September 5, 2017New IRS Scam Alert

The IRS is warning against a new phishing scam that tries to make you download an FBI questionnaire. However, if you click the link, your computer will be infected with ransomware instead. The scam email uses the emblems of both the IRS and the Federal Bureau of Investigation.

Remember that the IRS does not use email, text messages or social media to discuss personal tax issues, such as those involving bills or refunds. THINK BEFORE YOU CLICK!


September 11, 2017Equifax Security Breach

On September 7, 2017, the consumer credit reporting bureau Equifax announced a major data breach affecting approximately 143 million Americans. The company said that from mid-May through the end of July, criminals exploited an Equifax website vulnerability to access names, Social Security numbers, birth dates, addresses, and in some cases, driver’s licenses.

The company also said that about 209,000 Americans’ credit card numbers were accessed, along with credit dispute documents with personally identifying information for 182,000 consumers. According to Equifax, “The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.”

Equifax has set up a website to help consumers determine if their information was breached, and, if so, to sign up for credit monitoring and identity theft protection offered by TrustedID, an Equifax subsidiary. The website address is https://www.equifaxsecurity2017.com.

Equifax will also mail notices to consumers whose credit card numbers or dispute documents were breached.

 

The breach discussed occurred at  Equifax not at RSI Bank. This information is being provided solely as a courtesy to our customers. 


Security

Not securing your own computer, or not updating it properly, can be a recipe for disaster. We encourage you to implement several security tips when you use our Online Banking services:

  • Always access your online banking account on the RSI.bank homepage. Never click on a link sent to you in an email.
  • Never give out your personal information through an email or over the phone. RSI Bank will never request that information in this manner.
  • Choose your User ID and password carefully – They should not be easy for others to guess (like your name or birthday, or your children's names and birthdays). Make sure to change your passwords on a regular basis.
  • Use a combination of letters, numbers, and symbols when creating a password.
  • Never reveal your password to anyone or leave your password in a place where someone else can obtain and use it.
  • Make sure you have a firewall in place when conducting your financial transactions.
  • Log out completely - Do not simply close your browser or use the back button to exit the site. Use the Exit button to end each Online Banking session and then close your browser.
  • Never leave an open session unattended. Your online banking session should be your only open internet window or tab.
  • Change your session timeout in User Options to a time that meets your needs.
  • Install an antivirus app on both your personal computer and your mobile device and keep it updated.
  • Always keep your computer and/or smartphone up to date.
  • Never access your Online Banking account from a public or shared computer.
  • Avoid installing Android apps from third-party websites or unreliable sources.
  • Read the permissions requested by every application before installing.
  • Perform regular backups of data stores on your smartphone.
  • Protect devices with passwords.
  • Don't view or share personal information over a public Wi-Fi network.
  • Balance your account and statements on a regular basis. Online Banking makes it easy!

RSI Bank strongly encourages our commercial customers to perform their own risk assessments and controls evaluations.

  1. Make a list of the risks related to online transactions that your business faces including: passwords being written down and left out in the open; the use of old or inadequate passwords; the possibility of internal fraud or theft; delays in terminating the rights of former employees; the lack of dual control or other checks and balances over individual access to online transaction capabilities.
  2. An evaluation of controls your business uses may include: Using password protected software to house passwords in; conducting employee background checks; initiating a policy and process to terminate access to former employees; segregating duties among two or more people so no one person has too much access or control; conducting internal or third party audits of controls; using firewalls to protect from outside intrusion or hackers.