Security Information 

Online Safeguards

Ensuring the security and confidentiality of your account and personal information online is a top priority for us. Below are some of the safeguards we have in place to protect against security breaches in the online environment:

• User ID and Password – Our system is designed to limit online account access to those possessing the User ID and password associated with your account(s).
• Encryption – Our online banking product requires that you use only an internet browser that supports 128-bit encryption. The encryption technology in place allows for the protection of data in transit between your computer and ours. The closed lock icon indicates whether a communication session is encrypted.
• Firewalls – our computer systems include firewalls that we monitor and that are designed to protect against unauthorized access to our systems.
• Timeout – Our system is designed to log you out automatically after several minutes of inactivity.
• Multi-factor authentication (MFA) – Our system is designed to ask you challenge questions when logging into online banking from an unrecognized device (or when you choose not to save the device). These are questions that you setup during enrollment. When you login, there is an image and phrase displayed. If you do not recognize this, it is likely you are being phished away to a fraudulent site.
• Cookies and Other Technologies – A "cookie" is a small text file that is stored on the user's computer and retrieved by the web server to identify the user on subsequent visits to the website.

Our website uses cookies to keep track of the stock listing on our main page. If you enter a stock or index that you'd like to track, the web server will show that stock on future visits to our web site by the same user on the same machine. Once the cookie is stored, the site's web server can later retrieve that information for that browser. Online Banking uses a different kind of cookie known as a session cookie, a non-persistent cookie, or a pre-expired cookie. These cookies are placed temporarily and are never stored to the user's computer memory. Instead, these pre-expired cookies are used as part of the stringent security measures in the Online Banking product. As the end user navigates through Online Banking, a pre-expired cookie is set each time a page is viewed. Because the HTML page they are viewing is not "cached", it must always be re-retrieved from the server. The pre-expired cookies keep the session alive until the end user logs out properly or times out of Online Banking. Once this occurs, the end user must login with their User ID and Password to gain access again. This ensures that another user using the same computer cannot access the previous session. These are the only type of "cookies" collected from our website. 

Common Threats

Identity Theft, Phishing, Pharming, Email Scams

• Phishing is a technique used to gain personal information for purposes of identity theft, using fraudulent e-mail messages that appear to come from legitimate businesses.
• "Spoofed" emails are sent to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, User ID's, passwords and social security numbers. Phishers often convince recipients to respond.
• Pharming schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware.
• Banks will NOT ask for private information via email.

Social Network Attacks

• Subscribing to social networks such as Facebook via mobile phone also means that users transmit their mobile numbers to the web and thus become a target for hackers who are searching for the personal information of Internet users. 

Things You Should Do To Protect Yourself Online

Use Strong Passwords and Change Them Regularly

• A simple password, such as your dog's name, your birth date, other easily guessed letters or numbers, is not sufficient protection. To protect yourself against security threats, choose a strong password.
• Never disclose your password to anyone.
• Memorize your User ID and password; do not write them down.
• Change your password every 30-60 days.

Do not be fooled by fraud. WE WILL NEVER SEND YOU AN EMAIL OR TEXT MESSAGE ASKING FOR YOUR USER ID OR PASSWORD.

HTTPS Is Your Friend

• When you're browsing the Web, protect yourself by using HTTPS (Hypertext Transfer Protocol Secure) whenever possible.

Online Banking

• Our online banking system provides you with the date and time of your last session ("last login"). This allows you to check the most recent online session and could tell you whether someone else has been accessing your information.
• When you have completed using our online site, log out (look for the "Log Out" link we provide). We suggest you do this before you shut your computer off and before you surf to any other websites.

Email Messages

• Do not use email to send us sensitive information (such as social security numbers, account numbers, financial information, etc).
• Email is not a secure method of transmitting personal information using services such as Gmail, Hotmail, MSN, Yahoo, or Outlook. Using our online banking email is a secure way to transmit information to us.
• If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
• Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.
• Delete unwanted email.

Phishing, Spoofs, Hoaxes and Other Deceptive Emails

• Be careful when responding to email messages that appear to be from us. Thieves or hackers send email messages which direct you to click on a link which redirects you to a fraudulent website, or pop-up window where you may be asked to "confirm", "verify", "update", or otherwise provide sensitive information (such as your account number, password, PIN, or social security number). Do not respond to these requests.
• Sometimes these email messages will falsely say that your account will be shut down if you do not act quickly. Do not be intimidated by these threats. These links, websites and pop-up windows may look like ours, but they are not.
• Clicking a link in one of these emails can expose your computer to viruses and spyware, even if you do not supply the sensitive information thieves want.
• We will never send you an email that asks you to verify an account number, password, PIN, or social security number. If you receive such a request, it is probably fraudulent.
• If you have any doubts about whether an email from us is authentic, do not reply to it; do not open any attachment; do not use the link in the email. Instead, contact us through our website or telephone number obtained through your own records.

Links to Other Websites

• If you click a link to another website, that website may collect, use, and disclose information about you in ways that are different from what we do. You should review that website's policies. We are not responsible for what the operators of other websites do with your information.
• We will give you a pop-up notice to let you know you are going to an unaffiliated third party's website.

Avoid Public Computers and Wi-Fi

• As convenient as free Wi-Fi and publicly available computers may be at, say, a public library or café, using them can leave you and your personal information exposed. Public computers might be infected with spyware and other types of malware designed to track your movements online and harvest your passwords. 

Protect Your Data/Device

Install, Maintain and Apply Anti-Virus Programs

• If you're running antivirus software from two or three years ago, you should upgrade to the most recent version, even if you still receive up-to-date malware signature files for the older edition. The underlying technology for antivirus software has improved significantly in recent years.
• Anti-virus software scans incoming communications for troublesome files.
• Purchase anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.

Keep Your Software Up-to-Date

• One of the simplest but most important security precautions you should take is to keep your PC's software up-to-date. This includes updating Windows, Adobe products, Microsoft Office, Java, Microsoft's Internet Explorer, and Apple software.
• Cybercriminals commonly exploit known vulnerabilities, and Adobe Reader is a constant target of such assaults.

Mobile Security

• Your handset may contain lots of personal information--e-mail addresses, photos, phone contacts, Facebook and Twitter apps, and the like. That accumulation of valuable data makes smartphones a tempting target for thieves and cybercriminals, which is why the smartphone is shaping up as the next big security battleground.
• Keep your operating system and applications updated with the latest security patches.
• Only download applications from trusted sources.
• Do not root or jailbreak your mobile device or phone.
• Lock all mobile devices with a strong password and enforce a timeout to lock the device. Change your password every 30-60 days; use strong passwords; and never share your password with anyone.

Install a Personal Firewall

• A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources.
• It is important to run a firewall if you have a broadband connection.
• Operations systems (like Windows or Linux) or browsers (Internet Explorer or Netscape) also may offer free software "patches" to close holes in the system that hackers or phishers could exploit.

Other Ways to Protect Your Computer

• Install a personal firewall.
• Scan your computer for spyware on a regular basis.
• Do not download programs or files from unknown sources.
• Install a pop-up blocker from a trustworthy source.
• Disconnect from the Internet when you are not online.
• Only connect trusted hardware to your computer or access device. For example, only plug in USB devices you trust and from sources you trust. 

Additional Things You Should Do To Protect Yourself

Your Account Number

• Do not share your account number with anyone.
• Do not give your account number to someone over the phone, especially if you did NOT call them.
• Be aware of people who try to trick you by saying you must reveal your account number in order to award you a prize.
• Store new checks, account statements, and other sensitive information in a safe place.

Do Not Share Your Cards

• Do not share your ATM, Debit or Credit cards with anyone.

Review Your Accounts

• Review your online account information frequently and your statements promptly.
• Let us know right away if you see something you do not recognize.
• Balance your checkbook at least monthly.
• If your statement is late by more than a couple of days, call us to confirm your address and account balances.

Review Your Credit Reports

• Obtain and review a copy of your credit report periodically. This is one way to find out about identity theft.
• You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report.

Your Mailbox

• Check your mailbox every day.
• Consider dropping your outgoing mail in a US Postal Service mailbox (instead of your home mailbox).
• Use Online Bill Pay and sign up for Paperless Statements.

Your Telephone

• Do not give sensitive information to unknown callers.
• Hang up and call the company using a phone number that you located in the phone book or your own records.
• We will never make an unsolicited telephone call requesting sensitive information from you.

Your Garbage

• Shred materials containing sensitive information before you throw them away.

Identity Documents

• Do not carry your social security card, birth certificate or passport in your wallet or purse.

Social Security Number

• Do not print or write your social security number on your checks.

Social Media

• Limit your information that is made available to the public. 

Computer Viruses or Worms

• A computer virus passes from computer to computer like a biological virus passes from person to person.
• A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents.
• Most viruses are a nuisance, but some are quite dangerous.
• A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quickly.
• A worm usually exploits some sort of security hole in a piece of software or the operating system.
• Your best protection from acquiring a computer virus or a computer worm is to use a personal firewall, updated anti-virus software, and monitor emails and web surfing activity of people using your computer. 

If You Are a Victim of Identity Theft, Follow These Steps

1. Contact the fraud departments of each of the three major credit bureaus and report that your identity has been stolen. Ask that a "fraud alert" be placed on your file and that no new credit be granted without your approval.
   
   Equifax 800-685-1111
   Experian 888-397-3742
   TransUnion 800-916-8800
2. For any accounts that have been fraudulently accessed or opened, contact the security departments of the appropriate creditors or financial institutions to close these accounts.
3. File a report with your local police or the police where the identity theft took place. Get a copy of the report in case the bank or credit card company needs proof of the crime at a later date. 

Children's Online Information Privacy

Frontier Bank does not knowingly solicit individually identifiable personal information from or about children online and does not knowingly market our products to children online. We fully support protecting children's identities and privacy online and recognize the responsibility to do so rests with both the online industry and with the parents.