Online Security Information

Tips to Protect Against Identity Theft

Protect your Personal Information

Online security is a serious issue. Kleberg Bank has provided this helpful primer so you can be smart an be safe while using online services. Click any of the articles below.

  • Keeping Your Computer Protected

    Keep Your Computer Operation System Updated

    • Set your browser security settings at a high enough level to help detect unauthorized downloads. (Click on your browser's "Help" menu for steps.)
    • Keep your browser current; install updates as they are sent. You can set your computer to automatically install updates each time you log on. Popular browsers include Microsoft Internet Explorer, Netscape, America Online, Mozilla Firefox.
    • Use updated anti-virus software, such as McAfee or Norton; make sure your virus definitions are current and real-time protection is enabled.
    • Perform regular full system scans on your computer to help detect and clean viruses and spyware.
    • Use updated anti-spyware software. Using more than one will ensure the most thorough scan. Some well known programs are Windows Defender, Ad Aware, Spy Sweeper, Spybot Search & Destroy.
    • Activate a pop-up blocker. Users of XP Service Pack 2 and above already have access to this feature in Internet Explorer. (See your browser's "Help" menu for steps on enabling this feature.)
    • Install a personal firewall on your computer. A firewall acts as a filter to prevent access to information on your computer. Some well-know programs are McAfee, Norton, Zone Alarm.
    • Special precautions should be taken with home or office wireless networks. (Contact a computer professional for more information on how to do this.)

  • Online and Email Safety

    You don't have to be a computer expert to protect yourself from internet fraud or identity theft. Here are a few simple precautions you can take to protect yourself.

    Login Safety and Password Protection

    • Do not access your bank, brokerage or other financial services at Internet cafes, or other public sites.
    • Do not use the automatic login feature that saves your password.
    • When creating passwords and answers to challenge questions don't use information that is easily linked to you such as your birth date, pet's name, your mother's maiden name or your Social Security Number.
    • Create strong passwords. Don't use words, phrases, names of people or places. Use both numbers and caps and lowercase letters, and special characters such as #, %, @, &, and $. Passwords should be at least eight characters long.
    • Change your passwords frequently, especially if you sign in from several computers, including computers at work.

    Online and Email Safety

    Normal email does not have built in security.

    • No Authentication: No guarantee that the email is from the listed sender (spoofed email).
    • No Encryption: The email is public information the instant you send it over the internet.
    • No Data Integrity: No guarantee that the email has not been tampered with while in transit.

    More tips for online an email safety:

    • Never leave your computer unattended while using any online banking or investing service.
    • Log off of Online Services when you are finished. Do not just close or shut down your browser.
    • Do not share you IDs, passwords, or other codes with a third party.
    • Do not respond to emails that appear to be from your bank, a government office or other entity if it requests confidential information such as User IDs, Passwords, PINs, Social Security Numbers, etc.
    • Delete email messages that appear to be spam or contain suspicious attachments. Do not open the email if the name of the sender is unfamiliar or the subject is suspicious.
    • Do not click links inside spam email, especially emails claiming to offer anti-spyware software.
    • Close a pop-up by clicking on the "X." Do not close by clicking within the advertisement itself.
    • Do not install software without knowing exactly what it is or what it will do. Read the end-user license agreement.

    Some Tips for Recognizing Fraudulent Emails:

    • Fraudulent emails are trying to trick you into providing your personal information such as your Social Security Number, ATM or Check Card PIN, or other sensitive information.
    • Often these emails contain urgent appeals that falsely claim your account may be closed if you fail to confirm, verify or authenticate your personal information immediately.
    • The email may even falsely claim that the bank has lost important security information and it needs to be updated online.
    • Typos and grammatical and other errors are often signs that the email or website is fraudulent. Awkward, stilted sentences and poor design or visual quality are also signs of potential fraud.
    • Offers that are too-good-to-be-true usually are. Don't get mixed up in fraud schemes that promise to pay you money for helping the sender transfer cash.

    Resources for More Information

    OnGuardOnline.gov is a website that provides tips and information from the federal government and the technology industry to help you protect yourself against Internet fraud, and secure your computer and personal information.

    Credit Bureaus—At your request, all nationwide consumer reporting agencies must provide you with a free copy of your credit report each year which can be ordered from annualcreditreport.com. If you have already received your credit report within the last 12 months, you can order a copy from the credit bureaus for a fee.

    • Equifax 800-685-1111
    • Experian 888-397-3742
    • Trans Union 800-888-4213

  • Common Scams and Fraud Schemes

    Phishing

    Fraudsters use emails or pop-ups to direct you to bogus websites (that look like legitimate websites) to steal your confidential information.

    How it works:

    • You receive an email or a pop-up that directs you to the bogus website that looks like a legitimate organization.
    • You are asked to confirm sensitive information such as your account numbers, personal ID or passwords.
    • The fraudster uses this information to steal your money or access your credit to run up bills by charging purchases to your credit cards or open new charge accounts in your name.

    What to look for:

    • Email or pop-up messages that claim to be from a business or organization you deal with such as an Internet Service Provider (ISP), bank, online payment service, or government agency that ask you to confirm or reveal confidential information
    • Email or pop-up messages that claim to be from a business or organization you deal with such as an Internet Service Provider (ISP) bank, online payment service or government agency that ask you to confirm or reveal confidential information
    • Never respond to email or pop-up messages that ask for your personal or financial information, even if they threaten to deactivate your account if you don't update your information.
    • Never click links in the message or cut and paste a link from the message into your web browser.
    • Phishers can make links look like they go one place, but actually take you to a look-alike site.
    • Signs of a secured web site are Web address that begins with "https" instead of just "http" (the "s" denotes "secure") or a closed padlock icon displayed in the status bar at the lower right of your screen. Look for these signs if you have clicked on a link to access the website to help you determine if the site is legitimate.

    Vishing

    This is another method for scamming users by email or telephone.

    How it works:

    • You receive an email or telephone recording asking you to call a customer service number.
    • When you call the number, you hear a recording that asks you to provide account numbers, passwords and/or other critical information.

    What to look for:

    • Callers or emails that direct you to a "customer service" center that asks for confidential information.

    What you can do:

    • Do not provide information to a caller who asks you to update your personal information, especially if you are pressured to provide the information immediately.
    • Do not respond to companies you have never done business with before that ask you to update or provide information unless you know the company is legitimate.

    Drive-By Download

    An increasing number of computer viruses or infections are attacking computer though a process that has been dubbed "drive-by" download. In this scam, a program that can take advantage of a security flaw in your browser is automatically loaded on your computer.

    How it works:

    • You conduct a keyword search on a search engine.
    • You are taken to a results page and click on a paid ad listing on the right hand side of the page.
    • Your computer is infected with a virus that enables a fraudster to monitor your key stokes, a process known as keystroke logging.
    • The keystroke logger is now able to "watch" you keystrokes as you key in personal information such as account numbers, passwords, and answers to challenge questions.

    What to look for:

    • These booby-trapped pages often have addresses that use the relatively unpopulated ".info" domain (as opposed to ".com" or ".net" domains).

    What you can do:

    • Keep your operating system, browser and anti-virus software updated.
    • Download software only from websites you trust.
    • Be cautious when clicking on pop-up advertisements
    • Always read license agreements and policies of any software you install.
    • Stick to well-know websites.
    • Pay attention to links in emails and the results you get from search engines; they could be fraudulent.

    Lotteries

    Fraudsters send emails with false claims that the victim has won a lottery.

    How it works:

    • You receive an email that indicates you have won a lottery (most often from a foreign country) and are due a substantial amount of money.
    • You are informed that you must pay a processing or transfer fee in order to receive your winnings.
    • You receive a check or money order to cover the required fees and are instructed to deposit the check into a bank account and wire the money to a third party, usually in a foreign country.
    • You wire the money and later learn that the check is counterfeit.

    What to look for:

    • An email or letter that claims you have won a foreign lottery that you have not entered.

    What you can do:

    • Be suspicious of any claim if it appears to be too good to be true.
    • Talk to your bank and tell them how you received the check and what is asked of you before making a deposit.

    Inheritance Scam

    You are notified by a law firm, an executor of a will that a long-lost relative has died and left you money in the will.

    How it works:

    • You are notified of your inheritance.
    • You are asked for your bank account number so the funds to be deposited into your account with the understanding that you will pay a fee.
    • Then the "lawyer," who is a fraudster does one of two things 1) asks you to send a money order to cover fees related to probating the will, or 2) sends you a check or money order then immediately calls to say the he sent too much and asks you to wire the overpayment back.
    • The key is that the fraudster asks for their money immediately before the check or money order they sent to you has time to clear the bank. The check or money order is counterfeit and you have been scammed.

    What you can do:

    • Be wary if the long-lost relative or friend is not a name you recognize.
    • Remember the old adage, "if it's too good to be true, it probably is."

    Internet Auction/Overpayment Scheme

    Fraudsters victimize individuals who sell items on the internet.

    How it works:

    • You sell or auction an item—usually a high-priced item, such as an automobile, motorcycle or boat, via the internet.
    • The buyer sends a check or money order for more that the purchase price and asks you to wire the excess money to a third party.
    • The buyer indicates that the third party is the shipper who has been hired to pick up and ship the merchandise.
    • Later, the check is returned as counterfeit and you are responsible for the money you wired to pay for shipping.

    What to look for:

    • A buyer who overpays you and asks you to wire the excess money. The buyer may claim the overpayment was a mistake or that it is to be used to pay the shipper.

    What you can do:

    • Do not accept a check for overpayment.
    • Notify your bank of the transaction and ask them to that the funds are available to cover the amount of the check before you deposit the check.

    Foreign Business Offers/Advance Fee Scams

    Fraudster poses as a foreign businessman or foreign government official who needs to move a large sum of money out of the country.

    How it works:

    • You receive an email from someone claiming to be a foreign businessman or governmental official asking for assistance in moving a large sum of their country.
    • You are offered a large sum, usually 25% to 40% of the proceeds, as payment for your trouble.
    • You agree and receive a large check to deposit into your bank account.
    • You are asked to wire transfer a large amount, an advance fee, to bribe an official, pay transfer fees, attorneys fees, or settlement fees.
    • You believe the check you received is legitimate so you wire the money.
    • The check or money you deposited is counterfeit, and you are liable for the money you wired to the foreign country.

    What to look for:

    • Any offer to assist in transferring money from a foreign country into your banking account.

    What you can do:

    • The scenario described above is bogus; do not agree to participate.

    Work-at Home-Scam

    In this scam a job seeker is tricked into receiving illegal money transfers or counterfeit checks or money orders and sending money to the fraudster.

    How it works:

    • You post your resume on a popular internet website or answer a newspaper ad and are offered a job as a "Payment Processing Clerk" or "Accounts Receivable Clerk."
    • Your are instructed to use your personal checking account to receive on behalf of the company funds transfers, checks, or money orders.
    • You are instructed to keep 5% to 10% of the money as your "salary" and wire the rest to your "employer."
    • The "employer" is a fraudster and you are responsible for the money you have wired.

    What to look for:

    • Be skeptical of any "work-at-home" job if you are asked to use your personal checking account to deposit checks or receive money on behalf of your employer.

    What you can do:

    • If you are concerned, contact your Better Business Bureau or Chamber of Commerce to determine if the company is legitimate.

  • How Kleberg Bank Protects You

    We value the trust you place in us when you allow us to handle your financial information. We take every precaution to handle your financial information securely and with extreme care.

    Our Code of Ethics:

    Every member of the Kleberg Bank team operates under a strict code of ethics that mandates confidential treatment of your information. Any team member that has access to customer information must complete privacy and information security awareness training annually. In addition, Kleberg Bank maintains physical, electronic and procedural safeguards to protect against unauthorized access to customer information.

    Our Security Policy:

    Kleberg Bank has adopted a security policy designed to protect the confidentiality and security of your information. This information security program is subject to ongoing regulatory oversight and examination.

    Our Customer Information Security Program:

    We protect the security of your information in the following ways:

    • Computer anti-virus and spyware protection detect and prevents viruses and spyware from entering our computer network systems.
    • Firewalls block unauthorized access by individuals and network from entering our computer network systems.
    • Secure Email is available on the Kleberg Bank website and our Online Banking Message Center to ensure that your communication with us is secure and confidential. (Read the information on the Kleberg Bank website to sign up and login to our secure email portal, or visit our Online Banking Message Center to post a message to us.
    • Third party security experts test our information security systems and processes regularly to make certain our computers and networks remain secure.
    • Employee security awareness training ensures that our employees are trained to recognize the tactics that could be used by unauthorized parties to gain access to information.

  • Online Banking Security Services

    Online banking is an excellent way to monitor your account activity and make sure the transactions on your account are your own.

    Preventing Fraud and Identity Theft

    Kleberg Bank's PassKey is a multi-factor authentication product that provides an additional layer of security for your online banking and cash management accounts.

    Kleberg Bank's PassKey

    • Helps you recognize that you are logging into the official Kleberg Bank Online Banking site.
    • Helps identify you and prevent unauthorized access to your online information.

    This is how it works:

    • Enter your User ID.
    • If Kleberg Bank recognizes you, the PassKey picture you have pre-selected is displayed, which your assurance that you are on the official Kleberg Bank Website.
    • Enter your password to complete the log in.
    • You may be asked to answer certain questions you have selected before proceeding with the Log In. If so, provide the correct answers to your questions to access your Kleberg Bank online accounts.

  • Persistent Cookies

    Additional Security for Your Online Banking

    Additional security was added to your online banking service in January 2010. "Persistent Cookies" collect information, called "markers" about you when you visit a specific website, such as online banking. They do not track you but simply enable the site to remember you on subsequent visits. The markers also create additional security for you because they identify and remember where you log in. If you log in from an unusual site; you will be prompted for more information to validate who you are, which helps prevent hacking.

    Here's how it works

    • After January 11, 2010, the first time you log on to your account, you will be prompted to accept the option for Persistent Cookies.
    • Please click "Allow cookie" to accept the option.
    • If you choose NOT to accept the option for Persistent Cookies, you will not be able to access online banking services.

    1. What information is stored in the persistent cookies, and could a hacker get and use the information?

    • The cookie is a unique, encrypted hashed value created by our online banking provider: it is carefully guarded and never disclosed due to security implications.
    • Because of its proprietary nature, the hashed value is useless to a hacker, in fact, the cookie is a tool to help prevent a hacker from accessing your information.

    2. What happens if I delete the persistent cookie? Will it be appear again at the next login and prompt me to allow the persistent cookie?

    • Yes, if you delete your persistent cookie, you will have the opportunity to "allow cookie" again at your next login.

    3. What if I have my browser set to prompt for all cookies? Will this increase challenges?

    • If you have your browser set to "Prompt for Cookies," you will be prompted at every login to accept cookies.
    • Each time you create a new cookie, your risk score is elevated until the system learns your behavior for that cookie. If your risk score gets high enough, it could cause a higher challenge rate, which means that you will have to provide additional information to ensure that you are authorized to access your information.
    • If your setting is set for "Allow Cookie" you will only be prompted the first time you log on.

    Need additional information?

    Learn how to set and customize cookies setting in Internet Explorer.

    Read for Microsoft's detailed description of cookies.