programs: Most internet service providers (ISPs) and email providers offer spam filters; however, depending on the level you set, you may end up blocking emails you want. It’s a good idea to occasionally check your junk folder to ensure the filters are working properly.
• Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox.
• Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information. 

Phishing

Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.

Spear Phishing
Spear phishing involves highly specialized attacks against specific targets or small groups of targets to collect information or gain access to systems. For example, a cybercriminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic and because the recipient is already customer of the business, the email may more easily make it through filters and the recipient maybe more likely to open the email.

The cybercriminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.

Spam & Phishing on Social Networks
Spam, phishing and other scams aren’t limited to just email. They’re also prevalent on social networking sites. The same rules apply on social networks: When in doubt, throw it out. This rule applies to links in online ads, status updates, tweets and other posts. Here are ways to report spam and phishing on major social networks:

• Reporting spam and phishing on Facebook
• Reporting spam on Twitter

Tips for Avoiding Being a Victim

• Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
• Before sending or entering sensitive information online, check the security of the website.
• Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
• If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing.
• Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.

What to Do if You Are a Victim

• Report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
• If you believe your financial accounts may be compromised, contact your financial institution immediately and close the account(s).
• Watch for any unauthorized charges to your account.
• Consider reporting the attack to your local police department, and file a report with the Federal Trade Commission or the Internet Crime Complaint Center.

Protect Yourself with these STOP. THINK. CONNECT.™ Tips:

• When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or – if appropriate – mark it as junk.
• Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true or asks for personal information.
• Make your password a sentence: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
• Unique account, unique password: Having separate passwords for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passwords.
• Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.

Online Shopping

It’s important to take steps to protect yourself when shopping online.

From the convenience of making purchases at your fingertips and next-day delivery to getting great deals and an the endless catalogue of purchasable items, online shopping has only grown in popularity. While the increased availability of online shopping is convenient, it also makes it more lucrative for scammers to trick buyers into paying for goods they won’t receive or obtain their personal information for financial gain. So, what can you do about it?

Being a safe and secure shopper starts with STOP. THINK. CONNECT.™: Take security precautions, think about the consequences of your actions online and enjoy the conveniences of technology with peace of mind while you shop online.

Online Shopping Tips

• Conduct research: When using a new website for purchases, read reviews and see if other consumers have had a positive or negative experience with the site.
• When in doubt, throw it out: Links in emails, posts and texts are often how cybercriminals try to steal your information or infect your devices.
• Personal information is like money: value it and protect it: When making a purchase online, be alert to the kinds of information being collected to complete the transaction. Make sure you think it is necessary for the vendor to request that information. Remember, you only need to fill out required fields at checkout.
• Use safe payment options: Credit cards are generally the safest option because they allow buyers to seek a credit from the issuer if the product isn’t delivered or isn’t what was ordered.
• Don’t be disappointed: Read return policies and other website information so you know what to expect if the purchase doesn’t go as planned.
• Protect your $$: When shopping, check to be sure the site is security enabled. Look for web addresses with https:// indicating extra measures to help secure your information.

Shopping on the Go

• Now you see me, now you don’t: Some stores and other locations look for devices with WiFi or Bluetooth turned on to track your movements while you are within range. Disable WiFi and bluetooth when not in use.
• Get savvy about WiFi hotspots: Limit the type of business you conduct over open public WiFi connections, including logging in to key accounts like email and banking. Adjust the security settings on your device to limit who can access your phone.

Basic Safety and Security Tips

• Keep a clean machine: Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.
• Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.
• Make your password a sentence: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
• Unique account, unique password: Having separate passwords for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passwords.

Managing Your Privacy

Personal Information is Like Money. Value it. Protect It.

Your devices make it easy to connect to the world around you, but they can also pack a lot of info about you and your friends and family, such as your contacts, photos, videos, location and health and financial data. Follow these tips to manage your privacy in an always-on world.

• Secure your devices: Use strong passwords, passcodes or touch ID features to lock your devices. These security measures can help protect your information if your devices are lost or stolen and keep prying eyes out.
• Think before you app: Information about you, such as the games you like to play, your contacts list, where you shop and your location, has value – just like money. Be thoughtful about who gets that information and how it’s collected through apps.
• Now you see me, now you don’t: Some stores and other locations look for devices with WiFi or Bluetooth turned on to track your movements while you are within range. Disable WiFi and Bluetooth when not in use.
• Get savvy about WiFi hotspots: Public wireless networks and hotspots are not secure, which means that anyone could potentially see what you are doing on your mobile device while you are connected. Limit what you do on public WiFi, and avoid logging in to key accounts like email and financial services on these networks. Consider using a virtual private network (VPN) or a personal/mobile hotspot if you need a more secure connection on the go.

Keep A Clean Machine

• Keep your mobile phone and apps up to date: Your mobile devices are just as vulnerable as your PC or laptop. Having the most up-to-date security software, web browser, operating system and apps is the best defense against viruses, malware and other online threats.
• Delete when done: Many of us download apps for specific purposes, such as planning a vacation, and no longer need them afterwards, or we may have previously downloaded apps that are no longer useful or interesting to us. It’s a good security practice to delete all apps you no longer use.

Responding to Identity Theft, Fraud and Cybercrime

When dealing with cybercrime, an ounce of prevention is truly worth a pound of cure. Cybercrime in its many forms (e.g., online identity theft, financial fraud, stalking, bullying, hacking, email spoofing, information piracy and forgery and intellectual property crime) can, at best, wreak havoc in victims’ lives through major inconvenience and annoyance. At worst, cybercrime can lead to financial ruin and potentially threaten a victim’s reputation and personal safety.

It’s always wise to do as much as possible to prevent cybercrime.

One of the best ways to learn how to prevent cybercrime is to check out STOP. THINK. CONNECT.™ at stopthinkconnect.org.

But, despite our best efforts, our increasingly digital lives may put us in harm’s way. The fact remains that the bad guys continue to find new uses for ever-expanding – but easily accessible – online technologies to steal, harass and commit all sorts of crime. If cybercrime happens to you, you should know what to do and be able to respond quickly.

Don't forget - Oxford Bank offers a fraud protection service called Kasasa Protect^®.

{endAccordion}

For more information like this, go to www.staysafeonline.org.

Mobile Banking Security

We know you like staying plugged in, so make sure you're banking safe with these important tips!

{beginAccordion}

Encrypt your phone: the first line of defense

Encrypt your phone: the first line of defense

Making sure your phone is password-protected is always the most important first line of defense. By setting up a password to open your phone, you protect yourself from individuals who may pick up your phone as they pass by or while you are away from your device. 

Every smart phone comes with the advantage of built-in security functions, such as auto-lock, fingerprint or facial recognition log-in, and remote wipe. Click the links below to learn how to use these on your device

iPhone encryption

Android encryption

Make sure your phone is up-to-date with the latest software

Those pesky software updates are there for a reason - updates can help patch security flaws (let's face it - technology isn't perfect yet), protect your data from hackers, and also helps you keep other devices you're connected to secure. Click the links below to learn how to update your device:

iPhone updates

Android updates

Don't forget the your phone updates aren't the only updates you need to do - Oxford Bank also sends out updates to our Oxford Bank Mobile app to keep your security up to date! As a reminder, only update your apps from known and reputable sources. 

Oxford Bank Mobile app security

When it comes to banking, mobile banking makes security a lot easier and convenient because you can check you balances any time, any where. Contact your Personal Banker at 248-628-2533 to set up your online banking. 

As a reminder, you should always log out of mobile banking applications when you have completed your banking activities.

De-register your device if lost or stolen

If your phone gets lost or stolen, it's important to de-register your device from the Oxford Bank Mobile app, and other mobile banking apps, immediately. 

De-register from your computer: go to www.oxfordbank.com, and log in to your online banking. Once logged in, click on 'Mobile' from the top toolbar and un-check the box saying 'Enable web access for your mobile device.' Then, hit submit. 

Once you've logged in, click on the tab titled 'Text Mobile Settings.' From there, un-check the box titled 'Enable text access for your mobile device,' then hit 'Submit.' 

Remember - you can always call 248-628-2533 to have your Personal Banker help you de-register your phone from mobile banking!

{endAccordion}

Online Banking Security

The safety and security of your information is our top priority. Oxford Bank's online banking is a secure, encrypted system. When you log into your account, a padlock will appear in the URL bar, and it will read 'https://" which indicates a secure connection. Look for both of these when you log in to any online banking portal to make sure your connection is secure.

If you believe your Oxford Bank online banking has been compromised, contact us immediately at (248) 628-2533.

Here are some more ways to make sure that your online banking stays safe:

• Always use a network you know and that is secure. Public networks in coffee shops, hotels, or other public entities are easily accessible and should never be used while working with confidential information.
  
  
• Don’t use a public or shared computer. Online banking should be conducted on a computer that you know to be safe and secure. If you must use a computer other than your own, make sure to log out of your account, and clear the browsing history.
  
  
• Protect your answers to security questions, and try to make them varied from other accounts. 
  
  
• Oxford Bank will never ask you for account numbers or passwords by phone or email. Never respond to emails that request your account, credit or debit card information or verification of your personal information via email or a website. Do not send credit or debit card information (even to people you know) via email or text.
  
  
• Only download our mobile banking app from the Apple Store (iOS) or Google Play (Android).

Improving Your Passwords

Nowdays, you have so many accounts and passwords it's hard to remember them all. Or, even worse, you use the same one for each website, which means all of your information is at risk. 

Hackers know that we are bad at creating passwords, are creatures of habit - which means it only takes one compromised website login to gain access to many others. And while these websites may not contain financial data, they will contain data which will make it easier to replicate your identity. 

Here's what you need to do to make your password strong:

• Have a combination of upper and lowercase letters, numbers, symbols, and never put two of them in a row
  
  
• Use a pass 'phrase' instead of code; example: 0xfordB@nki$c0ol! (Oxford Bank is cool)

Want to see how secure your password is? Check out the password meter here!