Lady in a coffee shop using her smartphone

Security Tips

The security of your account information is one of The Dime Bank's top priorities. Our experienced team of professionals monitor your accounts and safeguard your information with state-of-the-art fraud prevention systems.

In addition, arming yourself with knowledge and monitoring your accounts on a daily basis are two ways you can assist The Dime Bank in protecting your financial information.

Please take a few moments to read and implement these important security tips.

Be Alert!
 
Scammers send fake text messages to trick you into giving them your personal information - things like your password, account number, or Social Security number. If they get that information, they could gain access to your email, bank, or other accounts. Or they could sell your information to other scammers.

The scammers use a variety of ever-changing stories to try to rope you in. They may:
 
  • Promise free prizes, gift cards or coupons
  • Offer you a low or no interest credit card
  • Promise to help you pay off your student loans
Scammers also send fake messages that say they have some information about your account or a transaction. The scammers may say they’ve noticed some suspicious activity on your account, or claim there’s a problem with your payment information, send you a fake invoice and tell you to contact them if you didn’t authorize the purchase, or send you a fake package delivery notification.
 
The messages might ask you to give some personal information such as how much money you make, how much you owe, or ask you for your bank account, credit card, or Social Security number in order to claim your gift or pursue the offer. They may direct you to click on a link to learn more about the issue. Some links may take you to a spoofed website that looks real but it isn’t. If you log in, the scammers can then steal your user name and password.
 
Other messages may install harmful malware on your phone that steals your personal information without you realizing it.

Always remember to never click on any links in suspicious texts or emails. If you are unsure, call The Dime Bank directly and validate if we are trying to reach you.
 
As a precaution, it's always a good practice to stay on top of your accounts by checking them often.
The Dime Bank wants to help you keep your information safe. Protecting your personal information is a shared responsibility

Verify it's The Dime Bank. Fraudsters pose as credible companies "phishing" for your information. The Dime Bank will never call to ask for your online login information. If you are unsure, get the individuals name and hang up and call your local branch.

Do not open suspicious texts or emails or click on links within them. Fraudsters impersonate companies to get consumers to click links and provide personal information. Clicking on links can also infect your device with malware.

A password is the first line of defense against cybercriminals. We recommend creating a complex password that is difficult for others to guess but easy for you to remember. Use a different password for each site.

Monitor your accounts regularly, respond to fraud alerts, and report unauthorized transactions promptly.
Ransomware is a type of malicious software, or malware, that prevents access to computer files, systems, or networks and demands a ransom payment for their return.

The simplest way would be to avoid internet connectivity. LOL. Right! As that is not practical in our connected world today, what else can you do?

Auto-install updates. One of the most important controls to protect against ransomware is updating your devices and apps, including browsers (ie: Internet Explorer, Chrome, Edge, etc).

Most software companies regularly release updates for security loopholes. Computers and laptops are configured to scan, patch, and update automatically. Unfortunately, not applying the updates leaves you open to attack. Many ransomware and other malware attacks take advantage of out-of-date software.

One of the most common ways that computers are infected with ransomware is through social engineering. Remember to exercise common sense with suspicious email, websites, and other scams. If it seems suspect, it probably is.

Be unpredictable. There are two common password attacks, brute force and dictionary attacks. Both  involve trying a sequence of numbers and/or common words like 123456, hence, trying to crack a password using “brute force” or common “dictionary” words. To minimize this type of exposure, don’t make your passwords predictable.

Be creative. Related to being unpredictable, consider creating a phrase and use the first or second letter of each word, or substitute a special character for letters and/or numbers. You can use a password generator which provides creative and secure password options.

Be long. The longer the password, the more possible combination, and permutations of the password there are, and thereby the safer they generally are. However, don’t forget the first two tips, because long common words and sequences of numbers are still easier to crack!

Be selfish. Believe it or not, one of the more common reasons passwords are compromised is because people share their credentials. Quite simply – never, ever share your password(s)!

Be mindful. Think before you click. Phishing is where you receive an email or text message asking for you to confirm your details or take some other action where you need to enter your personal credentials. These types of acts are becoming increasingly sophisticated and can look very legitimate, like an email from someone you know. As a good rule of thumb, unless you make a request, don’t ever enter your credentials. Or, if you have any doubts, contact the organization requesting the information directly.

Be unique. You should use different passwords for different logins – yes, a different password for every login. Having a unique password for all your accounts helps prevent that if or when one is compromised the others remain protected. Pro tip: If you can’t remember all your passwords, consider using a secure password manager.

Use the built-in firewall on your computer.

Turn on automatic updates for ALL software you use, including your internet browser(s).

Use antivirus and anti-malware software  and keep it current.

Create a long phrase for your password instead of a short password.

Don’t open suspicious attachments or click unusual links in email, tweets, posts, online ads, messages, or attachments. 

Browse safely.  Don’t visit illicit sites.  They may contain malware or a download that contains malware. 

Refrain from streaming or downloading movies, music, books, or applications that are not from a trusted source.  Pirated material may include malware.

Avoid malware and viruses by only using external devices you own or receive from a trusted source.  

Unexpected or suspicious email attachments should never be opened. They may execute a disguised program (malware, adware, spyware, virus, etc.) that could damage or steal data. If in doubt, call the sender to verify. A good rule of thumb is to only open file attachments if you are expecting them and if they are relevant to the work you are doing.

Signs of a Malicious Attachment

.exe Files: .exe files are executable files - meaning that they can run a program; while .exe files are not inherently malicious, they can be used to install malware on your computer; there's no reason for an .exe file to be shared via email, so if you receive one, you should delete it.
  • .exe files can also be disguised in .zip folders - if you receive an email with a .zip, and open the folder to find an .exe, you shouldn't run the file.
  • Be careful, some attachments might show the icon for a document, PowerPoint, etc., but they still have the .exe extension.
  • Just because a file isn't an .exe, doesn't mean it's not malicious - there have been instances of macro-viruses that hide themselves inside of Office Documents.
Unsolicited Email/Strange "From" Field: don't open attachments that you're not expecting, or from users who you don't know.

Strange "To" Field: if the email has a long, alphabetical list of recipients, or if the "To:" field is blank, then the email is probably illegitimate, and the attachment shouldn't be opened.

Vague Subject Line/Body: if the subject line or the body text is vague, then the attachment probably is illegitimate.

Missing Salutation: most legitimate emails have a salutation.

Poor Grammar/Spelling: legitimate emails are carefully proofread before they're sent out; if the email has a lot of spelling/grammatical errors it's probably not legitimate.

Sense of Urgency: (i.e. - "this attachment will expire in 24 hours”, “you have an unpaid invoice") most illegitimate emails try and create a sense of urgency so that the recipient will download and run the attachment without carefully looking at it.

Remember attackers/bad actors rely on user interaction. Their goal is to try to trick users into opening a malicious document to exploit system vulnerabilities. Stay alert, stay safe!
Lady on couch using her smartphone to look at the news
NEWS

Keep up to date with us.

Learn about all of the exciting things going on at The Dime Bank with our newsletters and press releases.


Find out what's new