Top 10 Tips for Shopping Safely Online

holiday online shoppingDuring the surge of online shopping during the holidays, our Chief Technology Officer thought these reminders would be helpful. Here are 10 tips collected from security experts for shopping safely online:

  1. Make sure your computer and mobile device are fully up-to-date. Do you have the latest Windows or Mac patches installed? Is your tablet or phone running the most recent operating system update? Make sure they are!
  2. Are you free of malware? Designers of malicious software such as Trojans and key loggers grab your credit card information and site passwords, opening you up to fraudulent transactions. Run up-to-date antivirus software and configure it to fully scan your system from time to time (perhaps every day at 2 AM).
  3. Were you ever infected? If your machine ever did have nasty malware on it and was not completely wiped (or factory reset), think very hard before using it for any sensitive online activity. It’s virtually impossible to guarantee a once-compromised system is now safe.
  4. When it comes to shopping, go only to places you trust. If you are following links from fliers, marketing emails or websites, “hover” over the link to check the domain name before you click. If the last part of the domain name, (distinguished by punctuation and including the “dot com”) is not the same as what you know it to be, don’t go there!

    Examples:
    Good link (find the “dot com” and what precedes it): https://www.amazon.com/gp/product/8034-ui76?link=bold?cat=elec.

    Bad link: (see that there are 2 “dot coms”? The last one is where you will go when you click.) http://www.amazon.com.amazn.com/gp/product/8034-ui76?link=bold?cat=elec.

  5. Be particularly cautious of deals that are too good to be true. Online specials may be exciting, but the bad guys know what products get people clicking with wild abandon. Don’t follow retailers or marketing materials that you don’t recognize.
  6. Be particularly cautious of spam email through the holiday season. It always escalates in December, as does the successful fraud that drives it.
  7. If the website isn’t loading as “HTTPS”, close it down. Do not enter any information. The address should begin with https://.
  8. Offers requiring you to sign up or register may not be fraudulent, but be aware of precisely what information you are sharing and how the company will use your information. Malicious phishing emails are harder to spot if you also get a lot of legitimate marketing emails. Consider a throwaway email address for such offers; an email account you don’t use for online financial transactions.
  9. Never enter your bank card details into a pop-up window that appears before the payment stage. Never enter your PIN number anywhere online, period.
  10. Finally, be sure to keep receipts and some kind of record of the purchases you make online. Protect yourself in the event that you need to return something or dispute charges later.

We hope you have a fun, and safe holiday season. Our own experts are always ready to help you protect your financial assets. For more information, including a phone number if you need to talk to a live person are found on The Peoples Bank Online Security Tools resource page.

Come See Us December 5th During Customer Appreciation Day

Our customers are the best!
OUR CUSTOMERS ARE THE BEST!
There are plenty of places where you could do your banking. We’d like to say “Thanks” for choosing Peoples Bank. And this year (our 102nd!), we’re taking Friday, December 5th to show you how much we appreciate you!

We’ll have refreshments all day, in every office. Please come by and let us thank you in person!

“Spending Wisely” isn’t just a slogan. You gotta do it. Here’s how.

“Spending Wisely” isn’t just a slogan. You gotta do it. Here’s how.“Economy does not lie in sparing money, but in spending it wisely.” Wise people will tell you that Thomas Henry Huxley had that much right, anyway. Spending wisely is a critical part of financial success. But how does one actually go about “spending wisely”?

Money is a useful instrument, a tool. Like any tool, the better you use it, the more effective it is. To spend money wisely, spend it according to a plan. Think about what you need and what it will take to get it, in both the short- and long-term. So, set goals and use your money to meet them.

Focus on things directly within your control (and don’t let anybody convince you otherwise):

  • Live within your means
  • Be a smart shopper, not a lazy one
  • Track your spending habits, develop a budget that allows for unexpected events
  • Plan for short-term and long-term goals

One thing that the Financial Literacy council suggests is that you set a maximum amount you will spend each week, or each month, and stick to it. There are lots of other really good suggestions on MyMoney.gov. Visit the web page for resource links and planning tools to help you spend your money wisely.

Give Your Company a Security Check on First Friday of Each Quarter

Company SecurityThe security of your company’s computers and network is too important to ignore. The Director of the FBI recently told a reporter that there are two types of companies in the United States: those that have been hacked by China, and those who don’t know they have been hacked by China. Think about that problem for a moment as you think about your company network security…

The (other) problem is that few companies have the resources, let alone the time, to make computer security a constant focus. Because doing something on a regular basis to monitor and improve security is better than doing something only when there is a problem, we have a helpful suggestion. Give your company a security check on the First Friday of Every Quarter.

What’s a Security Check?

A security check is simply making sure that the basics are covered. Some things to check:

  • That there are no obvious vulnerabilities (such as Windows XP machines that should be replaced or old Macs still running out-of-date and vulnerable systems).
  • That all computers are automatically updating their operating system and primary software (such as Microsoft Office).
  • That the updates and patches were successfully applied (sometimes they don’t finish).
  • That good passwords protect the computers.
  • That the passwords are neither shared by employees nor written on a piece of paper at the computer’s desk.
  • That the virus and anti-malware software is running on all computers and up-to-date (automatic updates are happening/happened).
  • That the computer back-ups are working well and ready to mitigate a disastrous event.
  • That the company’s network firewall is running.
  • That the company server(s) is or are running the most up-to-date and patched version of the server operating system.
  • That employees and management are familiar with key points from the security policy, compliant, and recognize their employment is contingent upon compliance. (No company is too small for a good security policy.)
  • That the company’s security policy addresses the current system(s).

Need help getting started?

You can do some of the items listed above without outside assistance, especially if you have just a couple of PCs to manage. If the items listed above are too challenging, your best option is to have a computer professional perform a preliminary assessment of your company’s computer and network environment and prioritize the next steps. It will provide a roadmap to improving the security of your company and prioritize issues. The security focus of the review is narrow enough to constrain costs. A number of solutions can automate security policy enforcement such as software update and patch management.

How long will my Security Check take? How much does a Security Assessment and plan cost?

Great questions. You should get those answers. No blog post can answer them precisely since the factors vary considerably, such as the number of computers, types of tools already in place, and the number of users. Only a professional review of your network can answer those questions. We can tell you that it’s not hard to do, and probably won’t cost a lot of money. Given today’s threats, the answers will make it worth the expense.

The fact is that no organization, unless it’s Intel or the NSA, can afford to do all they need to do, every day of the week. But it is important to stake out some time allotment at some regular interval to figure out what needs to be done, and do at least part of it every year. Once a quarter is do-able, right?

Speaking as a bank that cares, we urge you to protect the assets that generate and promote revenue. Your computers and their network are among those critical assets. Make it a priority within your company to give your company a security check at least once a quarter. Try making the Security First Friday of the Quarter a part of your corporate culture.

Here are some resources to help you get started:
Cyber-security for Small Business – Federal Communications Commission
9 Security Tips for Small Business Owners – Small Business Administration
Small business IT security checklist – GFI.com