Cybersecurity

Cybersecurity education is vital in today’s technology-driven world. We want to help you stay safe online with tips and resources you can use.

• MoneyiQ
• General Online Safety Tips and Resources
• National Cybersecurity Awareness Month (NCSAM)
• Simple Steps to Online Safety
• Cybersecurity in the Workplace
• Cybersecurity for Kids & Teens
• Cybersecurity for Older Adults
• Website Security Notice
• About Our Digital Banking Service
• PC-Related Threats
• Ways to Prevent Infection

MoneyiQ

General Online Safety Tips and Resources

STOP. THINK. CONNECT.™

StaySafeOnline

National Cybersecurity Awareness Month

October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. The theme for the month is, ‘See Yourself in Cyber’ and TrustTexas Bank is proud to be a champion and support this online safety and education initiative this October.

Cybersecurity Awareness Month is designed to engage and educate public- and private-sector partners through events and initiatives with the goal of raising awareness about cybersecurity to increase the resiliency of the nation in the event of a cyber incident. Since the Presidential proclamation establishing Cybersecurity Awareness Month in 2004, the initiative has been formally recognized by Congress, federal, state, and local governments and leaders from industry and academia. This united effort is necessary to maintain a cyberspace that is safer and more resilient and remains a source of tremendous opportunity and growth for years to come. For more information, visit staysafeonline.org/cybersecurity-awareness-month/

From mobile to connected home devices, technology is becoming more intertwined with our lives everyday. And while the evolution of technology is moving at the speed of sound, cybercriminals are working just as hard to find ways to compromise technology and disrupt personal and business life. Cybersecurity Awareness Month aims to highlight some of the emerging challenges that exist in the world of cybersecurity today and provide straightforward actionable guidance that anyone can follow to create a safe and secure digital world for themselves and their loved ones.

This year, the Cybersecurity Awareness Month’s main focal areas revolve around four key fundamental cybersecurity best practices:

• Recognizing and reporting phishing — still one of the primary threat actions used by cybercriminals today.
• Understanding the benefits of using a password manager and dispelling existing myths around password manager security and ease of use.
• Enabling multi-factor authentication on personal devices and business networks.
• Installing updates on a regular basis and turning on automated updates.

If everyone does their part – implementing stronger security practices, raising community awareness, educating vulnerable audiences, or training employees – our interconnected world will be safer and more resilient for everyone.

Now in its 19th year, Cybersecurity Awareness Month continues to build momentum and impact with the ultimate goal of providing everyone with the information they need to stay safer and more secure online. TrustTexas Bank is proud to support this far-reaching online safety awareness and education initiative which is co-led by the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security.

NCSA and CISA invite you to participate in Cybersecurity Awareness Month 2022 this October as we encourage all users to own their role in protecting connected devices. Do Your Part. #BeCyberSmart.

ENABLE MULTI-FACTOR AUTHENTICATION

Nearly half (48%) of US/UK respondents say they have “never heard of MFA." Many people don’t realize that multi-factor authentication is an incredibly important tool that goes a long way in keeping accounts secure. In fact, of those who knew about it (52%), most had applied MFA to their online accounts (81%) and were still using it (90%), showing that once MFA is enabled, users will keep using it. This month, we’re showing others how easy it is to enable MFA wherever possible.

ADDITIONAL FACTS AND FIGURES

• Only 26% of companies use multi-factor authentication. (LastPass)
• Two-factor authentication has become more popular over the last two years, with 79% of US/ UK respondents saying they used it in 2021, compared to 53% who used it in 2019. (Duo Labs)
• SMS text messages are the most common second factor US/UK users choose when logging into two-factor authentication accounts, at 85%. (Duo Labs)

USE STRONG PASSWORDS AND A PASSWORD MANAGER

53% of people rely on their memory to manage passwords. (Ponemon Institute)

As our online lives expand, we’ve gone from having just a few passwords to today, where we might manage upwards of 100. That’s 100 unique passwords to remember, if you’re using strong password habits. Password managers can save users a lot of headache and make accounts safer by recommending strong passwords. This October, we’re dispelling the misconceptions about password managers and showing others how these tools will keep them safe online.

ADDITIONAL FACTS AND FIGURES

• 43% of adults have shared their password with someone. (Google)
• Only 45% of adults would change a password after a breach. (Google)
• 75% of people said they don’t know how to create secure passwords in the first place. (Ponemon Institute)
• 81% of the total number of breaches leveraged stolen or weak passwords. (LastPass)
• 61% of employees use the same passwords for multiple platforms. (LastPass)
• The most commonly used password management strategy was writing them down in a notebook (31%). Remembering passwords was also seen as a popular technique reported by 26% of the participants. (NCA)
• Only 12% of the participants reported using a stand-alone password manager application with another 11% saving their passwords in their browser. (NCA)
• 28% of adults in the US use the same password for all of their online accounts. (Business Insider)
• 65% of Americans don’t trust password managers. (Password Manager & YouGov)

UPDATE YOUR SOFTWARE

Nearly a third (31%) of US/UK respondents say they either “sometimes,” “rarely,” or “never” install software updates. (NCA)

One of the easiest ways to keep information secure is to keep software and apps updated. Updates fix general software problems and provide new security patches where criminals might get in. This Cybersecurity Awareness Month, we’re telling others to step away from the “remind me later” button to stay one step ahead of cybercriminals.

ADDITIONAL FACTS AND FIGURES

• 68% of the participants reported installing the latest updates and software as soon as these are available. (NCA)
• Of those who reported installing the latest updates to their devices, 45% had turned on automatic updates. A further 21% noting that they take immediate action when they receive a notification. (NCA)
• Just 20% of Android devices use the latest and safest OS version. (Symantec)

RECOGNIZE AND REPORT PHISHING

Phishing attacks in data breaches increased 11% from 2019 to 2020. It went from 25% to 36% based on analysis of confirmed breaches. (Verizon)

Phishing attacks have become an increasingly common problem for organizations of all sizes and can be very difficult to spot. 30% of small businesses consider phishing attacks to be their top cybersecurity concern. It’s important for every individual to stop and think before clicking on a link or attachment in a message and know how to spot the red flags. Cybersecurity Awareness Month 2022 will give individuals the tools they need to recognize a phish and report it to their organization or email provider.

ADDITIONAL FACTS AND FIGURES

• Only 60% of adults could define what “phishing” is. (Google)
• Nearly 3 out of 4 companies experienced a phishing attack in 2020 (Symantecs).
• 72% of respondents reported that they checked to see whether messages were legitimate (i.e. phishing or a scam) compared to 10% who reported not doing so. (NCA)
• Nearly half of the participants (48%) reported phishing emails to the sender (e.g. the real person the cyber criminal tried to impersonate by sending the phishing email). (NCA)
• 42% of the participants said they used the reporting capability on a platform (e.g. Gmail) “very often” or “always”. (NCA)

Simple Steps to Online Safety

Staying safe and secure online is our shared responsibility. Here is easy-to-follow, actionable advice for everyone.

• STOP: make sure security measures are in place.
• THINK: about the consequences of your actions and behaviors online.
• CONNECT: and enjoy the internet.

It is critical for anyone using the internet to continually learn about and consistently practice good cybersecurity habits. To better protect yourself, you should secure your home networks and mobile devices and take the time to learn how to use the internet more safely, securely and responsibly. View these tip sheets to address the top consumer cyber concerns, provide simple steps to protect against these concerns and teach you what to do if you fall victim to cybercrime.

Online Cybersecurity Tip Sheet For All Digital Citizens
Safe Online Shopping
Stay #CyberAware While On the Go – Safety Tips for Mobile Devices
What To Do If You Are A Victim Of Cybercrime
Tips for Passwords & Securing Your Accounts
Privacy Tips for Using Public Computers & Wireless Networks
Simple Cybersecurity Tips for Staying Safe Online During Tax Time

More Cybersecurity Tips

Understand your digital profile. 

Internet-based devices are present in every aspect of our lives: at home, school, work, and on the go. Constant connection provides opportunities for innovation and modernization, but also presents opportunities for potential cybersecurity threats that can compromise your most important personal information. Understand the devices and applications you use every day to help keep you and your information safe and secure.

• Top Tip: Never click and tell. Limit what information you post on social media—from personal addresses to where you like to grab coffee. What many people don’t realize is that these seemingly random details are all criminals need to know to target you, your loved ones, and your physical belongings—online and in the physical world. Keep Social Security numbers, account numbers, and passwords private, as well as specific information about yourself, such as your full name, address, birthday, and even vacation plans. Disable location services that allow anyone to see where you are – and where you aren’t – at any given time. Read the Social Media Cybersecurity Tip Sheet for more information.
• Top Tip: Keep tabs on your apps. Most connected appliances, toys, and devices are supported by a mobile application. Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved—gathering your personal information without your knowledge while also putting your identity and privacy at risk. Check your app permissions and use the “rule of least privilege” to delete what you don’t need or no longer use. Learn to just say “no” to privilege requests that don’t make sense. Only download apps from trusted vendors and sources.

Tip Sheets:
Cybersecurity While Traveling
Online Privacy
Social Media Cybersecurity
Internet of Things

Secure your digital profile.

Cybercriminals are very good at getting personal information from unsuspecting victims, and the methods are getting more sophisticated as technology evolves. Protect against cyber threats by learning about security features available on the equipment and software you use. Apply additional layers of security to your devices – like Multi-Factor Authentication – to better protect your personal information.

• Top Tip: Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring. Read the Multi-Factor Authentication (MFA) How-to-Guide for more information.
• Top Tip: Shake up your password protocol. According to National Institute for Standards and Technology (NIST) guidance, you should consider using the longest password or passphrase permissible. Get creative and customize your standard password for different sites, which can prevent cybercriminals from gaining access to these accounts and protect you in the event of a breach. Use password managers to generate and remember different, complex passwords for each of your accounts. Read the Creating A Password Tip Sheet for more information.
• Top Tip: Play hard to get with strangers. Cybercriminals use phishing tactics, hoping to fool their victims. If you’re unsure who an email is from—even if the details appear accurate— or if the email looks “phishy,” do not respond and do not click on any links or attachments found in that email. When available use the “junk” or “block” option to no longer receive messages from a particular sender.

 Tip Sheets:

Creating A Password
A How-To-Guide For Multi-Factor Authentication
5 Ways To Be Cyber Secure At Work
Phishing
E-Skimming

Maintain your digital profile.

Every click, share, send, and post you make creates a digital trail that can be exploited by cybercriminals. To protect yourself from becoming a cybercrime victim you must understand, secure, and maintain your digital profile. Be familiar with and routinely check privacy settings to help protect your privacy and limit cybercrimes.

• Top Tip: If you connect, you must protect. Whether it’s your computer, smartphone, game device, or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser, and operating systems. Sign up for automatic updates, if you can, and protect your devices with antivirus software. Read the Phishing Tip Sheet for more information.
• Top Tip: Stay protected while connected. Before you connect to any public wireless hotspot – like at an airport, hotel, or café – be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. If you do use an unsecured public access point, practice good Internet hygiene by avoiding sensitive activities (e.g., banking) that require passwords or credit cards. Your personal hotspot is often a safer alternative to free Wi-Fi. Only use sites that begin with “https://” when online shopping or banking.

Tip Sheets: 

Social Media Bots Overview
Understanding Foreign Interference In 5 Steps
Identity Theft and Internet Scams
5 Steps To Protecting Your Digital Home 

Cybersecurity in the Workplace

Privacy is Good for Business
Technology Checklist for Businesses
Cybersecurity for Small Business Fact Sheets

Learn more at CyberSecure My Business and the Federal Trade Commission's Cybersecurity for Small Business information page. 

Cybersecurity for Kids & Teens

Rethink Cyber Safety Rules and the "Tech Talk" With Your Teens
Tips for Parents on Raising Privacy-Savvy Kids 
Online Gaming Tips for Kids, Teens, & Tweens
NCSA's Parent Primer for Guiding Kids to Careers in Cybersecurity

Cybersecurity for Older Adults

Cyber Tips for Older Americans
Online Safety Tips for Older Adults

Website Security Notice

TrustTexas Bank understands that when it comes to your personal finances, conducting your banking in a safe, secure environment are essential. Whether you are visiting us in person or conducting a transaction at one of our ATMs, you can rest assured that TrustTexas Bank utilizes state-of-the-art technology to protect your interests. More importantly, we continuously evaluate new technologies and procedures to ensure that your protection continues without interruption. That commitment extends to our Online Banking, Mobile & Tablet Banking and Bill Pay services.

About Our Digital Banking Service

Banking via the internet is an established practice in today's society, and the systems available are designed and continuously tested to protect your interests. TrustTexas Bank brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry and multifactor authentication, a VeriSign-issued Digital ID for the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.

Secure Access and Verifying User Authenticity
To begin a session with the bank's server the user must key in an Access ID and a password. Our system, the Online Banking System, uses a "3 strikes and you're out" lockout mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out and requires a phone call to the bank to verify the password before re-entry into the system. TrustTexas Bank also utilizes PassMark Security to provide multifactor authentication technology through their core processing vendor. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.

Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.

Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank. Using the above technologies, your Online banking transactions are secure.

PC-Related Threats:

• Spyware is software installed on a computer without the user's knowledge, often through a virus or when a user downloads a free program. It is designed to let a hacker eavesdrop, collect personal or confidential information and perhaps track and record a user's activities. Some spyware can obtain such information as passwords or credit card numbers. It also often bombards computer users with unwanted ads.
• Keystroke Logging is PC software that captures the user's keystrokes, usually unbeknownst to the user. These keystroke loggers wait patiently on the PC until you type in a password and ID that can be associated with a financial institution website at which time the information is sent from the PC to the criminal.
• Malware is malicious software (Viruses and "Trojans") - latent malicious code or devices that secretly captures data on a consumer's personal computer which may intercept the user's request to visit a particular site and redirect the user to a site a pharmer has set up.
• Ransomware Facts & Tips

Ways to Prevent Infection:

• Install current versions of virus detection software, firewalls and spyware scanning tools (more than one is recommended). PC Magazine and PC World are excellent resources that explain software jargon in layman's terms and provide objective product reviews.
• Regularly update these tools by downloading updated virus definitions. This is extremely important as new viruses can appear daily.
• Run system virus scans regularly, but especially after extensive Internet surfing or usage.
• Make sure your browser is up to date and security patches are applied. Most browsers have automatic updates, but it's still a good idea to visit the actual website even if you're not alerted to do so.
• Be aware of the risks in using public computers, such as those in hotels, libraries or Internet cafes, to connect to online banking because of the uncertainty of what spyware may have been installed on the public equipment.