November 20, 2018Holiday Scams and Malware Campaigns

The National Cybersecurity and Communications Integration Center (NCCIC) has released the following notification for the upcoming holiday season. This product is provided subject to this Notification and this Privacy & Use policy.

 

As the holidays approach, NCCIC reminds users to be aware of seasonal scams and malware campaigns. Users should be cautious of unsolicited emails that contain malicious links or attachments with malware, advertisements infected with malware, and requests for donations from fraudulent charitable organizations, which could result in security breaches, identity theft, or financial loss.
 

NCCIC recommends the following actions:

If you believe you are a victim of a scam or malware campaign, consider the following actions:


Security

Not securing your own computer, or not updating it properly, can be a recipe for disaster. We encourage you to implement several security tips when you use our Online Banking services:

  • Always access your online banking account on the RSI.bank homepage. Never click on a link sent to you in an email.
  • Never give out your personal information through an email or over the phone. RSI Bank will never request that information in this manner.
  • Choose your User ID and password carefully – They should not be easy for others to guess (like your name or birthday, or your children's names and birthdays). Make sure to change your passwords on a regular basis.
  • Use a combination of letters, numbers, and symbols when creating a password.
  • Never reveal your password to anyone or leave your password in a place where someone else can obtain and use it.
  • Make sure you have a firewall in place when conducting your financial transactions.
  • Log out completely - Do not simply close your browser or use the back button to exit the site. Use the Exit button to end each Online Banking session and then close your browser.
  • Never leave an open session unattended. Your online banking session should be your only open internet window or tab.
  • Change your session timeout in User Options to a time that meets your needs.
  • Install an antivirus app on both your personal computer and your mobile device and keep it updated.
  • Always keep your computer and/or smartphone up to date.
  • Never access your Online Banking account from a public or shared computer.
  • Avoid installing Android apps from third-party websites or unreliable sources.
  • Read the permissions requested by every application before installing.
  • Perform regular backups of data stores on your smartphone.
  • Protect devices with passwords.
  • Don't view or share personal information over a public Wi-Fi network.
  • Balance your account and statements on a regular basis. Online Banking makes it easy!

RSI Bank strongly encourages our commercial customers to perform their own risk assessments and controls evaluations.

  1. Make a list of the risks related to online transactions that your business faces including: passwords being written down and left out in the open; the use of old or inadequate passwords; the possibility of internal fraud or theft; delays in terminating the rights of former employees; the lack of dual control or other checks and balances over individual access to online transaction capabilities.
  2. An evaluation of controls your business uses may include: Using password protected software to house passwords in; conducting employee background checks; initiating a policy and process to terminate access to former employees; segregating duties among two or more people so no one person has too much access or control; conducting internal or third party audits of controls; using firewalls to protect from outside intrusion or hackers.