Fraud & Security Alerts
August 29, 2014 -Important information for Windows XP, Internet Explorer (IE) 7 and IE8 users
As of April 2014 Microsoft no longer supports or provides security updates for Windows XP operating systems. If you are running Windows XP, IE7 or IE8 we recommend that you upgrade your operating system and/or browsers to a newer version. Upgrading to supported software will provide security updates and protection for you, especially when you are accessing online financial information.
FNBT has provided support for its customers that access Online Banking via the Windows XP Operating System and/or IE7 or IE8 for more than 10 years, but in that time technology and the way we use it has changed significantly.
We are committed to combatting fraud by continuously evaluating ways to fortify the integrity of our systems. To protect your online banking experience and allow us to continue to deliver new functionality, FNBT has discontinued Online Banking support for Windows XP and Internet Explorer 7 (IE7) and IE8, in line with Microsoft's own support demise.
What does it mean that my version of Windows or Internet Explorer is no longer supported?
Anytime a software company discontinues support of a product it means that no newer versions or patches of this product will be sent to update the software. Updates are important so that software remains compatible with newer versions of security and usability standards. Especially important with operating system software are security updates.
My computer still works. Why should I be concerned?
Your operating system is your first line of defense in securing your PC and preventing loss of your personal or business information. If your software is not being supported it will be vulnerable to ever evolving hacking and malware techniques.
Is this just a security issue?
Not only is this a security issue, but because of the vulnerability of accessing sites with a computer using an out of date operating system, many secure sites will begin not to allow your computer to access their sites. In addition, your computer will not be able to recognize more advanced security certificates and will be unable to access those sites.
What are the benefits of upgrading my Operating System and browser?
Our system requirements for FirstB2B and FirstNet ensure that you receive the best possible experience and the highest level of security on the Internet. In addition, using the recommended and certified browsers along with approved Operating System means that we can provide support if a technical issue does occur.
What if I use FirstB2B Business Online Banking and I am unable to upgrade my Operating System or browser at my business?
Some companies have IT restrictions in place which prevent users from downloading software. Others have legacy systems which require the use of Windows XP or IE7/IE8. In cases like these, you may be unable to upgrade your browser. As a FirstB2B System Administrator/User, we would ask you to present this webpage to your IT manager for further consideration.
What if I don't upgrade my Operating System (OS) or browser?
If you choose not to upgrade your OS or browser, your FirstB2B or FirstNet Online Banking access will not be blocked in any way, however you will experience the following limitations:
- While FirstB2B and FirstNet itself are secure, using Windows XP and/or IE7 and IE8 will leave you vulnerable to certain security threats;
- Future enhancements to FirstB2B and FirstNet will not be tested for Windows XP, IE7, IE8 compatibility, which means they may not function correctly in your browser;
- We (FNBT) will not be able to provide support for issues related to Windows XP, IE7, IE8 compatibility.
As a result of these limitations, your Online Banking experience on Windows XP and / or IE7, IE8 will likely continue to degrade over time, so we encourage you to upgrade your OS and browser version as soon as possible.
How do I know if I am running Windows XP?
How can I upgrade my computer software?
If your current computer meets the system requirements for Windows 7 or Windows 8.1, you can buy Windows 7 or Windows 8.1 from a local retailer or Microsoft Certified Partner. If your computer does not meet system requirements, consider purchasing a new computer.
If you would like to read more detailed information on upgrading your OS or browsers, please click here to visit Microsoft's end-of-support site.
April 10, 2014 - Heartbleed Bug
As you may have heard, a major vulnerability was discovered this week in technology that powers encryption across many services on the Internet. We've compiled some Frequently Asked Questions to keep you informed about this issue and what it may mean to you.
What is the Heartbleed Bug?
Heartbleed is a flaw in the programming on secure websites that could put your personal information at risk, including passwords, credit card information and e-mails. The Heartbleed Bug is a defect in encryption technology – called Open SSL – used by most Web servers to secure users' personal or financial information. It is behind many "https" sites that collect personal or financial information. Basically, it provides a secure connection when you are conducting a transaction or sending an e-mail online. Experts discovered the bug recently and warned that cybercriminals could exploit it to access visitors' personal data or to impersonate a website and collect even more information.
Am I affected?
Most active users of the Internet have likely been exposed, since a majority of websites – including Facebook, retail and even government sites – use the Open SSL software. But it is unknown whether any criminals have actually exploited the bug, and several major sites, like Amazon, have already installed patches. Most sites with an address beginning with "https" are vulnerable until the website operator fixes the bug and users change their passwords.
Is my bank account safe?
Yes, consumers are always protected from any unauthorized transactions. We continuously monitor your accounts and use many different systems to protect customers' information including rigorous security standards, encryption, and fraud detection software.
Let us know immediately if you suspect any unusual activity:
- Call 800-667-4401
- Log into online banking and send a secure message
- Contact Us online
What can I do?
It is always Sound Advice to update your bank password every few months. Also, monitor your account regularly and report suspicious transactions to us immediately. Beware of phishing scams – or e-mails with malicious links – that will attempt to get additional sensitive information from you.
What is First National Bank and Trust doing?
Our bank has been working diligently with our technology partners to research the possible impact of the Heartbleed Bug and taking appropriate actions to ensure that it has no impact on our customers. Most Internet banking applications are not impacted by this bug. We have a special layer of security that prevents this type of exploit which doesn't use Open SSL at all.
For additional information on this vulnerability:
Jan 02, 2014 - Information Regarding Target and Retail Data Breaches
Despite efforts to protect customers' information, breaches can occur at the point-of-sale.
- Unfortunately, the Target breach is not the first time banks of all sizes have had to take steps to protect customers as a result of a merchant's data breach.
- Everyone has a responsibility to protect the integrity of the payments system and not allow events like this to occur. Banks do so, and retailers must as well.
- All banks, including First National Bank (FNBT), will continue to work with the card networks, law enforcement, and industry associations to better understand the impact of the breach and determine the best strategies to protect their customers.
Our customers are protected when these retail point-of-sale breaches happen.
Regardless of where the breach actually occurred, banks are the stewards of the customer financial relationship.
FNBT takes a variety of steps to protect the integrity of our customers' accounts, including:
- Utilizing state-of-the art monitoring tools to screen for indications of suspicious activity.
- Blocking and/or reissuing cards for affected accountholders, if we determine your account has been compromised and is at risk.
Reimbursing customers for confirmed fraudulent transactions.
There are ways customers can assist to improve their security.
- Customers concerned about the Target breach should consult this Washington Post piece listing five key facts about the breach.
- Check your account often for suspicious activity – either through Internet banking, phone 800-667-4401, or using mobile banking applications.
- Enroll in mobile alerting programs to monitor regular or non-standard activity on your accounts. Contact us to learn more about mobile alerts.
- If you have a reason to suspect fraud, contact us right away by calling 800-667-4401, your log in to online banking and send us a message, or visit a branch.
Other general safety recommendations provided by the American Bankers Association include:
- Be wary of your surroundings and of other people who may be near you at the ATM or retail point-of-sale.
- Use your body or hand to "shield" the ATM or point-of-sale keyboard as you enter your PIN. Be wary of those trying to help you, especially when an ATM "eats" your card. They may be trying to steal your card number and PIN.
- Always take your receipts or transaction records with you and check them against your statements. Report unauthorized transactions immediately.
- Do not give your personal or financial information to anyone who calls you over the phone or through text and email. Thieves often pose as bank representatives to steal this information; however, banks already have this information and will not request it from you.
- Keep a record of card numbers, expiration dates and 1-800 numbers for banks so you can contact the issuing bank easily in cases of theft. Do not leave your bank statements, checkbooks, or credit/debit cards lying around the house or on your desk at work. No one should have access to this information but you.
- Contact the Federal Trade Commission at www.consumer.gov/idtheft, or call the FTC, at 1-877-438-4338, or write to Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue NW, Washington, D.C., 20580.
- Periodically obtain credit reports from each nationwide credit reporting agency. If any information on the credit report appears fraudulent, request that the credit reporting agency delete that information from the credit report file. Under federal law, consumers are entitled to one free copy of their credit report every 12 months from each of the three nationwide credit reporting agencies. Obtain a free copy by going to www.AnnualCreditReport.com or by calling 1-877-322-8228.
December 19, 2013 - We are aware of the recent debit and credit card breach at Target. First National Bank and Trust utilizes premium fraud monitoring tools to protect our customers' transactions. If your account is identified as affected by this compromise, we will reach out to you via mail with the appropriate next steps. Please note that if you are a Target REDcard holder and you have seen suspicious activity, you should contact Target directly. In the meantime, it is always Sound Advice to regularly review your account for suspicious activity. For more information about the breach, please visit Target's website.
February 19, 2013 - The Department of Financial Institutions (DFI) is urging Wisconsin business owners to exercise caution if they receive a request for information from a company called Corporate Records Service. Business owners are being asked to fill out an Annual Minutes Form and submit a fee of $125 to a mail box with a Madison, WI address. Businesses are not required by DFI or any other state agency to complete the form. For more information please read the Wisconsin Satewide Information Center's Daily Bulletin.
November 13, 2012 - We have become aware of a telephone phishing attempt in the area using texting. According to our customer support team, we have had a few calls from customers this afternoon reporting receiving text messages regarding their debit cards. The text has a call back number 1-410-505-5045, which when called instructs the customer to enter their 16 digit debit card number. As a general guideline, be highly suspicious anytime you are requested to provide personal information over the phone if you did not initiate the call or transaction.
It's also a good reminder :
- Never offer personal or account information over the phone without verifying the caller's identity.
- If you are uncertain of the identity of a caller, hang up and initiate the call yourself using a known phone number.
- Do not call any phone number received in a voice message, text message or email asking for personal information. It could lead you to a phony answering system.
For additional information regarding Phishing and Identify Theft visit our online resource center.
If you believe you've been a victim of this or any scam please contact us immediately at 800-667-4401.
January 2012: Fraudulent cashier's checks have been circulating the area. Click here for an example of what to look for to protect yourself from becoming a victim.
November 2011: FinCEN has reported that an email appearing to come directly from the 314 Program Office was sent out on or around November 2, 2011.
Please note: the 314 Program Office did not send any type of notification and it is very important that any recipients do not try and access the link within the email or enter any login or password information.
It's always important for users to check for the SSL Certificate sign when access the 314(a) Secure Information Sharing System, and it is also encouraged to verify the internet address bar to make sure it reflects https://www.fincen.gov/314a/
FRAUD ALERT: NACHA has reported a circulation of fraudulent emails that make reference to an ACH transfer, payment, or transaction and contain a link or attachment that infects the computer with malicious code when clicked on by the email recipient.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
Please forward any suspicious emails you receive that appear to come from NACHA to email@example.com for analysis. Visit www.nacha.org for more information.