Security

All internet-connected technology is prone to vulnerabilities. Malicious cyber actors are constantly seeking ways to exploit any opportunity to get in your systems, such as through out-of-date software, unsecure apps that leave your data exposed, or easy-to-guess passwords.

Here are steps everyone should take to enhance cybersecurity at home and in the workplace:

• Think before you click. Don’t click on ads that offer prizes, money, or something for free. Similarly, don’t click on suspicious links—use your mouse to hover over a link to see where it’s about to take you. In your inbox, don’t open email from people you don’t know or download attachments from an email you didn’t expect to get. Be suspicious of emails asking you to login somewhere—check for grammatical errors, a low-quality logo or a lack of a logo, a strange URL, or other indicators of a phishing attempt. If a link looks a little off, think before you click. It could be an attempt to get sensitive information or install malware.
• Update your software: Don’t delay—If you see a software update notification, act promptly. Better yet, turn on automatic updates. Every computer that’s connected to the internet is frequently attacked by hackers who test to see if the computer is prone to any known vulnerabilities. The only way to be safe is to always have the latest security updates installed.
• Use strong passwords: Use passwords that are long, unique, and randomly generated. It’s much more valuable to use LONGER passwords than short but complex passwords. Use password managers to generate and remember different, strong passwords for each of your accounts. A passwords manager will encrypt passwords securing them for you and are more secure than password keepers built into web browsers.
• Enable multi-factor authentication: Two-factor or multi-factor authentication (MFA) adds extra security. To log in, somebody would need your password and a second factor, like a security code sent your phone. Most email or social networking sites offer this security feature. When they do, use it!
• Lock your device. If you lose your device, you don’t want to add insult to injury by leaving yourself vulnerable to someone stealing your information. Provide an initial layer of security by locking your phone with a password or a PIN—preferably one that’s longer than four numbers.
• Don’t overshare on social media: Don’t post confidential information like your address, phone number, or credit card number. Collecting even a few pieces of your personal information makes it easier for someone to pretend to be you, use your accounts without your permission and steal your data.
• Delete unused apps. Not only will deleting unused apps free up more space on your device, but it can also protect your information. Apps on your phone or computer that are no longer supported by the developer open you up to security risks. Plus, most apps collect data about you—why give your data to an app you’re not using?
• Backup files that are important to you. Use an external hard drive or the cloud, but just make sure that the files and information you hold dear aren’t lost forever.
• Use an antivirus tool.  It can help you detect keyloggers, trojans and other threats that are silently lurking in the background.
• Create and save bookmarks. One way someone might try to steal your information is by getting you to enter your information on an illegitimate website that looks similar to your banking website, a government website, or any site where you use credit card or personal information. Avoid this by bookmarking the sites where you bank or input your financial information so you know you’re sharing your information with the right people and companies.

• Be careful where and how you log in. Only access your accounts using computers and Wi-Fi networks that you know and trust. Public computers could have keyloggers (which actually track user keystrokes) and other forms of malware installed on them.
• Avoid public Wi-Fi hotspots or charging stations. It may be convenient to use the Wi-Fi at your local coffee shop or the charging station at the airport, but these areas are targets for someone looking to steal your information. If you absolutely must use public Wi-Fi, use a Virtual Private Network (VPN) and/or avoid transmitting information you would not want others to see.
• Bookmark our banking and shopping sites. This is a precautionary step that can help you ensure you’re always at the right spot, and not on a look-alike site designed to steal your information.  Use Bank Midwest’s Online Banking direct login link.
• Look for the “s” in “https://” that comes before every website’s URL. It stands for “secure.” If you don’t see it, then don’t share any information with the site.
• Be careful where you shop on the web. Reference the Better Business Bureau, the Federal Trade Commission or online reviews to make sure a merchant you’re buying from for the first time is legitimate.
• Keep an eye on your account activity. Set up account alerts to text or email you so you can stay in the loop on what’s happening. We work hard to flag questionable transactions, but no one knows your activities and purchases better than you. Let us know the second you spot something suspicious. Do the same for your other accounts as well.
• Manage your password. Protect your password to help secure your account. Do not share your password with anyone else. And, don’t reuse the same password for multiple sites. Avoid writing down your username and passwords. You’re much better off using a password manager.
• Sign out. Be sure to log off online banking or any accounts you may be accessing online when you’re finished. Closing your web browser is also a good practice.
• Only download apps from reputable app stores. This will help eliminate the risk of downloading applications that are laced with malware or that are insecure.

Phishing scams trick online users into giving away sensitive information such as online banking username and login. Fraudsters might send emails or text messages claiming to be a legitimate institution asking for personal information, and they’ll often use urgent language.

One of the most common examples is the fake password reset. A fraudster pretends to be your bank and claims that you must reset your password. They might include a link that navigates to a fake password reset page intended to steal your login information.

Other tips to help you avoid online phishing:

• Don’t respond to emails, open links or download attachments from unknown senders.
• Don’t open file attachments from known senders that are sent without any context. This could be a sign that the contact’s email has been hacked and the perpetrator is using it to spread malware.
• Never send sensitive information over email.

If you’re worried about the validity of an email or text message sent on behalf of Bank Midwest, contact us directly at 888-902-5662.

Be on the lookout for accounts that you didn’t open or any suspicious activity.

If you start getting billed for services you don’t use or called about debts that don’t pertain to you, access your credit report immediately. Also keep an eye out for suspicious withdrawals from your bank account, or any attempts to file taxes in your name.

Learn more about obtaining a free credit report once a year.

Password protect your device or setup a biometric login.
This will make it difficult if not impossible for anyone who isn’t you to log in. Remember, it’s not just your mobile banking app you should be worried about. Anyone who has your phone can access your money in other ways, such as hijacking your online shopping accounts.

Set up “Find My iPhone” or the Android equivalent, “Find My Device.”
This will help you locate your lost smartphone as long as the device is powered on and connected to the internet. It will also give you the option to wipe your device remotely. As drastic as that may sound, it may be necessary to keep your personal information secure. For this reason, we also recommend creating a backup for your device (either on a remote drive or in the cloud).

See if you can find it with your device-finding feature.
Who knows? A good Samaritan at the coffee shop may have turned your device in for you. See if you can locate it using a ‘find my phone’ option on your computer.

Disable mobile banking.
You can do this through the Bank Midwest online banking portal or by calling us at 888-902-5662.

Wipe your device.
You have to know when to cut your losses. If you can’t find the device, it might be time to wipe it. It’s unfortunate, but it’s better than having your personal data exposed.

Update all of your passwords.
This probably isn’t necessary if you’ve used a passcode and also wiped your device, but it certainly can’t hurt. If you haven’t password-protected your phone and/or you cannot wipe it, this is priority No. 1. To update your Bank Midwest password (personal users), simply visit the main Login screen to find a self-help option. Click the text link “Forgot Username or Password?” or “Forgot Password?” Choose the help you need, verify your information, and you’ll be presented with your Username or be able to reset your password. Or, contact us at 888-902-5662.