Microsoft Security Advisory – Internet Explorer Vulnerability
May 2nd, 2014
Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11. A Microsoft update was issued to fix this vulnerability.
Everyone is encouraged to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates, and installing antivirus and antispyware software. Microsoft recommends that you check your PC to make sure that you have automatic updates enabled. Additionally, everyone should exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders.
We urge you to read Microsoft's Security Update for Internet Explorer to further understand how to keep Internet Explorer secure.
For more information, visit Microsoft's Safety & Security Center: "How to Boost Your Malware Defense and Protect Your PC" and "Automatic Update Settings"
Open SSL Heartbleed Bug
April 16th, 2014
What is the Open SSL Heartbleed Bug?
The Heartbleed Bug is a flaw in the programming on secure websites that could put your personal information at risk, including passwords, credit card information and email. A large number of web servers use an encryption technology known as Open SSL to secure a user's personal information. Experts recently discovered an Open SSL bug that cybercriminals could exploit and possibly access a user's personal data. Most sites with a web address beginning with "https" are vulnerable until the website owner installs patches and users change their passwords.
What should I do?
It is a good idea to visit the secure sites you use to see if the company has put a fix in place for the Open SSL Heartbleed Bug. Then change your password. It is a good security practice to periodically change your passwords and use a unique strong password for each site. Make sure you monitor your checking account on a regular basis and report any suspicious transactions to the Bank. Be aware of phishing scams or emails with malicious links that will attempt to get sensitive information from you. Remember the Bank will never ask for or send personal information or account information through email, text message or phone.
What has the Bank done?
The Bank is aware of the Open SSL Heartbleed Bug and has analyzed it's technologies to ensure that it does not affect customers. Specific to Online Banking, the system does not use the targeted Open SSL technology which is vulnerable to the Heartbleed Bug. The Bank is committed to protecting customer information and will continue to monitor cyber fraud alerts and the Bank's technologies.