As banking services have evolved over time, a much higher
percentage of customers rely on Electronic Banking. As
Online Banking and Mobile Banking usage increases, so will
the instances of fraud; therefore the need for controls to
minimize risks and prevent and detect fraudulent activity
is critical.
Debit Card Fraud Monitoring
We want you to know what we are doing to help protect
your account and your money. We continually monitor the
activity on your card. If there is suspect activity on
your card, our Fraud Monitoring Service will reach out to
you by phone, text, or email so you can confirm or deny
the transaction. For your protection, if we cannot reach
you, we will restrict the card until the transaction is
confirmed by you.
Below is best practice guidance that can help protect
you against fraud associated with Electronic Banking:
- User ID and Password Guidelines
- Create a “strong” password with at least 8 characters
that includes a combination of mixed case letters,
numbers, and special characters.
- Change your password frequently.
- Never share username and password information with
third-party providers.
- Avoid using an automatic login feature that saves
username and passwords.
General Guidelines
- Do not use public or other unsecured computers for
logging into Online Banking.
- Check your last login date/time every time you log in.
- Review account balances and detail transaction
regularly (preferably daily) to confirm payment and
other transaction date and immediately report any
suspicious transaction to your financial institution.
- View transaction history available through viewing
account activity information.
- Whenever possible, use Bill Pay instead of checks to
limit account number dissemination exposure and to
obtain better electronic record keeping.
- Take advantage of and regularly view system alerts;
examples include:
- Balance alerts
- Transfer alerts
- Password change alerts
- Do not use account numbers, your social security
number, or other account or personal information when
creating account nicknames or other titles.
- Whenever possible, register your computer to avoid
having to re-enter challenge question and other
authentication information with each login.
- Review historical reporting features of your online
banking application on a regular basis to confirm
payment and other transaction date.
- Never leave a computer unattended while using Online
Banking.
- Never conduct banking transactions while multiple
browsers are open on your computer.
- If you notice any suspicious account activity or
experience any issues with Online Banking you may
contact The Bank of Bennington at 802.442.1640 .
- If your mobile device is lost you can contact The Bank
of Bennington to request your account be disabled.
Tips to Protect Online Payments & Account Data
- When you have completed a transaction, ensure you log
off to close the connection with the financial
organization’s website.
- Use separate accounts for electronic and paper
transactions to simplify monitoring and tracking any
discrepancies.
- Reconcile by carefully monitoring account activity and
reviewing all transactions initiated by your company on
a daily basis.
Protections provided under Regulation E- Electronic
Funds Transfer Act
Customers should review their monthly account statement
for possible errors with electronic funds transfers as
they would with any other type of transaction. If you
notice an error in an electronic fund transfer relating to
your account certain steps must be taken. Please note that
Regulation E only applies to retail (non-commercial)
customers.
Under the Act the Customer must:
- Write or call the financial institution immediately if
possible. You may contact The Bank of Bennington at
802.442.1640 .
- Must be no later than 60 days after we sent you the
first statement containing the error or problem.
- Give us your name and account number.
- Explain the error or the transfer you are unsure
about, the type, dollar amount and date.
Under the Act the bank must:
- Promptly investigate the error and correct any error.
- If this takes more than 10 business days to do this
the bank will re-credit your account for the amount you
think is in error.
- Must notify you of the results of investigation:
- If there was error- correct or make re-credit
final.
- If no error-explanation in writing notifying
customer of deducted re-credit.
Tips to Avoid Phishing, Spyware and Malware
- Do not open e-mail from unknown sources. Be suspicious
of e-mail purporting to be from a financial institution,
government department, or other agency requesting
account information, account verification, or banking
access credentials such as usernames, passwords, PIN
codes, and similar information. Opening file attachments
or clicking on web links in suspicious e-mails could
expose your system to malicious code that could hijack
your computer.
- Never respond to a suspicious e-mail or click on any
hyperlink embedded in a suspicious email. Call purported
source if you are unsure who sent an e-mail.
- If an e-mail claiming to be from your financial
organization seems suspicious, checking with your
financial organization may be appropriate.
- Install anti-virus and spyware detection software on
all computer systems. Free software may not provide
protection against the latest threats compared with an
industry standard product.
- Update all of your computers regularly with the latest
versions and patches of both anti-virus and anti-spyware
software.
- Ensure computers are patched regularly, particularly
operating system and key application with security
patches.
- Install a dedicated, actively managed firewall,
especially if using a broadband or dedicated connection
to the Internet, such as DSL or cable. A firewall limits
the potential for unauthorized access to your network
and computers.
- Check your setting and select, at least, a medium
level of security for your browsers.
- Clear the browser cache before starting an online
banking session in order to eliminate copies of Web
pages that have been stored on the hard drive. How the
cache is cleared depends on the browser and version you
are using. This function is generally found in the
browser’s preferences menu.
Tips to Protect Mobile Banking Users
- Place a password on the device to keep it securely
locked after timing out.
- Add The Bank of Bennington short codes and customer
service phone number to your contact and only initiate
SMS and phone call from your contact list. Do not reply
to SMS messages that do not exist in your contact list.
- Do not click on links in SMS messages unless you
initiated the SMS conversation with The Bank of
Bennington.
- Do not call phone numbers not in your contact list. If
you are unsure about a phone number, you may text “HELP”
to the short code (497-94) and compare the phone
numbers. Only call the numbers in your Help response or
in your contact list to avoid vishing.
- Bookmark The Bank of Bennington mobile web site and
only use this bookmark to access the site to avoid
phishing.
- Avoid using unsecured, public Wi-Fi networks to access
financial accounts with mobile devices.
- Always use your cellular network when conducting
mobile financial services.
- Only download apps from stores, such as Apple &
Android, that are submitted and branded by The Bank of
Bennington.
- Finally, know that bank employees will not ask users
to provide confidential information over an email or SMS
message.
- Be aware of the security threats that come with mobile
banking:
- Phishing: Luring unsuspecting customers to provide
sensitive personal information or downloading
malware through an email.
- SmiShing: A contraction of “SMS and phishing”, in
which criminals pose as FI and use SMS in an attempt
to gain access to confidential account information.
- Vishing: A contraction of “voice and phishing”, in
which victims are tricked into disclosing sensitive
personal information through a phone call or voice
response unit.