First National Bank of Hutchinson

Internet Security 101

Q: Will Online banking and Online Bill Pay make me more vulnerable to identity theft?
A: This is a common misconception of online banking and bill pay. Using these online services will actually DECREASE your risk! Consumers who use online banking and bill pay:

Are less likely to become a victim.
Will lose less money if they become a victim. and
Detect any fraudulent activity sooner.

Most identity theft is not through electronic sources. Consumers are more likely to become a victim by "traditional means" (e.g. stolen wallet, dumpster diving, or from a friend or relative) than by using the internet.

Sources: Better Business Bureau, American Bankers Association, Yahoo! Finance

Q: How can I protect my Online Account?
A: Internet banking has several effective security techniques that we encourage you to implement when you use FNB's Online Banking:

Never reveal your password to anyone or leave your password anywhere that someone else can use it.
Treat your password as you would your checkbook or account number.
Select a secure password that no one can guess, but you can still remember.
Change your password on a regular basis.
Use special characters in your password (!,@,#,$,%,^,&,*,_,<,>,?, etc).
Use the "Sign off" button to end each Internet banking session. Do not use the Back button to exit the site.
Close your browser window after exiting Online Banking.
Change your session timeout in "User Options" to a time that works best for you.
Frequently delete your temporary internet files.
Balance your account on a regular basis.
Pay attention to your last login date and number of incorrect logins.
Notify us immediately if you suspect someone has your login information.
KEEP YOUR COMPUTER PATCHES UP-TO-DATE!!! Security patches are free and can be downloaded from the manufacturer's website.
Install anti-spyware and anti-virus software and KEEP THEM UP-TO-DATE!

Remember, your online account is only as secure as your password is. Any security features we've put into place are useless if you don't secure your password.

Q: What is a secure password?
A: First of all, a "bad password" is:

Bad Password:	Why?
Personal information	Whoever wants to guess your password will probably try personal information first. Social security numbers, children's names, birthdays, license plate numbers, etc can all be found out by people who may or may not know you.
Contained (or can be derived from a word) in a Dictionary	Cracking software will usually contain an electronic dictionary (both foreign and domestic languages) that they use to search for possible passwords and any derivation of all of these words (adding numbers, special characters, uppercase, lowercase and changing the placement of these characters).
Doesn't Contain a Mix of: Upper Case Letters, Lower Case Letters, Numbers, and Special Characters (!,@,#,$,%,^,?,etc)	The more combinations someone has to guess, obviously, the longer it will take to guess the right combination. If you only use lowercase letters, that is only 26 possible elements to combine. When you add uppercase, that brings the number to 52. Adding numbers is 62. Finally with special characters, there are 96 to choose from! And it becomes more difficult the longer you make your password. Additionally the longer your password is, the harder is to guess. Combining the elements will take a lot longer to crack.
Preceeded by or Followed by a Digit or Character	Just a derivation of a word contained within a dictionary.
A Word with Vowels Deleted ("snwmn")	Same thing.
A Phrase with Whitespace Deleted ("iamcool")	Many cracking programs will also search common phrases and combined words as well as dictionaries.
An acronym ("USA", "FNB")	Same thing here, too.
A Pattern ("asdf123", "AAA111")	These are EASY for a computer to guess.

So a "good password" does not contain any "bad password" requirements!

Q: How do I pick a secure password that I can remember?
A: Be creative! Here are a few ideas (Please don't use the examples as your password!):

What to do:	Example:
Take a phrase, use first letter of each word, then manipulate the result.	Phrase: Mary had a little lamb; her fleece was white as snow First Letters: "mhallhfwwas" Manipulate: "Mh@1l;hfwwa$" (Added semicolon at sentence break, changed few letters to uppercase, and replaced some letters with characters or numbers.
	Phrase: Do you know the way to San Jose? First Letters: "dyktwtsj" Manipulate: "D!Y!Ktw2$J?" (Added punctuation, changed a few letters to uppercase, and replaces some letters with characters and numbers.)
Take a word phrase, transform it, and substitute some of the letters	Phrase: Iron horse Transformation: "ihrornse" (The words were intertwined and jumbled.) Subtitution:"1hrOrn$e" (Numbers and symbols were substituted for some of the letters.)
	Phrase: File drawer Transformation: "fdirlawer" (The words were intertwined and jumbled.) Subtitution:"Fd1rL@w3r" (Numbers and symbols were substituted for some of the letters.)
	Phrase: Photographic Transformation: "fotografik" (Change to phonetic spelling.) Subtitution:"f*+OGr@f!k" (Replace some letters with symbols.)

Q: What if I need to write my password down?
A: Write down your password at your own risk! You wouldn't leave your checkbook out for anyone to access...leaving your password accessible is the same thing. But if you still feel like you need to write it down, keep it under lock and key or apply an agorithm so you aren't writing your actual password. For example, if your password contains numbers, subtract 2 from each digit before you write it down.

Q: Does FNB use cookies?
A: We only use cookies for Online Banking session information. Your privacy is important to us and we don't collect information or share it with others except for banking purposes.

Q: What is 128-bit encryption?
A: Encryption is a mathematical method of scrambling something to make it unreadable. Here is a very simple example: the phrase "Encryption is good." can be enrypted into "Fodszqujpo jt hppe." Unless you know how the phrase was scrambled (in our example, change each letter into the following letter in the alphabet), the resulting phrase looks like jibberish. However, given enough time and computer power, this simple code can be cracked. The "128-bit" is simply how complex the encryption is. The higher the number the more complex, the harder it is and the longer it takes to crack. We use encryption for protecting your online banking information as it travels through the internet. In order to use online banking, we require a browser that is compatible with 128-bit encryption.

Q: Will FNB send me emails asking for personal information like my account numbers, passwords, social security number?
A: Never! Be assured, First National Bank of Hutchinson will never ask for personal information in an email. If you receive anything of this nature from anyone, please delete it immediately.

Q: Will FNB give my information to others or send me any spam email?
A: Absolutely not! We only give information to parties as necessary for normal banking proceedures. Additionally, FNB will only send emails reguarding announcements for our products or services, for example, added features to online banking or irregular down-time for online banking. You can be confident that your information is safe with FNB.

Q: What is "phishing"?
A: "Phishing" is a tactic used by identity theives to steal your personal information. "Phishers" will send emails that look like they came from legitimate companies to lure you to enter passwords, social security numbers or other information. They may even add links within the emails that will take you to a look-alike website to get you to submit this information. Most phishing emails have a sense of urgency to get you to act before thinking. Here are some examples:

"Hurry or your account will be suspended."
"Your account has been comprimised."
"Verify your information."

Legitimate companies will never ask for sensitive information through email.

Q: How do I know if an email from FNB is legitimate?
A: Legitimate emails from FNB will ALWAYS be listed in our email archive.

Q: What is "pharming"?

A: "Pharming" is similar to phishing except instead of sending you an email, pharmers will trick your computer to go to a spoof website instead of the legitimate site. Before submitting any personal information on a website, always make sure you are at a secure website. Check that the address contains "https:" and an icon of a padlock is on the bottom of the screen. Otherwise, the site is not secure.

Top