First National Bank Security Center
At First National Bank, we strive to keep you informed of issues that might affect you. Please take the time to read the important articles to protect your privacy, your identity and your assets.
Toggle Accordion 1
Protect Your Privacy
One of the fastest growing crimes is identity theft, which occurs when an identity thief gains access to and uses an individual’s personal identifying information without his or her knowledge in order to commit fraud or theft. You can protect your privacy and minimize your risk of becoming a victim of identity theft by taking the following steps:
Personal Identifying Information
- Always protect personal identifying information, such as your date of birth, Social Security number, credit card numbers, bank account numbers, Personal Identification Numbers (PINs) and passwords.
- Do not give any of your personal identifying information to any person who is not permitted to have access to your accounts.
- Do not give any of your personal identifying information over the telephone, through the mail or online unless you have initiated the contact or know and trust the person or company to whom it is given.
Credit, Debit and ATM Cards
- Retain all receipts from card transactions.
- Sign new cards as soon as you receive them.
- Report lost or stolen cards immediately.
- Promptly remove mail from your mailbox.
- Deposit outgoing mail in a post office collection box, hand it to a postal carrier, or take it to a post office instead of leaving it in your doorway or home mailbox, where it can be stolen.
- Order a copy of your credit report annually and review it for accuracy.
- Check your credit report for unauthorized bank accounts, credit cards and purchases.
- Look for anything suspicious in the section of your credit report that lists who has received a copy of your credit history.
- Review your bank account and credit card statements promptly and immediately report any discrepancy or unauthorized transaction.
Telephone and Internet Solicitations
- Be suspicious of any offer made by telephone, on a Web site or in an email that seems too good to be true.
- Before responding to a telephone or Internet offer, determine if the person or business making the offer is legitimate.
- Do not respond to an unsolicited email that promises some benefit but requests personal identifying information.
- First National Bank will never requests a customer’s bank card number, account number, Social Security number, Personal Identification Number (PIN) or password through email or phone call.
- If you should receive an email requesting such information that appears to be from First National Bank, do not respond to the email and contact us immediately at (423) 663-4044.
- Store extra checks, credit cards, documents that list your Social Security number, and similar items in a safe place.
- Shred all credit card receipts and solicitations, ATM receipts, bank account and credit card statements, canceled checks, and other financial documents before you throw them away.
PINs and Passwords
- Memorize your PINs and passwords and keep them confidential.
- Change your passwords periodically.
- Avoid selecting PINs and passwords that will be easy for an identity thief to figure out.
- Do not carry PINs and passwords in your wallet or purse or keep them near your checkbook, credit cards, debit cards or ATM cards.
Wallets and Purses
- Do not carry more checks, credit cards, debit cards, ATM cards and other bank items in your wallet or purse than you really expect to need.
- Do not carry your Social Security number in your wallet or purse.
- Use common sense and be suspicious when things don't seem right.
- Be suspicious of any proposed transaction that requires you to send an advance payment or deposit by wire transfer.
Call us immediately at (423) 663-4044 if you believe that you are a victim of identity theft involving one of your First National Bank accounts.
Toggle Accordion 2
Identity Theft occurs when someone steals your personal information and identification. They may open credit card accounts, apply for loans, rent apartments and purchase phone services – all in your name. In many cases, they request address changes so you never see the bills for their activity. These impersonators spend your money as quickly as possible. Most victims never know it until they apply for a loan or receive a call from a collection agency. Clearing your name and erasing the effects of identity theft can be a nightmare and take a great deal of time. You can spend months or even years re-establishing your creditworthiness.
Here are some helpful tips to avoid becoming a victim of identity theft
- Store personal information in a safe place. Shred financial statements, bank checks, credit card offers, charge receipts and credit applications before discarding them.
- Don't release personal information. Never disclose account numbers, Social Security numbers and credit card numbers over the phone or email unless you know the person or organization you're dealing with.
- Guard against mail theft. Deposit outgoing mail into a secure, official U.S. Postal Service collection box. Promptly remove incoming mail after it has been delivered.
- Monitor account information and billing statements. Know your billing cycles and review monthly statements for authorized charges or withdrawals. Missing statements could indicate that someone has filed a change of address notice to divert your mail to his or her address. Consider switching to electronic statements that are delivered directly to an email address that only you have access to.
- Obtain and review copies of your credit report. Order copies of your credit report yearly to review your file and make certain the information is accurate.
The three major credit bureaus are
- Equifax: 1-800-685-1111 www.equifax.com
- Experian: 1-888-397-3742 www.experian.com
- TransUnion: 1-800-888-4213 www.transunion.com
Steps to take if you become a victim of identity theft
- File a police report and call the Federal Trade Commission's toll-free "Identity Theft Hotline" at 1-877-438-4338.
- Notify the three credit bureau's fraud departments. Request that a "fraud alert" be placed in your file, as well as a victim's statement asking that creditors call you before opening any new accounts.
- Request a copy of your credit report. Credit reports are free to fraud victims.
- Contact your creditors for any accounts that have been opened fraudulently. Close your accounts and obtain new credit, debit and ATM cards.
- Report any suspected stolen mail to your local postal inspector and check the post office for unauthorized change of address requests.
Toggle Accordion 3
Business Identity Theft
Corporate Account Takeover is the business equivalent of personal identity theft. Hackers, backed by professional criminal organizations, are targeting small and medium businesses to obtain access to their web banking credentials or remote control of their computers. These hackers will then drain the deposit and credit lines of the compromised bank accounts, funneling the funds through mules that quickly redirect the monies overseas into hackers’ accounts.
As a business owner, you need an understanding of how to take proactive steps and avoid, or at least minimize, most threats.
- Use a dedicated computer for financial transactional activity. DO NOT use this computer for general web browsing and email.
- Apply operating system and application updates (patches) regularly.
- Ensure that anti-virus/spyware software is installed, functional and is updated with the most current version.
- Have host-based firewall software installed on computers.
- Use latest versions of Internet browsers, such as Explorer, Firefox or Google Chrome with “pop-up” blockers and keep patches up to date.
- Turn off your computer when not in use.
- Do not batch approve transactions; be sure to review and approve each one individually.
- Review your banking transactions and your credit report regularly.
- Contact your Information Technology provider to determine the best way to safeguard the security of your computers and networks.
Call us immediately at (423) 663-4044 if you believe that your First National Bank account has been compromised.
Toggle Accordion 4
Protect yourself from Internet and email scams by keeping your private information secure.
At First National Bank, your privacy is very important to us. That's why we want to let you know about an email scam on the Internet called "phishing" (pronounced "fishing") a technique fraudsters use to lure online consumers to fake corporate Web sites through links sent via email.
The message in the email often warns consumers that their account will be closed if their information is not updated or "verified." The links within the email are often pointed to Web forms that ask for bank account information, such as routing numbers, account numbers, PIN numbers, passwords and Social Security numbers.
It is First National Bank’s policy to not send or request confidential account information through email because it is not a secure form of communication. You should never enter private, personal information in a form that was sent to you by email.
Here are a few ways you can protect yourself from Internet and email fraud (phishing):
- Never click on links in unexpected emails that request confidential information. If updates to information are needed, always type the address for the institution’s Web site into your browser.
- Before submitting confidential information through forms, make sure that you are using a secure Internet connection. There are two ways of determining if your connection to a Web site is secure. First, look at the address bar at the top of your browser. If the Web site address begins with "https://", then you have established a secure connection, but if it begins with "http://", then the connection is NOT secure. Second, look for a "lock" icon in your browser's status bar at the bottom right hand corner of your browser. The lock verifies that your connection to the Web site is secure.
- Make sure that you have installed and run updated anti-virus and anti-spyware software. Both viruses and spyware can leave your computer vulnerable to attack and intrusion. Anti-virus and anti-spyware software will keep your computer safe from malicious software that might have installed itself or may try to install itself on your computer. Anti-virus & anti-spyware software is especially important if you are using a broadband Internet connection like DSL, cable or satellite.
- Install a Firewall, either software or hardware. A firewall will prevent attacks on your computer through the Internet by determining if a requested connection is malicious or not. A firewall is especially important if you are using a broadband Internet connection like DSL, cable or satellite.
- Keep your Internet browser, anti-virus, anti-spyware and firewall up to date by visiting the manufacturer's Web site and checking regularly for software and security upgrades.
- Review and monitor your checking account, debit card, credit card statements and your credit report regularly to be sure all transactions are legitimate.
- Watch for misspelling or grammatical errors on forms requesting confidential information. Hackers often make errors while rushing to get bogus Web sites in place. If something doesn't look right, there is a good chance that it's not.
First National Bank will NEVER request a customer's personal information (bank card number, account number, social security number, personal identification number or password) through email or by phone. If you should ever receive an email or phone call requesting your personal, confidential information that appears to be from First National Bank, DO NOT respond and contact the Bank immediately at (423) 663-4044.
Toggle Accordion 5
Social Engineering is a technique used to obtain or attempt to obtain secure information by tricking an individual into revealing the information.
Social engineering is normally quite successful, because most targets (or victims) want to trust people and provide as much help as possible.
Victims of social engineering typically have no idea they have been conned out of useful information or have been tricked into performing a particular task.
The easiest way to breach security is to obtain credentials and the easiest way to get that information is to ask someone for it.
The basic goal of social engineering is to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft, or simply to disrupt and compromise computer systems.
- Social Engineering by Phone – Pretexting
- Dumpster Diving
- Online Social Engineering – Phishing, Pharming
- Reverse Social Engineering
- Shoulder Surfing – Looking over a shoulder to see what they are typing.
- And many more...
What you should do
- NEVER share your user name or password with anyone.
- First National Bank will NEVER call for your user name or password.
- Report spam/fraud to firstname.lastname@example.org or call (423) 663-4044.
- ALWAYS be aware of your surroundings.
Toggle Accordion 6
In the lottery scam, you receive an email notification claiming that you have won an international lottery (Jamaican Lottery, Spanish Lottery, etc). In order to claim your winnings, you must contact the claims agent, typically via an email address that is most often from a free provider (e.g., Yahoo, Hotmail, etc.). The agent then sends you a claim form to verify your identity. You must then return the form with your personal details, along with copies of your passport and/or driver’s license to “verify your true identity.” The fraudsters now have enough information to duplicate your identity. In addition, in order to claim the winnings, you are required to wire funds to the fraudsters to cover the transaction, insurance, tax and legal fees associated with receiving their winnings. The victims are required to transfer the money requested via Western Union. You are now out the funds that you have wired to the fraudsters, and the fraudsters have your personal identification to continue to commit fraud.
The Nigerian Purchase Scam is another form of fraud that is becoming widespread in auction sites and on business’ ecommerce Web sites. A buyer will bid on or seek to purchase big-ticket goods (e.g., cars, boats, etc.) from the Web site. The buyer will “accidentally” overpay the seller, stating they “wanted to make sure there were enough funds for shipping.” The buyer will then ask the seller to deposit the check and refund the amount of the overpayment. The seller will deposit the counterfeit check and send the overpayment to the buyer prior to the check clearing through the international banking system. The seller is out the funds equal to the overpayment. In addition, the seller could be down the value of the shipped goods if those are sent at the same time.
To protect yourself, always be careful when transacting with unknown parties. If you question the legitimacy of a buyer, talk with your branch representative to determine the best way to validate the check and funds prior to shipping any goods or providing a refund for the overpayment.
You get an email or a letter in the mail from a "mystery shopping company" often times the name of the company sounds official. Usually there is a check included or a promise to send a check. They tell you to cash the check and complete an assignment at a major retail store. Then they tell you to take the rest of the money that you didn't spend and send it to another mystery shopper via Western Union. The only problem is that's not a mystery shopper, that's the scammer! The check sent to you was not legitimate, but the bank won't realize it for at least a week. When the check is returned as fraudulent, you become responsible for the charges. Meanwhile, you just sent money to the scammer via Western Union and you're left holding the bag.
If you receive an email or letter in the mail saying you won a lottery and they send you a check or if you sell something on EBay and the buyer pays with a check, you may think you can just take the check to your bank and cash it.
Unfortunately, you can’t. What’s worse, if you cash it in most states, you may be assisting a criminal in passing a counterfeit check, money laundering or worse. Blank checks are stolen every day from individual mail boxes, homes, businesses and even banks. Counterfeiters and scammers use these checks to create scams and frauds.
What can you do?
If you receive a check in the mail that you are not expecting, DO NOT cash it. You should call the issuing bank directly to verify that the account is valid and the check is real.
If you are the victim of a counterfeit check cashing scam, email the FDIC's Special Activities Section at: email@example.com
If you believe you may have fallen victim to this type of scam and wish to report it, please file a complaint with the U.S. government Internet Crime Complaint Center at: http://www.ic3.gov
or contact them at:
FDIC's Cyber Fraud and Financial Crimes Section
550 17th St., NW, Room F-4040,
Washington, D.C. 20429
550 17th St., NW, Room F-4040,
Washington, D.C. 20429
Toggle Accordion 7
Web Security Statement
With banking increasingly being done on the internet, many questions have come up about security. Through Cryptographic Technology, information is protected as it is transmitted across the internet. This technology is a form of scrambling the data as it is sent.
First National Bank uses 128 bit encryption. (If your browser doesn't support 128 bit encryption, you can download a new browser for free by going to www.mozilla.org, www.google.com or www.microsoft.com.) Other security tools available to ensure the integrity of your data are firewalls and filtering routers used to secure computers from third party access via the internet, and a "trusted" operating system employed to protect the information from both internal and external threats.
For added security, we use Multi-factor authentication. Customers are required to determine their own unique Personal Identification Number (PIN), and PIN guessing is deterred by locking a user out of the system after three unsuccessful attempts. These are just some of the full range of internet security tools we use. These layers of security work together to make sure that all information transmitted between you and the Bank is both secure and authentic. Multi-factor authentication includes: two factor authentication, out of band authentication techniques, and challenge questions. Other security protections: username/password authentication, Complex password requirements, expiration on passwords, and IP address matching.
Finally, the same laws that protect consumers in the case of fraudulent credit card usage and other electronic banking applications serve also to limit the consumer's liability in the event of unauthorized online banking activity. Please see the Federal Reserve Board Regulation E (Electronic Funds Transfers) Disclosure.
To further ensure your security please remember to do the following:
- Never open eMail attachments sent from someone that you do not know to protect against viruses. (Viruses are computer programs that can infect other computer programs by modifying them in a harmful or destructive way upon making contact.)
- Do not download programs from any source via the internet that you do not trust completely.
- Install updated virus protection and detection software on your computer. We recommend purchasing software protection such as Norton Antivirus by Symantec, Trend-Micro, or McAfee VirusScan. These packages can detect and eliminate most viruses. The software should be updated regularly to detect newly developed viruses. Please see the following websites to find out more about the risk of harm to your computer and computer programs from malicious viruses and what you may do to protect against them:
- Install Anti-Malware program, like Malwarebyte's Anti-Malware, or Webroot.
- Keep Ids, passwords, and PIN numbers confidential. Remember that if someone has your correct
- PIN no. you could lose all the money in your accounts which are accessible through use of that PIN no.
- Use passwords that include letters and numbers that are not easily discernible or otherwise obvious (for example, do not use birthdays, child's names, etc.)
- Change your passwords frequently.
- Use different passwords and/or PIN numbers for each online service.
Support or call (423) 569-8586; or (423) 663-4044 for questions concerning First National Bank Web Security.
Toggle Accordion 8
Support of internet browsers and operating systems
- FNB recommends using Google Chrome, Firefox, or Microsoft Edge.
Please upgrade to the latest browser or switch to a supported browser to use Online Banking in its optimal format.
Using an outdated operating system puts you and your personal information at risk. Your computer and the information on that computer are your responsibility. First National Bank encourages all users to consult with a computer professional for upgrade options as soon as possible.
Toggle Accordion 9
Romance scams occur when a criminal adopts a fake online identity to gain a victim’s affection and trust. The scammer then uses the illusion of a romantic or close relationship to manipulate and/or steal from the victim.
The criminals who carry out romance scams are experts at what they do and will seem genuine, caring, and believable. Con artists are present on most dating and social media sites.
The scammer’s intention is to establish a relationship as quickly as possible, endear himself to the victim, and gain trust. Scammers may propose marriage and make plans to meet in person, but that will never happen. Eventually, they will ask for money.
Scam artists often say they are in the building and construction industry and are engaged in projects outside the U.S. That makes it easier to avoid meeting in person—and more plausible when they ask for money for a medical emergency or unexpected legal fee.
If someone you meet online needs your bank account information to deposit money, they are most likely using your account to carry out other theft and fraud schemes.
Tips for Avoiding Romance Scams:
- Be careful what you post and make public online. Scammers can use details shared on social media and dating sites to better understand and target you.
- Research the person’s photo and profile using online searches to see if the image, name, or details have been used elsewhere.
- Go slowly and ask lots of questions.
- Beware if the individual seems too perfect or quickly asks you to leave a dating service or social media site to communicate directly.
- Beware if the individual attempts to isolate you from friends and family or requests inappropriate photos or financial information that could later be used to extort you.
- Beware if the individual promises to meet in person but then always comes up with an excuse why he or she can’t. If you haven’t met the person after a few months, for whatever reason, you have good reason to be suspicious.
- Never send money to anyone you have only communicated with online or by phone.
If you suspect an online relationship is a scam, stop all contact immediately. If you are the victim of a romance scam, file a complaint with the FBI’s Internet Crime Compliant Center www.ic3.gov.
Toggle Accordion 10