Protect Yourself Online
Rivermark values our members’ security and privacy. While Rivermark is continuously improving the security of our systems, your knowledge of how to defend yourself against online threat is one of the best defenses.
We've put together helpful information to help you protect yourself.
1. Keep Information Private
Public computers, like the ones at your public library, are often targets for hackers who install a keystroke logger that captures anything typed into the machine. Be cautious about accessing your accounts or other websites where they could obtain usernames, pin, answers to security questions and passwords.
Hackers can mask emails and text messages to look like they come from a trusted sender. Do not send your account number or personal information via email or text messaging to anyone.
Be alert for phone calls where the representative asks for personal information, including your member number, Visa number or social security number. Rivermark representatives will not call to request personal information. If you get a suspicious call, ask for the caller’s name and extension and then call them back at Rivermark’s main phone number (503.626.6600). You can enter the extension at any time after our automated operator answers. DO NOT call the representative back on any number other than Rivermark’s published phone numbers: 503.626.6600, 800.452.8502 or 541.296.3224.
Also, do not give anyone your debit card PIN and do not write it down.
2. Review Your Accounts
Early detection is key in stopping fraud early. Rivermark encourages members to login to Online Banking regularly to review account activity. Please contact Rivermark immediately with any concerns at 503.626.6600.
3. Make Your Password Strong
Change your password regularly and make it complex: at least 8 characters with a mix of letters, numbers and special characters. Do not give anyone your password and do not write it down. Use different passwords for your key accounts. See below for more tips.
4. Watch for Redirection
Use care when a hyperlink redirects you to a website that doesn’t look like it is operated by Rivermark. Rivermark has warnings that alert you when you are being redirected to a website operated by one of our partners. Use caution and contact Rivermark if you do not see this warning or suspect fraud.
5. Log Off
When you’re done using Online Banking, don’t just close the browser window. Always logoff.
6. Assess Your Risk
You are encouraged to review the actions you are taking to keep your Online Banking access safe. Security controls could include how you store information like your member number, password, pin or the answers to security questions. Also consider the type of antivirus protection you use on your computer and the security of your wireless network.
7. Be Wary of Public Wi-Fi
Placing that online order waiting in line at the coffee shop may be convenient, but be very careful when using public wi-fi networks. Many times these hotspots are not secure, which puts you at risk. Use a secure, encrypted network, which will require you to provide a password.
Rivermark representatives will NEVER request your member number, social security number, Visa credit or debit card number, Personal Identification Number (PIN) or Online Banking login information via call, email or text message. Rivermark representatives may ask for this information when you initiate contact when it is needed to assist you.
Risk Management may contact you via automated call (866.750.9107) to verify unusual credit or debit card transaction. You have the option to talk to complete the call through the automated system or talk to a representative. Our Risk Management department will NEVER ask you for any of your Online Banking login information.
The Rivermark representative will:
- Introduce themselves as Rivermark Risk Management: The representative may ask you to verify your card with the last four digits of the card number they are contacting you about. Do not give anyone claiming fraud was detected on your credit or debit card your full card number, expiration date, three digit security number (located on the back of your card), or your full social security number.
- Ask you to verify the transaction(s) in question: Risk Management may ask you for information about your address or last four of your social security number. Risk Management will only ever call you about credit or debit card transactions.
In our digital world, there is a password for everything. Whether it’s your phone, social media, email, Online Banking or anything in between, it’s important to keep your information safe by creating strong passwords.
Ideally passwords should be safe, memorable and long.
Strategies for a Strong Password
- Make it complex. Your password should be at least 8 characters with a mix of letters, numbers, capitalization and special characters. A password generator like KeePass can help you create a unique, difficult-to-break password.
- Take a sentence and turn it into a password. The sentence can be anything personal and memorable for you. Take the words from the sentence, then abbreviate and combine them in unique ways to form a password. Use movie quotes, song lyrics, favorite sayings, etc.
- Connect the first letters of a passphrase. Take a long phrase and use the first letter of each word. Be sure to add in special characters and numbers. Make sure the phrase does not include easily recognizable information, such as childrens’ names and street addresses.
- Think of reversing words. With either of the above methods you can reverse words to make them even more secure.
- Pick a pattern on the keyboard. Passwords can be based on keyboard patterns. For example, a counter-clockwise spin around the letter f could result in "gtrdcvg." If you add in random symbols and numbers, you have an easily remembered pattern.
Important Tip! If you have trouble remembering your passwords you might benefit from a secure password storage app such as KeePass or LastPass.
- Each major account you have should have a different password. Avoid using the same password over and over.
- Change your passwords regularly. Try not to use an old password for at least a year after you change it.
- If you suspect something suspicious on one of your accounts, change your password immediately.
- Do not give anyone your password and do not write it down. It may be tempting to write your password on a Post-it note, but it’s one of the first places thieves look.
- Install malware-prevention software to prevent malware that allows key stroke loggers to learn your password.
- Be careful using the “remember password” function in your browser. If someone gets a hold of your computer, they will also have access to your accounts.
- Logging into public Wi-Fi? Avoiding entering passwords while on a shared, public network.
- When requesting a password change, make sure the answers to your security questions are not easily accessible on social media.
You may have heard about recent ransomware attacks like WannaCry, that affected over 200,000 people in 150 countries. These attacks are becoming more rampant, but there are simple things you can do to help protect yourself.
What is Ransomware?
Ransomware is malware that involves locking up your data and threatening to destroy it if a ransom is not paid. This form of digital extortion sometimes involves ransom cryptware, which encrypts your files and locks them, only to be unlocked with a private key from the attacker.
It’s impossible to 100% protect yourself from ransomware, but there are some things you can do to lower your risk of attack.
How can you protect yourself?
- Patch Your Computer
This is a simple fix – run updates to your computer when prompted. Victims of WannaCry could’ve saved themselves if they had the recently patched their computers. The best course of action is to turn on automatic updates for your system.
- Install Antivirus Software and Keep it Up-to-Date
Antivirus software is one of the best methods to protect yourself against known ransomware. Like your computer, you’ll need to make sure this important software is up-to-date.
- Be Wary of Pop Ups
Pop ups can be much more dangerous than an annoying advertisement. If a pop up looks suspicious, do not click on it, then safely close the windows.
- Don’t Open Emails from Senders You Don’t Know
Malware often hides in these “spam” emails. Avoid clicking links in emails, unless you know and trust the sender.
- Backup your Data
The greatest damage people suffer from a ransomware attack is the loss of files. That’s why it’s important to have your back up data stored somewhere like a physical hard drive. After backing up your data, unplug your computer from the external drive and put it away.
What do I do if I’m Already Infected?
Once you realize you are infected, disconnect from the internet so it won’t infect other machines on the network. Report the crime to law enforcement and seek help from a technology professional who specializes in data recovery to cover your options.
Whatever you do, don’t pay the ransom. It’s not likely you will get your data back, even if you pay plus it funds future attacks.