Bank Information Security:

First Bank, Upper Michigan prides itself on protecting valuable information by staying up to date with the latest cybersecurity standards. Controls are in place to monitor and alert when attempted cyber attacks occur in our environment. In the event of a data breach, First Bank, Upper Michigan, has the ability to restore valuable information, and a business continuity plan is in place. First Bank, Upper Michigan, also performs disaster recovery and incident response tests to further evaluate possible loopholes in the system. We pride ourselves in doing everything we can to protect your information. First Bank, Upper Michigan, is not responsible for a customer or individual-based data breach, but we can assist in locking down your accounts to help protect against further infiltration. Multi-factor authentication, data loss prevention, secure email, managed security operations center, and other features are also enabled to help prevent the loss of our banking data.

Thank you for choosing to bank with First Bank, Upper Michigan.

November 19, 2024

5 tips to avoid holiday scams

    As the holiday season approaches, it’s essential to be extra vigilant, as scams tend to increase during this time. Protect yourself by staying alert and cautious. Here are some key tips to help you avoid holiday scams and keep your personal and financial information safe:

1. Review online purchases carefully: Purchase goods and services from familiar vendors and verify all URLs before completing an online transaction. Be aware of the common methods scammers use in the online holiday marketplace, including:

• Gift card scams: Avoid purchasing gift cards from websites claiming to sell them for a discount.
• Phishing emails and text scams: Pause before clicking links in unrecognized emails or texts promising holiday discounts or deals.
• Fake contests and giveaways: Verify the offer’s legitimacy by using a separate browser to go directly to the company’s website.
• Lookalike online shops: Review URLs before opening to ensure they’re the official websites of trusted vendors. They should always begin with https:// and include a padlock icon.
• Too good to be true offers: Be cautious of offers that seem too good to be true.
• Monitor transactions closely: Regularly monitor banking and credit card transactions to quickly catch and report any fraudulent activity.

2. Choose secure payment methods: Always use traceable credit or debit cards with fraud protection for online purchases, and avoid payment apps like Venmo, CashApp, and other peer-to-peer payments.

3. Be on the lookout for skimming devices: They may be installed on card readers and are used to collect card numbers. You can help prevent these devices from stealing your card information by:

• Tapping or inserting the card’s chip versus swiping
• Covering the pad when typing in your PIN
• Comparing the card reader you’re using with nearby card readers to confirm that they’re the same
• Checking the security seals if you’re at a gas station

4. Avoid public wifi while online shopping: To prevent hackers from gaining access to your information:

• Avoid shopping online when using public wifi
• Use a reputable password manager or change your password regularly. Passwords should include numbers, capital letters and special characters
• Never share your credit card number over the phone if you’re in a public space

5. Verify donation requests: Research charities before donating, use secure payment methods, and avoid donating via text or email links to prevent phishing scams.

We have a partnership with Capital Group. They have a free security checklist you can download for more tips. 

____________________________________________________________________________________________________________

Google Yourself

Another great article from our friends on KnowBe4's Security Team

With the internet and social media as a part of our everyday lives, it can be difficult to avoid sharing personal information online. Having an online presence can be valuable, but sometimes sharing personal information is risky. If you want to know what information about you is online, Google yourself. 

Your Search Results 

If you Google your name, you may find public information about yourself that you didn’t expect to see, such as your phone number, email address, or home address. Some information is available online through government agencies, while other information is posted by data brokers. Data brokers are organizations that collect and sell information. 

Cybercriminals’ Scams 

Cybercriminals can use your public information in phishing attacks to try and scam you. They often use specific details to make their phishing attacks appear more legitimate. For example, if your home address is publicly available online, cybercriminals can use it in delivery scams. For these scams, cybercriminals will send you a phishing email about a package delivery. This email will prompt you to click a link that appears legitimate but is actually malicious. 

What Can I Do to Stay Safe? 

Follow the tips below to stay safe online: 
•    Be careful about what you post online. Cybercriminals could use this information in a phishing attack. 
•    Analyze your online presence often and remove information that you don’t want cybercriminals to know. 
•    Many websites have security options that can easily be overlooked. Review and edit your privacy settings to protect your information. 

______________________________________________________________________________________________________________________________________________________________________________________________

Be on Patrol for These Fake Calls

Another great article from our friends on KnowBe4's Security Team

In this week’s scam, cybercriminals are impersonating U.S. Customs and Border Protection (CBP) agents. The scammers call you and claim that CBP has intercepted drugs or money shipments that are addressed to you. They insist that you must confirm personal details to help them resolve the case. If you refuse to cooperate, the scammers threaten to send police to arrest you. 

To seem more credible, the scammers may provide actual CBP employee names and numbers that they find online, as well as fake case and badge numbers. In some cases, there is a recorded message that says to press a number to speak to a "CBP officer" about an intercepted shipment. The real CBP stresses that these calls are complete scams, and that the agency never requests money or personal information like Social Security numbers over the phone. 

Follow these tips to avoid falling victim to a Border Patrol phone scam:

• The CBP will not call you to request money or financial information.  If you receive a call asking you to share personal information, it's best to hang up and contact the government agency directly at a verified number. 
• This particular phone scam impersonates the CBP, but remember that scammers could call you and impersonate any government entity.
• Scammers rely on scaring you into making an impulsive decision.  if you receive an unexpected phone call urging you to take action, be extra cautious.  It could be a scam. 

• Keeping Your Passwords Squeaky Clean

  Another great article from our friends on KnowBe4's Security Team

   

  Did you know that the average person uses the same three to seven passwords to log in to over 170 online accounts? In addition to being reused, these passwords are often weak and can be easily guessed by cybercriminals. If cybercriminals guess these passwords, they could access the majority of their victim’s online accounts. Even worse, the victim may not know that their password has been compromised for several months or years. To keep your passwords squeaky clean and safe from cybercriminals, follow the tips below:

  Create Strong Passwords

  Creating strong passwords helps prevent cybercriminals from gaining access to your online accounts. Your passwords should be as long, complex, and random as possible. While many websites only require passwords to be eight characters long, we recommend making your password at least 12 characters long. You should also include a combination of lowercase and uppercase letters, numbers, and symbols in your password. To keep your accounts extra safe, you can use password phrases, or passphrases. However, when you create your password or passphrase, make sure that you don’t use any personal information that a cybercriminal could guess.

  Don't Reuse Passwords

  Reusing passwords for your online accounts may be convenient, but it’s also risky. If you reuse passwords, you could be at risk of having multiple accounts compromised at once. If a cybercriminal guesses your password, they could access multiple accounts instead of just one account. Cybercriminals can also sell passwords or make them available online. Creating a unique password for each online account reduces the risk if one of your passwords is compromised.

  Use a Password Manager

   

  You’re probably wondering how you are supposed to remember long, complex passwords for all of your online accounts. The answer is a password manager. You can use password managers to securely store all of your passwords. Instead of having to remember passwords for every online account, you only have to remember one password for your password manager. In addition to storing your passwords, many password managers can also generate passwords for you based on specific criteria.

  Use Multi-Factor Authentication

  You can also use multi-factor authentication (MFA) to secure your online accounts, if available. MFA requires multiple forms of authentication, such as a password and a code from your smartphone or a USB smart key. By requiring you to use multiple forms of authentication, cybercriminals will have a harder time gaining access to your account, even if your password is compromised.

  Nobody wants cybercriminals to guess their passwords. To keep your passwords squeaky clean and safe, remember to create strong passwords, avoid reusing passwords, and use a password manager or MFA, if possible.                 

   

  The KnowBe4 Security Team