Phishing, Fraud Alerts, and Privacy Policy

Privacy Policy

Visitors to this bank Website remain anonymous. We do not collect identifying information about visitors to our site. We may use standard software to collect non-identifying information about our visitors, such as:

  • Date and time our site was accessed
  • IP address (A numeric address given to servers connected to the Internet)
  • Web browser used
  • City, state, and country

The bank uses this information to create summary statistics and to determine the level of interest in information available on our site. Visitors may elect to provide us with personal information via E-mail, online registration forms, or our guest book. This information is used internally, as appropriate, to handle the sender's request. It is not disseminated or sold to other organizations.

Some areas of our Website may use a "cookie" temporarily stored in the visitor's computer memory (RAM) to allow the web server to log the pages you use within the site and to know if you have visited the site before.

It is our policy not to gather any personal information about any of our users. If you suspect that someone may be trying to obtain confidential information from you without your knowledge, please go to the website listed below.

http://federalreserve.gov/boarddocs/press/other/2004/20040908/default.htm

This link will provide you with a free, downloadable, camera-ready brochure to help you identify and combat a new type of internet scam known as "Phishing".

Security Statement

This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a certified certificate-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.

Secure Access and Verifying User Authenticity

To begin a session with the bank's server the user must key in a Log-in ID and a password. Our system, the Internet Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the secure server authenticates the user's identity and establishes a secure session with that visitor.

Secure Data Transfer

Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server, the data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.

Router and Firewall

Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.

Using the above technologies, your Internet banking transactions are secure.

Computer Protection

The Web can be a great source of information and entertainment, and it can allow you to manage your bank accounts and credit cards from the comfort of your home. Unfortunately, it can also give unscrupulous third parties access to those accounts if you are not careful. Practicing a few basic safety rules can help you keep your passwords and other vital information safe from thieves.

Watch Out for Phishing

One of the most common ways hackers gain access to accounts is through phishing . Hackers send out an email that appears to come from the target's bank or other important institution, usually citing some kind of question about his account. To correct the problem, all the user must do is click the included link and log into their account. Unfortunately, the links in the email, while they might appear legitimate, direct the user to a fake site designed to collect his information. If you ever receive an email demanding that you log into a bank or credit card account, do not click on the link in the email, no matter how official it may look. Instead, you should search for the official web site yourself, or contact the institution by phone to verify the communication. Never click a login link in an email.

Beware of Pop-Ups

When browsing websites, beware of pop-up ads that look like system prompts. Some unscrupulous sites hide malware in ads that resemble Windows dialogue boxes, fooling the user into thinking a virus has infected her system or she is experiencing another computer problem. Clicking the ad will give the malware program access to the computer, allowing it to install keyloggers or other malware that can compromise system security. Using a browser that allows you to turn off pop-up ads will prevent these programs from being able to infect your system, and always read any dialogue box carefully before clicking on it.

Secure Browsing

When logging into any secure account on any site, financial or otherwise, you should be doing so on a secure connection. Different browsers have different icons to indicate a secure connection, most commonly a padlock icon somewhere on the screen. When in doubt, check the address bar of your browser. If it begins with the prefix https: instead of http: you know you're on a secure connection. Secure, encrypted HTTP connections will help prevent anyone from intercepting your account information or password.

Keep Up-To-Date

Make sure that you install all security updates for your OS and browser, and use a regularly updated antivirus program. Windows Update allows you to install security patches automatically, and most major software packages feature automatic alerts when the company releases a new patch. Most types of malware that infect your system to steal personal info rely on unpatched security holes, so ensuring that all your software is up to date will reduce your chances of running into trouble online.

You may have heard about it in the news: reports that Russian hackers have stolen more than a billion unique username and password combinations, and more than 500 million email addresses, grabbed from thousands of websites. What should you do about it?

http://www.onguardonline.gov/blog/russian-hackers-might-have-your-info-now-what?utm_source=govdelivery

Debit Card Fraud

If you are a debit card customer we would like to let you know that special rules have been put in place to protect you against fraudulent activity at this time of year. The new procedures will apply only to cards that were impacted by any past merchant breaches like Target or Home Depot. If we are presented a suspicious transaction of $100 or more on one of the impacted cards, that transaction will be denied to protect your account. In the unlikely event this should occur, contact your local First South Bank branch or email ibcustomerserv@1stsouth.com and we will send you a new debit card. We appreciate your business and want to keep you protected from unpleasant surprises.

First South Bank privacy notice (PDF)