Information Security

Online security is important for all RBFCU members

The security of your online information is one of our top priorities. The RBFCU Information Security Team constantly monitors potential threats to our online and mobile platforms. Here are some simple procedures you can perform to help keep you and your family secure while using the internet.

Additional steps to help protect your computer from intrusion


Shield protecting against viruses

Install and update your anti-virus software

Anti-virus software is designed to prevent malicious software programs from installing on your computer. If it detects malicious programs, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without user knowledge. Most types of anti-virus software can be set up to update automatically.

Flame in front of brick wall

Keep your firewall on

A firewall helps protect your computer from hackers who might try to gain access to delete information, or steal passwords or other sensitive information. Software firewalls are widely recommended for individual computers.

Suspicious person coming out of email message

Be careful what you download

Carelessly downloading email attachments can circumvent even the most vigilant anti-virus software. Never open an email attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.

Eyeball on computer screen

Install and update your anti-spyware technology

Spyware is software that is secretly installed on your computer to let others see your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads. Be wary of ads on the internet offering downloadable anti-spyware.

Computer updating its operating system

Keep your operating system up to date

Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security concerns. Be sure to install the updates to ensure your computer has the latest protection.

Power button set to off

Turn off your computer

With the growth of high-speed internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible to attack. Beyond firewall protection, which is designed to fend off attacks, turning the computer off effectively severs an attacker’s connection.


Source: FBI.gov, https://www.fbi.gov/scams-and-safety/on-the-internet

 

How to keep your mobile devices secure

The RBFCU Mobile app and mobile-friendly site are designed to keep members connected to the credit union no matter where they are. Please take a moment to review our mobile security tips to help keep your devices safe and connected.

  • Downloading apps
    + -

    Smartphones and tablets are very useful devices. App stores make them even more useful by providing a convenient method to install apps of all kinds to do many useful things. Sometimes, unfortunately, apps are made available that spy on you as you use your device. It is important to read the reviews for the app — more reviews (with good ratings) are better and some app stores are more trustworthy than others.

    Also, be aware of what you’re allowing an app you’ve downloaded to access on your device. For example, a flashlight app shouldn’t need access to all of your contacts to work. When in doubt, removing a questionable app — or not downloading it in the first place — is always the safest option.

  • Jailbreaking/rooting
    + -

    Jailbreaking (iOS) and/or rooting (Android) a device is a process by which a flaw in your smartphone or tablet’s basic software is exploited, permitting the user to change the behavior of the device. Jailbreaking and rooting can void your warranty, nullify support with the device manufacturer and sometimes introduce security issues that put you at risk. We do not recommend installing an RBFCU Mobile app or accessing an RBFCU mobile-friendly site from a device modified in this manner unless you are certain the device is safe to use for banking purposes.

  • Encryption
    + -

    Most smartphones and tablets sold today provide encryption and password-locking capabilities. We recommend you use them, especially when you have chosen to store your login credentials on any mobile apps including online banking, social media and shopping. Without this protection, your device may provide a thief with the access necessary to make fraudulent transfers and purchases.

  • Wi-Fi and VPN
    + -

    Wi-Fi has become more common and available in public areas such as restaurants. Anyone can set up a free and open Wi-Fi network allowing them to access unsecured data that travels on it. Although your RBFCU Mobile app is communicating securely, there are other apps that do not. If you have reused your Online Banking password on those unsecured sites, that information might be compromised. Avoid open networks and never reuse your Online Banking password anywhere. If you must use open networks, install a virtual private network, or VPN, app on your device.


Internet fraud

The use of the internet, or software with internet access, to defraud victims or to otherwise take advantage of them is known as internet fraud. Internet criminals steal millions of dollars each year from victims and continue to plague the internet through various methods. Several high-profile methods include the following:

Information on a fishing hook

Phishing

Also referred to as vishing, smishing or pharming, phishing is often used in conjunction with a spoofed email. It is the act of sending an email falsely claiming to be an established legitimate business in an attempt to deceive the unsuspecting recipient into divulging personal, sensitive information such as passwords, credit card numbers and bank account information after directing the user to visit a specified website. The website, however, is not genuine and was set up only as an attempt to steal the user's information.

Shield with dollar sign on computer screen

Ransomware

A form of malware targeting both human and technical weaknesses in organizations and individual networks in an effort to deny the availability of critical data and/or systems. Ransomware is frequently delivered through phishing emails to end users, resulting in the rapid encryption of sensitive files on a corporate network. When the victim organization determines they are no longer able to access their data, the cyber perpetrator demands the payment of a ransom, typically in virtual currency such as bitcoin, at which time the attacker will purportedly provide an avenue to the victim to regain access to their data.

Locked shield with crack in edge

Data Breach

A leak or spill of data that is released from a secure location to an untrusted environment. Data breaches can occur at the personal and corporate levels and involve sensitive, protected or confidential information that is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.

Bug with target lock

Malware or Scareware

Malicious software that is intended to damage or disable computers and computer systems. Sometimes scare tactics are used by the perpetrators to solicit funds from victims.

Business with email in front of it

Business Email Compromise (BEC)

A sophisticated scam targeting businesses working with foreign suppliers or companies that regularly perform wire transfers or other electronic payments. The scam is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.

Home with email in front of it

Email Account Compromise (EAC)

Similar to BEC, this scam targets the general public and professionals associated with, but not limited to, financial and lending institutions, real estate companies, and law firms. Perpetrators of EAC use compromised emails to request payments to fraudulent locations.

Computer with caution sign on screen

Denial of Service

An interruption of an authorized user's access to any system or network, typically one caused with malicious intent.

  • Can I use multifactor authentication (MFA) for my Online Banking account? How do I set it up?
    + -

    RBFCU offers MFA (also known as two-factor authentication, or 2FA) to add an extra layer of protection every time you sign in to your Online Banking account on rbfcu.org or the RBFCU Mobile app. After you enter your account password, we’ll provide you with a one-time passcode (OTP) by phone call or text message. Enter the OTP code to access your account.

    To enable MFA for your account, click here to sign in to your Online Banking account. Then, turn the toggle switch next to “Enabled” to the “on” position.

    To enable MFA via the RBFCU Mobile app.

    1. Sign in to your Online Banking account with the RBFCU Mobile app.
    2. Select the “My Profile” icon in the upper-right corner.
    3. Select “Profile Settings.”
    4. Select “Security Center.”
    5. Select “One-Time Passcode.”
    6. Turn the toggle switch next to “Enabled” to the “on” position.

    Note: You must add a valid phone number or mobile number to your Online Banking account to use MFA.

  • How do I update the RBFCU Mobile app to the latest version?
    + -

    Image of the RBFCU Mobile app in the App Store on an iPhone screen, with an Update button to update the app. To update the RBFCU Mobile app to the latest version:

    1. Go to the RBFCU Mobile app listing on the Apple App Store or Google Play on your phone.
    2. If you see an “Update” button, your app needs to be updated to the latest version.
    3. Tap the button to update.

    For full app functionality, please ensure your device is running the latest software. The RBFCU Mobile app requires the latest operating systems (OS) for security updates:

    • iPadOS 13 or later
    • iPhone iOS 13 or later
    • Android OS 8.0 or later
  • How can I manage permission settings for the RBFCU Mobile app on my device?
    + -

    You can change permissions to allow or deny apps to use various features on your phone, such as your camera or contacts list in your phone’s Settings.

    Please note: Settings can vary by phone. For more information, contact your device’s manufacturer.

    For Apple users:

    1. Open the Settings app on your device.
    2. Scroll down to the list of apps at the bottom, and choose the RBFCU Mobile app (listed as “RBFCU”).
    3. Here, you can choose to enable or disable permissions for specific app features.

    For Android users:

    1. From the Home screen, swipe up to access “All Apps.”
    2. Find and open the Settings app.
    3. Tap “Apps & Notifications.”
    4. Tap the RBFCU Mobile app (listed as “RBFCU”). If you can't find it, first tap “See all apps” or “App info.”
    5. Tap “Permissions.” Here, you can enable or disable permissions for specific app features by tapping a feature, then choosing “Allow” or “Deny.”
  • Are older devices supported by the RBFCU Mobile app?
    + -

    Older devices that are unable to run the latest operating system (OS) versions may not receive the OS security updates needed to run the RBFCU Mobile app. If you have an older device or you choose to use an older OS version on your device, you may not be able to access or use all the features available in the RBFCU Mobile app.

    Additionally, only certified devices are supported by the RBFCU Mobile app. If you need assistance with your device, please contact your mobile carrier or device’s manufacturer.

    If you have an older mobile device, you can still access your Online Banking account by visiting rbfcu.org on your device’s browser.

Ask RBFCU