Ready or not, there’s a battle underway for your information. Defend your credit and identity simply by adding Kasasa Protect® to your checking account.* Kasasa Cash checking account holders get the exclusive price of only $7.99 per month. All other checking account holders may add Kasasa Protect for a mere $10.99 per month. That’s a small price to pay for big protection.
Monthly Credit Score & Tracker
Dark Web Monitoring
Lost Wallet Protection
In the fight against cybercrime, Layered Security is your best defense. This is why Peoples Bank has added multiple layers to its customer’s information at log-in as well as certain transactional pages. Our multi-layered approach will help protect against unauthorized access to your online accounts.
This is the first layer of security for your online account with Peoples Bank. When you apply for Internet Banking, you will choose a username and password and this will be the first step in gaining access to your account. When selecting your password, the stronger… the better. Try to avoid common passwords like: “password”, your child’s name, or your user ID. It is important that you change your password periodically to increase your defense against would be hackers, so we will send you a message every 180 days to help remind you to change it.
When you log into Internet Banking, you will be prompted to set up 3 security questions and answer them. Once you select which questions you would like, you will then be asked one of the three questions on all future logins. When selecting your security questions, remember that access to your information may already be available through social networks. If you are on Facebook or Twitter, it may be easy for someone to find the answer to a question like “What is your mother’s maiden name?”. So, pick a question that only you would know! This provides that additional layer of security for your online account.
It is important that Internet Banking users periodically change their password and security questions. We will send you a “reminder” every 180 days to suggest that you change your password and/or security questions. Changing these credentials will make it that much harder for a would be criminal to gain access to your account.
Peoples Bank utilizes Fraud Anomaly Detection to help identify and prevent online banking fraud through an automated platform integrated into our online banking product. This software allows Peoples Bank to analyze customer behaviors and transactions made within our internet banking product and detect anomalies from your normal activity. This way, we can challenge suspicious activity with real-time authentication and help stop fraudulent money movement in its tracks.
STILL WANT MORE SECURITY? We have you covered! As a Peoples Bank Internet Banking user, you can set up “Notify Me Alerts” to stay informed of the activity on your account. You can set the alerts to send you an email or text when a login is successful, when there are transactions over a certain amount, when a check has cleared, as well as balance information.
The above mentioned protections only apply to Peoples Bank account holders that utilize Peoples Bank Internet Banking. Peoples Bank will never, under any circumstance, contact you on an unsolicited basis and request your Internet Banking credentials. If at any time you notice suspicious account activity or experience other information security-related events associated with your account, please call 870-234-5777.
At Peoples Bank, we understand that the protection of your personal information is a top priority. We take this security very seriously and are always looking for better ways to keep that information safe. One of the greatest forms of protection is knowledge, so we have included some valuable tips on things you can do to help fight against unauthorized access to your personal information.
Selecting a password is often your first defense against unauthorized access to your information. Always use a “strong” password, which includes letters, numbers, special characters, and upper case letters. The more complex the password, the better chance you have in deterring a would be criminal from obtaining your credentials. For more information on creating a “strong” password, visit the the following link. Create Strong Passwords – Microsoft
Not logging out of a computer or mobile device can put you and your personal information at risk. Always be careful when using public computers and when sending information over public networks (such as Wi-Fi). Making it a good habit of logging out of accounts (financial, social media, etc…) after every use can help reduce your exposure to unauthorized access to these accounts.
Changing your password periodically can help keep your password security “fresh.” If you often use the same password for multiple accounts, (email, online banking, social media) then if one account is compromised, the others are also at much higher risk. Changing your password periodically on your accounts (even if just a few characters) can greatly reduce unauthorized access to your various accounts.
Email is a great tool of communication but can also create one of the greatest risks to the security of your personal information. Cyber criminals use email for various attacks such as “Phishing,” “Spoofing,” and “Spam.” The impact of these attacks can be greatly reduced by understanding what these attacks look like.
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Visit the following link by the Federal Trade Commission on How Not to Get Hooked by a ‘Phishing Scam.’
Spoofing refers to email that appears to have been sent from someone other than the real sender. Virus writers and individuals who send junk email or “spam,” typically want the email to appear to be from an email address that is not their own. Thus, the email cannot be traced back to the originator.
Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam costs the sender very little to send — most of the costs are paid for by the recipient or the carriers rather than by the sender.
Corporate Account Takeover is a type of business identity theft where cyber thieves gain control of a business’ bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts controlled by the thieves.
Businesses across the United States have suffered large financial losses from electronic crimes through the banking system. These thefts have ranged from a few thousand to several million dollars. They have occurred in banks of all sizes and locations. And, they may not be covered by the bank’s insurance. Along with the financial impact, there is also a very high level of reputation risk for financial institutions.
Recognizing the importance of having banker developed practices specifically to assist the banking industry, the Conference of State Bank Supervisors (CSBS) and the Financial Services – Information Sharing and Analysis Center (FS-ISAC) have joined with the United States Secret Service (US Secret Service) and Texas Department of Banking to make practices for mitigating the risks of Corporate Account Takeover available to financial institutions nationwide.
The Task Force developed a list of nineteen processes and controls for reducing risk of Corporate Account Takeovers. These processes and controls expand upon a three-part risk management framework developed by the FS-ISAC, the US Secret Service, the Federal Bureau of Investigation, and the Internet Crime Complaint (IC3)1. Fundamentally, a bank should implement processes and controls centered on three core elements: Protect; Detect; and Respond.
The Task Force has also compiled a set of best practices for each of the recommended processes and controls under the Protect, Detect, and Respond framework. These best practices are not an all-inclusive list and are provided as guidance to assist in implementing the nineteen processes and controls needed to reduce the risk of Corporate Account Takeover thefts. The Federal Financial Institutions Examination Council’s (FFIEC) Supplement to Authentication in an Internet Banking Environment2 (FFIEC Supplemental Guidance) issued on June 28, 2011, conveys minimum expectations with are noted within this document. It is important to remember that electronic crimes are dynamic as cyber criminals continually change their techniques. Additional changes in risk management processes and controls will be necessary as this type of theft continues to evolve.
1 Refer to the jointly issued “Fraud Advisory for Businesses: Corporate Account Takeover” available on the IC3 website (http://www.ic3.gov/media/2010/corporateaccounttakeover.pdf).
Since each business is unique, customers should write their own incident response plan. A general template would include:
Although banks are not responsible for ensuring their account holders comply with information security laws, making business owners aware of consequences for non-compliance if the information is breached can reinforce the message that they need to maintain stronger security. Breaches of credit and debit card information can create financial and reputational risks for the business.
When providing security awareness educations to corporate customers, banks may want to also alert business owners of the need to safeguard their own customers’ sensitive information. State statutes related to safeguarding customer information could be provided as part of the educations process. The Payment Card Industry Security Standards Council was launched in 2006 to manage security standards related to card processing. Any merchant that accepts credit or debit cards for payment is required to secure their date based on the standards developed by the council. The PCI Security Standards Council website https://www.pcisecuritystandards.org/security_standards/index.php notes that noncompliance may lead to lawsuits, cancelled accounts, and monetary fines. The website provides information for small business compliance.