Consumer Alerts

Measures Consumers May Take to Enhance Mobile Banking Security

  • Use a PIN or password to keep the mobile device locked when it is not in use
  • Make sure the mobile device does not automatically log into the bank account
  • Do not store information such as PIN numbers, passwords, account numbers, etc. on the mobile device
  • Notify the bank immediately of loss or theft of mobile device
  • Beware of phishing scams and deceptive websites that mimic the bank's website.
  • Never disclose confidential information or account details.

ICBA and SHCPF Provide Tips to Protect Elderly Veterans from Financial Abuse

The Independent Community Bankers of America and the Senior Housing Crime Prevention Foundation have banned together to provide tips on preventing financial abuse for our nation's elder veterans and their families, offering the following tips on ways to prevent financial abuse for our nation's elder veterans:

•Secure all of your valuables in a bank safety deposit box. These valuables can include your Social Security card, passports, credit card account numbers, will and other legal documents, financial statements and medical records.

•Do not give financial information to callers that contact you and claim to be from established organizations such as your bank or credit card companies, especially if they ask you to wire funds or send them private information. If you are concerned about your bank account, contact your local community bank directly.

•Check your bank accounts and bill statements carefully. You can check them online so you can zoom in easily in case you need to make the statement larger for easier reading. Plus, online banking makes it easy to check your transactions on a regular basis. If you notice unauthorized charges, alert your bank immediately.

•Do not give your personal information, such as bank account numbers or PINs, to anyone in a phone call, letter, email, fax or in a text message.

"Protecting our nation's veterans is a need that must be addressed. These men and women have dedicated their lives to protecting us and SHCPF is dedicated to protecting them now," said SHCPF Chairman, President and CEO Peter K. Gwaltney. "Elder financial abuse is a rapidly growing problem in our country and we owe it to our veterans and all of the elderly to stop financial exploitation."

Heart Bleed Bug

On April 7, 2014, security researchers announced a recently-discovered vulnerability called Heart Bleed. By exploiting this vulnerability, attackers could access sensitive data, compromising the security of the server and its users. You may have read media reports that say that all online banking websites are vulnerable.

Digital Insight, our online banking vendor, takes security very seriously. They are aware of the Heart Bleed Bug (CVE-2014-0160) and have taken steps to evaluate whether there is impact.

After performing a thorough investigation, Digital Insight research indicates that this vulnerability does not impact Digital Insight Online Banking services because the encryption libraries used for Digital Insight Online Banking do not use the OpenSSL library that is the source of the vulnerability. However, there are a number of ancillary services within your online banking experience that have not yet completed their assessment. Rest assured that we are doing everything we can to help ensure that your information is safe. We will be sure to keep you updated.

Target Data Breach

ATTENTION: Individual Sutton Bank customers are being notified as we are made aware of specific Sutton Bank debit or credit cards that may be involved in the Target data breach. Please CLICK HERE to leave Sutton Bank's web site and be taken to the Target web site page with detailed information on the data breach and what Target is doing to mitigate damages to its customers. As mentioned on the Target web site, be particularly watchful for emails or phone calls that claim to be from Target asking you to provide credit card numbers or social security numbers to "verify" your account. DO NOT click on any links provided in such emails and DO NOT provide account numbers or social security numbers over the Internet or telephone.