Security Tips

Slider Images4

First Missouri Bank strives to provide a safe environment for employees, customers, vendors and visitors. The Bank continues to maintain and update effective security programs to protect against a variety of operational and transactional risks, including crime, fraud and natural disaster. Many laws and regulations intensify regulatory attention on the Bank’s policies and procedures to safeguard your personal information. As threats to security change and technology improves, it become necessary and essential for our systems to be upgraded to maintain a secure operating environment.

First Missouri Bank is committed to deliver the highest level of security for our Internet banking customers to ensure that your information is secure, protecting you from fraud and identity theft. The Bank maintains physical, electronic and procedural safeguards to guard your nonpublic personal information.

 

“FirstMissouri.com” will soon be “FIRSTMO.BANK”.

Only our website address will change, but with this simple change comes additional security features designed to keep your personal and financial information safe.

With our transition to FIRSTMO.BANK, First Missouri Bank customers can be assured that when they visit our website, or communicate with us electronically, enhanced security and verification requirements are in place in order to reduce the risk of cyber threats and enable us to continue to build on our highly trusted secure environment.

I don’t see many other banks moving to .BANK, why is First Missouri Bank?

We take the security of our customers’ information very seriously and therefore chose to take this extra step to give First Missouri Bank customers peace of mind when banking with us online. We believe that the .BANK domain provides an additional layer of security that the other top level domains such as .com do not.

Why is .BANK more secure?

Just about anyone can obtain a .com website address. With that, criminals can create ‘spoof’ websites and email addresses that can deceive people into giving away personal information.

A coalition of banks, American Bankers Association, the Financial Services Roundtable and other industry members formed to create the .BANK Domain. Only after completing an extensive verification process can a .BANK domain be purchased.

.BANK domains signify that a company has been verified as legitimate and is committed to implementing the additional and mandatory security requirements that go beyond existing standards. Only verified banks are allowed to use the .BANK domain. Therefore, when you see a domain which ends in .BANK, you can be assured that you are dealing with a legitimate, verified financial institution.

Because of the additional security measures taken in the verification process, cybercriminals can be identified and denied the right to obtain a .BANK domain name. Therefore, the .BANK environment provides an enhanced level of security against imposter sites and peace of mind for our customers and business partners.

What are the enhanced security requirements in .BANK?

  • Mandatory verification of charter/licensure for regulated entities ensures the organization requesting the domain is legitimate, the person requesting the domain name is authorized by the company and that the name requested by the company complies with all policies;
  • Domain Name System Security Extensions (DNSSEC) to ensure that Internet users are landing on participants’ actual websites and not being misdirected to malicious ones;
  • Email authentication to mitigate spoofing, phishing and other malicious activities propagated through emails to unsuspecting users;
  • Multi-factor authentication to ensure that any change to registration data is made only by authorized users of the registered entity;
  • Strong encryption to ensure security of communication over the Internet;
  • Prohibition of Proxy/Privacy Registration Services to ensure full disclosure of domain Registration information so bad actors cannot hide.

Who is responsible for enforcing the enhanced Security Requirements and Policies in .BANK?

fTLD, and in some cases its Registry Service Provider, will be responsible for monitoring compliance with the relevant requirements. Registrars will play a role in enforcement as they have the direct relationship with the registrant. fTLD always retains the right to take action if the registrar fails to do so.

Does the move to .BANK change my online banking login?

No. You’ll continue to use the same Username and Password.

What will I notice that is different?

First Missouri Bank’s new website address and employee email addresses will be updated to reflect this change.

New Website Address: FIRSTMO.BANK

Former Website Address: firstmissouri.com

Employees New Email Address: jsmith@firstmo.bank

Former Employee Email Address: john@firstmissouri.com

What do I need to do?

Our old “firstmissouri.com” website address will be redirected to “firstmo.bank”. If you have saved firstmissouri.com in your browser “Favorites” or “Bookmarks”, then you should update your “Favorites” or “Bookmarks” to firstmo.bank.

Feel free to contact us if you have any questions or concerns about our transition to “firstmo.bank”.

The telephone is one of the most common sources of criminal activity and millions of people are scammed every year. As a general rule, you should be highly suspicious any time you are requested to provide personal information over the phone. Here are some additional tips to remember to avoid falling victim to these scams:

  • Never offer personal or account information over the phone without verifying the caller’s identity. Don’t rely on caller ID, that can be spoofed.
  • If the caller insists they have to speak with you, hang up and initiate the call yourself using a known phone number.
  • Resist pressure to make an immediate decision. Scammers don’t want to give you time to “think” about their pitch, they just want you to say “yes” and will pressure you into doing so.
  • Don’t respond to recorded messages (robocalls) where you hear a recorded message rather than a live person. Simply hang up.

Personal financial information and passwords for financial services should not be provided in response to telephone calls, emails, text messages, mobile phone applications, social media messages or unfamiliar or suspicious websites.

Any device used to connect to the Internet should be protected. Here are some things you can do to protect the data on your mobile device:

  • Set and enable an automatic passcode lock on your device to lock when not in use.
  • Use caution when downloading apps. Only download apps from trusted and approved app stores endorsed by your device maker (Apple, Android, etc.) and service carrier. Apps can contain malicious software, worms and viruses.
  • Download and install the software updates for your phone and mobile apps.
  • Avoid storing your personal information like passwords or a social security number on your mobile device.
  • Be cautious of public Wi-Fi. Public connections are not secure and you should not perform banking transactions on a public network.
  • Avoid opening links and attachments in emails and texts, especially from senders you don’t know.
  • If you use mobile banking, be sure to notify the Bank if your device becomes lost or stolen so your mobile banking services can be disabled.
  • Consider setting up a remote wipe program for your device and be sure to wipe it before selling, trading or donating.

The first line of defense in protecting your information is to create an appropriate password. Here are some simple password practices to help secure your accounts:

  • Make your password a sentence or phrase. A strong password is a sentence that is at least 12 characters long. Create a sentence or phrase that you like to think about and is easy to remember (for example, “I love the smell of rain!”). You can incorporate numbers and additional capital letters to meet complexity requirements (the above example could become, “I l0v3 the smell R@IN!”).
  • Have separate passwords for separate accounts. It’s certainly easier to use the same password on multiple sites, but if hacked, the hacker can use that password to access your information at each of those sites.
  • Use multifactor authentication which offers an additional step between entering your password and accessing your account. Typically, this is in the form of a question/answer or an image that you select when setting up your online account. Another form becoming more common is a code sent via text or email that is then entered on the site.
  • Set up touch ID on your mobile device to log on with a fingerprint instead of a password, if option is available.
  • Don’t share your password.

The possibility of the average consumer becoming a victim of a data breach grows with each new advancement in electronics. A data breach occurs when sensitive or confidential information—driver’s license numbers, medical records, Social Security numbers, bank or credit card account numbers—is stolen, copied or used by an unauthorized person. In 2004, only one state required businesses to alert consumers if their personal data had been stolen. Since then, legislation has passed in 45 additional states, including Indiana, to ensure that affected consumers are contacted should their personal information be lost or stolen. While news spreads quickly when there is a major breach affecting millions of accounts, large companies are not the only ones that suffer from such thefts. Smaller companies can be compromised by an employee, a partner or an external computer hacker. Consumers can take the following steps to protect against a personal data breach:

  • Review credit card and bank statements for fraudulent charges at least once a month. If there is a suspicious charge, contact your financial institution.
  • Request that your financial institution close any accounts that you suspect were compromised, and ask for replacement cards with new account numbers and PINs.
  • Determine if there have been unusual requests, such as change-of-address or attempts to secure additional or replacement credit cards.
  • Instruct the card issuer not to honor any requests regarding your card without your written authorization.
  • Credit card issuers offer a variety of e-mail and/or text notices. You can ask for a notice when charges over a certain amount are made, or when your balance reaches a certain level.
  • If you have been the victim of identity theft, contact the three credit reporting agencies—Equifax, Experian and TransUnion—to place a security freeze on your account:

  • Equifax 800-525-6285, www.equifax.com
  • Experian 888-397-3742, www.experian.com
  • TransUnion 800-680-7289, www.transunion.com

Report the identity theft to the police, as you may need to provide a copy of the police report to your bank, creditors and credit reporting agencies. If the local police are not familiar with investigating information compromises, contact the local office of the FBI or the U.S. Secret Service. To ensure that an identity thief has not opened a new account in your name, you should review your credit report. To obtain a free copy of the report, go to www.annualcreditreport.com. If there are any accounts on your report that you did not open, contact the credit bureau to report the fraud and dispute the charges. This information is provided with the understanding that the Association is not engaged in rendering specific legal, accounting or other professional services. If specific expert assistance is required, the services of a professional should be sought.

Debit cards are convenient and safer to use than cash. When you make a purchase with a debit card, the money is taken instantly from your checking account. You can also use your debit card as an ATM card. It is important for you to understand debit cards and the fees, uses and risks associated with them. Here are some suggestions for keeping your debit card safe:

    Check your bank statements often and report any unauthorized transactions to the Bank immediately. A small transaction (e.g. $0.01 or other small amounts) may be indicative of a criminal “checking” the card information to see if it is legitimate. A larger fraudulent charge typically follows. Time is very important to receive full fraud protection from the Bank, so you should review your bank accounts at least once a week, or even daily. Keep track of your transactions. Write down every purchase in your check register to avoid bounced checks and overdraft fees.
  • Protect your debit and/or credit cards and PIN number at all times. Choose a PIN that is not easy to decipher or guess. Don’t share your PIN number with others and don’t keep it written down anywhere near your card.
  • When using ATMs, be aware of your surroundings. Before using the ATM, look closely at the card slot and PIN pad for any abnormalities and glance up and around to see if you notice any cameras. If anything looks strange of unusual, do not use the ATM.
  • If you notice odd or peculiar behavior by others at an ATM (inserting a cable or using multiple cards to withdraw funds at one time), contact local law enforcement and the institution; do not use that ATM.
  • Choose a credit card over a debit card for online purchases. Fraudulent credit card transactions take more time and can be disputed rather than an instant removal of cash from your checking account.
  • Cards that are not used, have been cancelled or replaced by a new card should be destroyed.
  • Be aware that institutions usually won’t contact you via text message or email about your debit card, unless you have previously agreed to this method of communication; if you receive a suspicious text or email message claiming to come from your financial institution, contact your institution to check the legitimacy using the number on the back of the card.
  • Be aware that phone calls you receive may not actually be from your bank. You should not provide the full card number, PIN or CVV code over the phone. When in doubt, call the number on the back of your card to verify contact.
  • Be on guard against phishing attacks and do not open attachments or click links in emails you were not expecting.
  • Use two-factor authentication and other security features offered by your financial institution to protect your accounts.
  • Sign up for text or email alerts from your financial institution for certain types of transactions, such as transactions of more than $500.
  • Notify your bank as soon as possible if you suspect that your card PIN or electronic banking credentials have been compromised.

The best way to protect your kids online? Talk to them. Help them learn how to navigate the Internet and online activities safely and securely.

  • Be sure your kids know that the words they write and the images they post have consequences offline. They should never use the Internet to spread gossip, bully or hurt someone’s reputation.
  • Encourage your kids to only post what they would feel comfortable with the whole world seeing. Let them know that parents, grandparents, teachers, coaches, employers, college admissions officers/recruiters and the police may view their posts. Remind them to think before they post.
  • Help your kids understand and commit to not sharing personal information online, including phone number, address, Social Security number, school name, passwords or other private information.
  • Discuss the importance of your kids managing their online experience the way they would in real life. If something or someone online makes them feel uncomfortable, they have the right to not respond, delete a post, and more importantly tell a trusted adult.
  • Require commitment from your kids to never meet in person with someone they met online.

You are now leaving First Missouri Bank’s web site.

The link you have selected is located on an outside website. Please click OK to leave the bank’s site and proceed to the selected, non-bank controlled site.

You will be redirected to

Click the link above to continue or CANCEL