Close up of hands typing on a laptop keyboard

Security Awareness

The First National Bank of Allendale strives to provide our customers with a convenient and safe online banking experience. It is our goal to protect the confidentiality of your account and personal data and comply with all applicable banking regulations relating to the safeguarding of your data. Our online banking product incorporates sophisticated security features to keep your information safe and secure.
 
While we continue to take all possible steps to ensure the safety of our online banking system, we cannot assume responsibility for any breach of security that is out of our control. It is imperative that you take steps to protect your account and personal information while engaged in any and all online activities.
 
Below are some general tips and relevant articles to help protect yourself with security awareness. 
  • Protect your passwords by creating a strong password using random letters and numbers.
  • Avoid dictionary words.
  • Remember that sharing information online (via Facebook and other social media) about your children, pets, birthdays, anniversaries, etc. can make it easier to guess passwords using this information as well.
  • NEVER share your password! 
  • Do not write it down.
  • Do not reveal it to anyone, including bank associates.

The First National Bank will never email, call, or text you and ask you for any personal information. If you think your User ID or password has been stolen or compromised, notify The First National Bank immediately at 618-299-4411.
To support security measures that keep our end users' data safe, we require modern browsers to support online banking.  

  • Internet Explorer® is no longer supported for use with FNBA's online banking product.  If  you are currently using IE, we recommend you switch to the new Microsoft Edge™ or another supported browser.  
  • We only support the latest version of Microsoft Edge™.  Access to older Microsoft Edge™ versions may be denied 60 days after Microsoft® releases a new version.  
  • If a person uses Chrome™'s automatic updates, the browser should update on its own.  Major updates release approximately every 12 weeks.  
  • Firefox® should update itself automatically.  If Firefox® is two versions older than the current stable channel version, you may experience limited functionality.  
  • Safari® only has major upgrades currently during the fall.  Approximately 60 days after a new version releases, older version access my be denied. 
Steps to take to help you reduce your risk of ID theft:
 
1. Keep your personal information secure
  • Never give out your personal information via email, text or to an unsolicited caller.
  • Switch to paperless statements. Check out e-Statements
  • Shred any documents, such as tax forms, bank statements and medical bills that contain sensitive information.
  • Avoid carrying your Social Security Number in your wallet and give it out only when necessary.
  • Don’t overshare on social media, and use privacy controls so that personal information is not made public.
  • Discuss internet safety with your children, and prevent them from sharing information online without your permission.
2. Protect your devices
  • Keep all devices updated with the latest security patches and software.
  • Secure your devices and home Wi-Fi network with a unique password of at least eight characters.
  • Enable biometrics such as fingerprint sign-on, retina/facial recognition where available.
3. Control access to your accounts
  • Create a strong password for each of your accounts, and never reuse the same password on multiple websites.
  • Use multifactor authentication to add an extra layer of protection when signing in to your accounts.
  • Activate account alerts to help you monitor your finances and keep your accounts safe. Debit Card Alerts
  • Make sure your phone number and email address are up to date on your financial accounts.
Act quickly if you become a victim of ID theft. 
.BANK is a gated domain, like .gov or .edu, but for verified banks.  Replacing .com, which can be purchased by anyone, .BANK quickly verifies that the website or email is authentically from our bank, so you can interact with confidence when you see the ‘.BANK’ at the end of our email address and website URL.

How is .BANK more secure?
All banks are verified and authenticated by fTLD, the .BANK administrator, prior to registering their .BANK domain, and re-verified annually thereafter.  This ensures everyone using a .BANK domain is an eligible organization.  Hackers and bad actors can’t get a .BANK domain to create lookalike domains for phishing and spoofing, as they can in ‘.com’ and other publicly available domains.

With the ‘.BANK’ visual authentication cue in place, you can quickly confirm our emails and website are real, and avoid interactions that could lead to identity theft and financial fraud.  This authentication is also an additional layer of protection for internal and vendor communications, helping to secure against potential breaches.

All banks within the .BANK domain must also implement additional Security Requirements to help secure their sites and email, and protect them, their vendors and their customers from phishing, spoofing and other cyberattacks.  All banks using .BANK are monitored for compliance with these security requirements on an ongoing basis.

Why have I not seen all other banks make this change?
The move to .BANK is a business decision every bank must make, and plan for, based on its priorities and resources.  We decided it was a priority for us to enhance our security and provide our customers with an easy way to authenticate our email communications and website.

Fraudulent phishing scams/activities have recently increased.  These scams consist of calls or text messages to credit and debit cardholders in an attempt to gain access to account information.  During these attempts, cardholders are informed that their card has been deactivated and needs to be reactivated.

The cardholder is then asked to provide key account information such as the card number, expiration date, PIN number and three digit security code, in order to reactivate the affected debit card.  The fraudsters use this information to create duplicate cards and/or make online purchases.

If you received one of these calls:

  1. During regular business hours, contact 618-299-4411 to have your debit card turned off and to order a new card.
  2. After-hours, contact us at 1-888-297-3416 to have your card turned off. 

Additionally, the Federal Bureau of Investigation (FBI) warns of phone calls purporting to be from Microsoft, asking to be given remote access to a computer in order to "fix a virus" they have detected.  This has led to attempted and completed fraudulent wire transfers in banks across the country.  Microsoft will never contact you to request access to your computer.  Please be cautious and do not provide information or access to your computer should you receive a phone call like this.

We will never ask you for sensitive information such as your password(s), login ID(s), or account number(s).  If you are ever contacted in this way, please contact us immediately at 618-299-4411.  (Op

"CryptoWall" and "CryptoDefense" operate in a similar manner to "CryptoLocker" by encrypting the files on your network shares and denying users access until they pay the ransom between $300 and $1,000 or restore their files from a backup.  This is a widespread attack with a high distribution rate.

Emails either contain an attachment or a link to a website to open the notification, which then downloads the virus.  Often, these emails slip through spam filters, as antivirus vendors are continually faced with variants of these malwares.
  1. Email users are cautioned to be on the lookout for suspicious emails (i.e., any unknown sender, UPS, faxing service, the FBI, etc.).
  2. NEVER open an attachment or click on a link within an email unless you are expecting the email and/or have confirmation that is it is safe to do so.
  3. Computer owners must ensure they have up-to-date firewall and anti-virus software running on their machines to attempt detection and deflect malicious software.
  4. Verify that you have a current backup of your system. 
The IC3 is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA). It recommends the public do the following:
  1. Carefully read emails you receive.  Fraudulent messages often feature misspellings, poor grammar, and nonstandard English.
  2. Report emails you receive that purport to be from the FBI.  Criminals often use the FBI’s name and seal to add legitimacy to their fraudulent schemes.  In fact, the FBI does not send unsolicited emails to the public.  Should you receive unsolicited messages that feature the FBI’s name, seal, or that reference a division or unit within the FBI or an individual employee, report it to the Internet Crime Complaint Center.  
  3. Additionally, adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page.  Even a “friend” can unknowingly pass on multimedia that is actually malicious software.
  4. Do not agree to download software to view videos.  These applications can infect your computer.
You get a call:  “Grandma, I need money for bail.” Or money for a medical bill.  Or some other kind of trouble.  The caller says it’s urgent — and tells you to keep it a secret. 

But is the caller who you think it is?  Scammers are good at pretending to be someone they’re not.  They can be convincing: sometimes using information from social networking sites or hacking into your loved one’s email account to make it seem more real.  And they’ll pressure you to send money before you have time to think.

Here’s what you can do: 
  • Stop.  Check it out.  Look up your grandchild’s phone number yourself or call another family member.
  • Pass this information on to a friend.  You may not have gotten one of these calls, but chances are you know someone who will get one — if they haven’t already.
Please Report Scams
If you spot a scam, please report it to the Federal Trade Commission (FTC).  Your complaint can help protect other people.  By filing a complaint, you can help FTC's investigators identify the impostors and stop them before they can get someone's hard-earned money.  It really does make a difference.
You get a call from someone who says they are from the Internal Revenue Service (IRS).  They say that you owe back taxes. They threaten to sue you, arrest or deport you or revoke your license if you don’t pay right away.  They tell you to put money on a prepaid debit card and give them the card numbers.

The caller may know some of your Social Security number and your caller ID might show a Washington, DC area code, but is it really the IRS calling?

No.  The real IRS won’t ask you to pay with prepaid debit cards or wire transfers.  They also won’t ask for a credit card over the phone and when the IRS first contacts you about unpaid taxes, they will do it by mail, not by phone. Caller IDs can be faked.

Here’s what you can do:
  • Stop.  Don't wire money or pay with a prepaid debit card.  Once you send it, the money is gone.  If you have tax questions, visit the IRS website or call the IRS at 1-800-829-1040.
  • Pass this information on to a friend.  You may not have gotten one of these calls, but chances are you know someone who will get one — if they haven’t already.
Please Report Scams
If you spot a scam, please report it to the Federal Trade Commission (FTC).  Your complaint can help protect other people.  By filing a complaint, you can help FTC's investigators identify the impostors and stop them before they can get someone's hard-earned money.  It really does make a difference.
You get a pop-up or other urgent message from someone saying your computer is infected.  It might seem like the message comes from a well-known company like Microsoft or Apple, or maybe your internet service provider.  It tells you there are viruses or other malware on your computer.  It says you have to call a number or risk losing your personal data.

Is this a threat or a real problem?  Judging by reports to the Federal Trade Commission, no.  These are scammers who want to sell you useless services, steal your credit card number, or get access to your computer to install malware, which could then let them see everything on your computer.

Here’s what you can do:
  • Stop.  Don't call a phone number or click a link.  Don't send money, give your credit card number or give control of your computer to anyone who contacts you.
  • Pass this information on to a friend.  You might know these pop-ups are fake, but chances are you know someone who doesn't.
Please Report Scams
If you spot a scam, please report it to the Federal Trade Commission (FTC). Your complaint can help protect other people.  By reporting a scam, you can help FTC's investigators identify the impostors and stop them before they can get someone's hard-earned money.  It really does make a difference.