Fraud Prevention Tips for Businesses

At State Savings Bank, we take the security of your information seriously.  While we use a variety of technologies and techniques to help make sure our products and services are secure, we need your assistance in keeping it that way.  The following are steps you can take to help protect your accounts from internal and external fraud:


Computer safety

  • Don't let others use your personal computer.
  • Log off or lock your workstation whenever you leave your computer.
  • Change your passwords often, don’t store passwords in an easy to find place, don’t share your password with others, and choose passwords that are hard to guess.
  • Install anti-virus, anti-spyware and other internet security software on your personal computer. Make sure you have antivirus software that scans incoming communications and files for viruses that may cause you trouble. Be cautious about offers for "free" antivirus software and make sure you get your software from a highly reputable company. Also look for antivirus software that removes or quarantines viruses and that updates automatically on a regular basis.
  • Be leery of e-mail messages you receive from people you don't know, and don't open any attachments they may contain. Don't respond or reply to an e-mail, phone call, or text message that:
    • Requires you to supply personal or account information directly in the e-mail;
    • Threatens to close or suspend your account if you do not take immediate action;
    • Invites you to answer a survey that asks you to enter personal or account information;
    • States that your account has been compromised or that there has been third-party activity on your account, then asks you to enter or confirm your personal or account information;
    • States that there are unauthorized charges on your account, then asks you to provide your personal or account information;
    • Asks you to enter your User ID, password, account numbers, PIN or card expiration dates into an e-mail, non-secure webpage or text message;
    • Asks you to confirm, verify or refresh your account, credit card, or billing information.
  • Make sure your browser uses the strongest encryption available and be aware of the encryption levels of the sites and applications you use.
  • Use only software from reliable vendors.

Mobile Fraud Prevention

  • Don’t share your mobile device with others, especially strangers.
  • Ensure no one is looking over your shoulder in congested public areas and reading information from your device’s screen.
  • Log out from your online banking session when you’re finished, whether you’re using a mobile app or the mobile website.
  • Don’t store your password on other apps within your mobile device, such as the Notes app.
  • Avoid jailbreaking or rooting your phone.
  • Always use official app stores to download any app.

Internal Controls and Tools to Prevent Fraud

  • Maintain appropriate internal controls, including segregation of duties. For example, have different people involved in reconciling accounts from those making payments.
  • Implement dual control for electronic payments you originate from your account.  For example, have one person prepare a payroll file and another approve the file before it is sent to the bank for processing.
  • Periodically assess your risk and evaluate your internal controls, including reviewing your users and the permissions you grant them. Your system administrator can establish user permissions and online transaction limits for each of your users.
  • Regularly review your transactions and statements to detect unauthorized activity. We promptly post your transaction details online, it can be very useful to monitor and control transactions—including those originating online and through other channels, such as checks you've written or withdrawals you've made.
  • Use tools such as Positive Pay Service, debit blocks and Reverse Positive Pay Service to help you monitor and control checks/ACH debits clearing against your accounts.
  • Customize Account Alerts to receive notification when certain account activity takes place.