- Use at least 8 characters with a mixture of uppercase, lowercase and special characters in your account passwords; adding more makes it harder for password cracking software tools to identify it.
- Use abbreviated phrases to form a strong password which is comprised of letters, numbers, and special characters, while avoiding dictionary words.
- Use a different password for each of your online accounts since scammers use automated tools to surf other commonly found secure websites using stolen user password credentials.
- Change your online password regularly as a good safety measure against online fraud. Best practice suggests that system users change their passwords every 90 days.
- Don't leave your passwords on written notes under your keyboard or around your computer. Password management tools can be a helpful option.
- Please review the password criteria specific to APCI eBanking.
- Be wary of suspicious websites.
- Make sure the website is secured with encryption before entering any passwords, personal or financial information. It must have "https" in the website address; not just "http." Look for the security lock symbol for information regarding the security used on the site.
- Only do business online with companies you know you can trust and review their privacy and security statements.
- Act quickly if you suspect fraud. If you suspect someone was trying to commit fraud and you gave them your personal information, contact your financial institution immediately. Change your passwords and monitor your account activity after a fraud attempt.
- Be on the alert for email and text scams. These communications may look like they are from a known business or friend. The message may ask you to correct your personal information or to create a new password, but the goal is to gather your personal information.
- Never open messages from senders you don't know. Email attachments can be especially dangerous because these can contain malware that can infect your electronic device.
- Links in email are a commonly used method to trick you into downloading malicious code to your electronic device without any further prompting. The address in the link may mimic seemingly legitimate websites. Hover over a hyperlink to verify the web address before clicking on the link.
- Spelling errors and poor grammar in business email messages are often a sign of an attempted phishing attack.
- Contact your financial institution using a previously known phone number to verify the legitimacy of an email or text and its content if it contains links or attachments that you were not expecting to receive.
- Your electronic devices, including home computers, tablets and mobile devices, should have the most current anti-virus software installed and updated daily. Just because this software appears to be running, it doesn't mean it is protecting you with the latest virus definitions. Renew your virus software annually.
- Use a reputable antivirus/anti-malware software package.
- If you use a wireless network router, make sure you change the default settings where applicable to prevent anyone who knows the default settings from gaining access. Be sure to set the encryption method to WPA2-PSK (pre-shared key) if possible.