Call Us: 888-647-1265
Home / Resources / Learning Center / Security Center

Security Center

 

USA Patriot ACT

The USA Patriot ACT has paved the way for financial institutions to help prevent fraud, identity theft, money laundering activities and the spread of terrorism.  Federal law requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account.

 

What does this mean to you?

When you open a new account or request a loan, you may be asked questions to establish and confirm your identity. We will ask for your name, address, date of birth, and other information that will allow us to identify you. We may also ask to see your driver's license or other identifying documents such as a passport, U.S. taxpayer identification (ID) number, Alien ID Card, or any other government-issued document evidencing nationality or residence.

 

Concerned about the Equifax breach? See our FAQ to learn more about the breach and how to protect yourself.

Frequently Asked Questions

I’ve been hearing about the Equifax breach in the news. What happened?

Equifax, one of the three major credit bureaus, experienced a massive data breach. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people.

 

Was my information stolen?

If you have a credit report, there’s a good chance it was. Go to a special website set up by Equifax to find out: https://www.equifaxsecurity2017.com/. Scroll to the bottom of the page and click on “Potential Impact,” enter some personal information and the site will tell you if you’ve been affected. Be sure you’re on a secure network (not public wi-fi) when you submit sensitive data over the internet.

 

How can I protect myself?

  • Enroll in Equifax’s services.

Equifax is offering one year of free credit monitoring and other services, whether or not your information was exposed. You can sign up at https://www.equifaxsecurity2017.com/.

  • Monitor your credit reports.

In addition, you can order a free copy of your credit report from all three of the credit reporting agencies at annualcreditreport.com. You are entitled to one free report from each of the credit bureaus once per year.

  • Monitor your bank accounts.

We also encourage you to monitor your financial accounts regularly for fraudulent transactions. Use online and mobile banking to keep a close eye on your accounts.

  • Watch out for scams related to the breach.

Do not trust e-mails that appear to come from Equifax regarding the breach. Attackers are likely to take advantage of the situation and craft sophisticated phishing e-mails.

 

Should I place a credit freeze on my files?

Before deciding to place a credit freeze on your accounts, consider your personal situation. If you might be applying for credit soon or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus.  A fraud alert puts a red flag on your credit report which requires businesses to take additional steps, such as contacting you by phone before opening a new account.

 

How do I contact the three major credit bureaus to place a freeze on my files?

Equifax: Call 800-349-9960 or visit its website.

Experian: Call 888-397-3742 or visit its website.

TransUnion: Call 888-909-8872 or visit its website.

 

Where can I get more information about the Equifax breach?

You can learn more directly from Equifax at https://www.equifaxsecurity2017.com/. You can also learn more by visiting the Federal Trade Commission’s web page on the breach at https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. To learn more about how to protect yourself after a breach, visit https://www.identitytheft.gov/Info-Lost-or-Stolen

 

Data Security

First Bank is committed to safeguarding the information our clients and customers share with us. Unfortunately, criminals have many methods they can use to obtain this information from you without your knowledge including the Internet, over the phone or through the trash you throw away. We have compiled helpful information concerning identity theft and financial crime and how you can protect yourself.

Online Banking Security

First Bank's online banking services contain security measures to limit the possibility of unintended distribution of confidential information and the potential for fraud-related losses. The service runs on a robust operating system. State of the art firewall technology is the first line of defense in preventing unauthorized access to any information housed. Included in this operating system is the capacity to allow only secure connections by end users.

However, there are steps you should take to further protect yourself while online.

  • Do not write down your password and store it near your computer system.
  • Change your password periodically
  • Change your password immediately if you suspect it has been compromised.
  • Never share or give your username, password or security questions to anyone regardless of the circumstances.
  • Avoid using public computers to access your Internet Banking
  • Ensure that your computer is equipped with up to date anti-virus software protection
  • Do not provide any personal information to web sites that do not use encryption or other secure methods of protection
  • Update your computer with the patches as recommended by the operating system manufacturer

Selecting Strong Passwords

The objective when creating a strong password is to make it as difficult as possible for anyone to make an educated guess about what you have selected. However, it should be developed in a manner that makes it simple to remember without writing it on paper.

Words to Avoid When Creating Passwords

  • Do not use your or any family member's name, nickname, or initials in any form
  • Do not use your user ID in any form.
  • Do not use other information that can be easily obtained about you. This includes birth dates, telephone numbers, license plate numbers, or Social Security numbers
  • Do not use all the same character (i.e., 55555) or consecutive keys on a keyboard (i.e., QWERTY).
  • Do not use words that would appear in a dictionary as they can be easily compromised by password cracking programs that employ electronic dictionaries.

Tips for Choosing Good Passwords

  • Develop a method of creating a password that makes it easier for you to remember, thus eliminating the temptation to write it down
  • You can use a favorite phrase, selecting the first letter of each word to create your password. For added security, be sure to include at least one number. For example, "Win One For The Gipper" becomes the password WOFTG7.
  • Use two short words and connect them with a number. For example, THE8DUKE.
  • Use a word that you can easily remember, but remove the vowels and replace them with numbers. For example, the word "Internet" becomes the password 1NT3RN6T.

System Timeout/Lockout

In order to prevent someone from gaining unauthorized access to your financial information, you should always log off the system before walking away. As an added level of protection, the Internet Banking system has a timeout feature that automatically terminates your session after a period of inactivity.

For additional protection, access to the system accounts will be locked after three unsuccessful login attempts.

Commercial Banking Internet Security

In addition to the information provided here, commercial & small business account holders should institute additional security measures in order to further protect their online banking for example:

  • Perform your own annual internal risk assessment & evaluation on all online accounts
  • Establish internal policies regarding employee internet usage
  • Ensure all company computers are equipped with up to date anti-virus protection software

What is Identify Theft?

Identify theft occurs when someone uses your personal information such as your Social Security number, account number or credit number, without your permission, to commit fraud or other crimes.

Protect yourself by:

  • Reporting lost or stolen checks or credit cards immediately
  • NEVER give out any personal information
  • Shred all documentation that contains confidential information (i.e. bank and credit card statements, bills and invoices that contain personal information, expired credit cards and pay-stubs)
  • Check your credit report annually

Check Your Credit

Any consumer can request one free copy of his or her credit report per year. Reviewing your credit report can help you find out if someone has opened unauthorized financial accounts, or taken out unauthorized loans, in your name.
Contact the three major credit bureaus to request a copy:

How to Contact Us

Our Customer Accounts Department can be reached at our toll free number 540-465-9121 or e-mail us. Please do not hesitate to contact us immediately to report any of the following:

General Internet Banking inquiries

  • Lost or stolen Access ID, User Name or Password
  • Receipt of suspicious or fraudulent mail
  • Email or websites related to First Bank    

Reg E
How Does Regulation E Apply to Your Accounts with Internet Access?

Regulation E protects individual consumers engaging in electronic fund transfers (EFT). Non-consumer (or business) accounts are not protected by Regulation E.
An EFT is an electronic exchange or transfer of money from one account to another, either within a single financial institution or across multiple institutions initiated through electronic-based systems. The term includes, but is not limited to:

  • Point-of-sale transfers
  • Automated Teller Machine transfers (ATM)
  • Direct deposits or withdrawal of funds
  • Transfers initiated by telephone
  • Transfers resulting from debit card transactions, whether or not initiated through an electronic terminal
  • Transfers initiated through internet banking/bill pay

How does Regulation E apply to a consumer using internet banking and/or bill pay?

Regulation E is a consumer protection law for accounts established primarily for personal, family, or household purposes. Non-consumer accounts, such as Corporations, Partnerships, Trusts, etc. are excluded from coverage. Regulation E gives consumers a way to notify their financial institution that an EFT has been made on their account without their permission.

Is My Account Protected?

Any fraudulent or unauthorized EFTs are protected. For a description on what an EFT is under Regulation E please refer to the section "What is an EFT?"

What are the applicable protections provided to consumers under the Act for consumers who use internet banking and/or bill pay?

If you believe an unauthorized EFT has been made on your account, contact us immediately. If you notify us within two (2) business days after you learn of the unauthorized transaction, the most you can lose is $50. Failure to notify the bank within two (2) business days may result in additional losses.

No Liability Limit

Unlimited loss to a consumer account can occur if the periodic statement reflects an unauthorized transfer of money from your account, and you fail to report the unauthorized transfer to the bank within 60 days after we mailed your first statement in which the problem or error appeared.

Exclusions from Protection

The term EFT does not include:

  • Checks – Any transfer of funds originated by check, draft or similar paper instrument or any payment made by check, draft or similar paper instrument at an electronic terminal
  • Check Guarantee or Authorization – Any transfer of funds that guarantees payment or authorizes acceptance of a check, draft or similar paper instrument but does not directly result in a debit or credit to a consumer’s account
  • Wire or other similar transfers – Any transfer of funds through a wire transfer system that is used primarily for transfers between financial institutions or between businesses
  • Automatic transfers by account-holding institution – Any transfer of funds under an agreement between a consumer and a financial institution which provides that the institution will initiate individual transfers without a specific request from the consumer:
    • Between a consumer’s accounts within the financial institution
    • From a consumer’s account to an account of a member of the consumer’s family held in the same financial institution
    • Between a consumer’s account and an account of the financial institution, except that these transfers remain subject to § 205.10(e) regarding compulsory use and sections 915 and 916 of the act regarding civil and criminal liability. (Refer to “Coverage in Detail” section below for a detail explanation of protections provided under Regulation E)
  • Telephone-initiated transfers - Any transfer of funds that:
    • Is initiated by a telephone communication between a consumer and financial institution making the transfer; and
    • Does not take place under a telephone bill-payment or other written plan in which periodic or recurring transfers are contemplated.

Regulation E – Coverage in Detail

For a complete detail explanation of protections provided and not provided under Regulation E; please visit the following link as provided by the FDIC:

FDIC – Electronic Funds Transfers (Regulation E)
http://www.consumerfinance.gov/eregulations/1005

How Regulation E applies to a non-consumer using internet banking and/or bill pay?

A non-consumer (business) customer using internet banking and/or bill pay is not protected under Regulation E. Because the non-consumer account is not protected by Regulation E special consideration should be made by the Business to ensure adequate internal security controls are in place that commensurate with the risk level that the customer is willing to accept.

Precautions a non-consumer should take because they are not protected by Regulation E

As a non-consumer customer you should perform a periodic assessment to evaluate the security and risk controls you have in place. The risk assessment should be used to determine the risk level associated with any internet activities the non-consumer customer performs and any controls in place to mitigate these risks.

For more information and tips on how to safe-guard your online security, take a look at the following videos and links:

Protecting Personal Information: A Guide for Business
https://www.ftc.gov/tips-advice/business-center/guidance/protecting-personal-information-guide-business

Business Peer to Peer File Sharing:
https://www.consumer.ftc.gov/articles/0016-p2p-file-sharing-risks

Consumer Action: Complaints
https://www.usa.gov/consumer-complaints

FDIC Consumer Protection
https://www.fdic.gov/consumers

FDIC Consumer Alerts:
http://www.fdic.gov/consumers/consumer/alerts/index.html

ID Theft
http://www.ftc.gov/bcp/edu/microsites/idtheft

NACHA Fraud Resources
https://www.nacha.org/Fraud-Phishing-Resources

US Department of Homeland Security
http://www.us-cert.gov/home-and-business

Federal Communication Commission -Business Cyber-planner
http://www.fcc.gov/cyberplanner