Security Tips

Internet Security

One of the most important priorities of Henderson Federal Savings Bank is the security and privacy of our customers' personal information. Henderson Federal Savings Bank customers can rest assured that we have a commitment to offer the highest level of security available. We value the trust our customers have placed in Henderson Federal and you can be confident in knowing that the information you share will be safeguarded. Also, being FDIC insured adds an additional layer of trust in knowing that your deposits are insured up to $250,000.

Henderson Federal Savings Bank strives to provide the highest level of security possible when using Internet banking. The following are just a few of our security measures:

Secure Communications

For your protection, Henderson Federal Savings Bank Account Access requires 128-bit browser encryption. This industry standard prevents the possible interception of your personal financial information over the Internet.

Secure Login

No one at Henderson Federal Savings Bank will ever ask for your password. Protecting your personal password is important to the security of your account. Please never share your password with anyone.

Secure Environment

Secure Data Transfer: Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by Tru-Secure, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new user starts a server session.
Router and Firewall: Requests must filter through a router and firewall before they are permitted to reach the server. A router (a piece of hardware) works in conjunction with the firewall (a piece of software) to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic, and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.

E-mail Communications

For your protection, we recommend that you do not e-mail account numbers, debit card numbers, passwords, or other critical financial information. We cannot guarantee the security of standard e-mail communication. Your account data at Henderson Federal Savings Bank is secured by state of the art technical equipment and in-house security policies.

Customer Service

If you have questions, contact us at 903-657-2577, and we will be happy to assist

ATM/Night Deposit Facility User Precautions

As with all financial transactions, please exercise discretion when using an ATM or night deposit facility. For your own safety, carefully consider the following suggestions.

Prepare for your transactions at home in order to minimize your time at the ATM or night deposit facility. For instance, have your deposit slip already completed.
Mark each transaction in your account record, but not while at the ATM or night deposit facility. Always save your ATM receipts. Don't leave them at the ATM or night deposit facility because they may contain important account information.
Compare your records with the account statements you receive.
Don't lend your ATM card to anyone.
Remember, do not leave your card at the ATM, and do not leave any personnel account information outside of the night deposit facility.
Protect the secrecy of your Personal Identification Number (PIN). Protect your ATM card as though it were cash. Don't tell anyone your PIN. Don't give anyone information regarding your ATM card or PIN over the telephone. Don't write your PIN where it can be discovered. For example, don't keep a note of your PIN in your wallet or purse.
Prevent others from seeing you enter your PIN by using your body to shield their view.
If you lose your ATM card or if it is stolen, promptly notify us. You should consult the other disclosures you have received about electronic fund transfers for additional information about what to do if your card is lost or stolen.
When you make a transaction, be aware of your surroundings. Look for suspicious activity near the ATM or night deposit facility, particularly if it is after sunset. At night, be sure that the facility (including the parking area and walkways) is well lighted. Consider having someone accompany you when you use the facility, especially after sunset.
Don't accept assistance from anyone you don't know when using an ATM or night deposit facility.
If you notice anything suspicious or if any problem arises after you have begun an ATM transaction, you may want to cancel the transaction, pocket your card, and leave. You might consider using another ATM or coming back later.
Don't display your cash; pocket it as soon as the ATM transaction is completed and count the cash later when you are in the safety of your own car, home, or other secure surrounding.
At a drive-up facility, make sure all the car doors are locked and all the windows are rolled up, except for the driver's window. Keep the engine running and remain alert to your surroundings.
We want the ATM and night deposit facility to be safe and convenient for you. Therefore, please tell us if you know of any problem with a facility. For instance, let us know if a light is not working or if there is any damage to a facility. Please report any suspicious activity or crimes to local law enforcement officials immediately.

Identity Theft

How Identity Theft Occurs

Skilled identity thieves use a variety of methods to gain access to your personal information. For example:

They get information from businesses or other institutions by.
stealing records from their employer,
bribing an employee who has access to these records, or
hacking into the organization’s computers.
They rummage through your trash, or the trash of businesses or dumps in a practice known as “dumpster diving.”
They obtain credit reports by abusing their employer’s authorized access to credit reports or by posing as a landlord, employer, or someone else who may have a legal right to the information.
They steal credit and debit card numbers as your card is processed by using a special information storage device in a practice known as “skimming.”
They steal wallets and purses containing identification and credit and bank cards.
They steal mail, including bank and credit card statements, pre-approved credit offers, new checks, or tax information.
They complete a “change of address form” to divert your mail to another location.
They steal personal information from your home.
They scam information from you by posing as a legitimate business person or government official.

Once identity thieves have your personal information, they may:

Go on spending sprees using your credit and debit card account numbers to buy “big-ticket” items like computers that they can easily sell.
Open a new credit card account, using your name, date of birth, and SSN. When they don’t pay the bills, the delinquent account is reported on your credit report.
Change the mailing address on your credit card account. The imposter then runs up charges on the account. Because the bills are being sent to the new address, it may take some time before you realize there’s a problem.
Take out auto loans in your name.
Establish phone or wireless service in your name.
Counterfeit checks or debit cards, and drain your bank account.
Open a bank account in your name and write bad checks on that account.
File for bankruptcy under your name to avoid paying debts they’ve incurred, or to avoid eviction.
Give your name to the police during an arrest. If they are released and don’t show up for their court date, an arrest warrant could be issued in your name.

If Your Identity’s Been Stolen

Even if you’ve been very careful about keeping your personal information to yourself, an identity thief can strike. If you suspect that your personal information has been used to commit fraud or theft, take the following four steps right away. Remember to follow up all calls in writing; send your letter by certified mail, return receipt requested, so you can document what the company received and when; and keep copies for your files.

1. Place a fraud alert on your credit reports and review your credit reports.

Call the toll-free fraud number of anyone of the three major credit bureaus to place a fraud alert on your credit report. This can help prevent an identity thief from opening additional accounts in your name. As soon as the credit bureau confirms your fraud alert, the other two credit bureaus will automatically be notified to place fraud alerts on your credit report, and all three reports will be sent to you free of charge.

Equifax — To report fraud, call:
1-800-525-6285, and write: P.O. Box 740241, Atlanta, GA 30374-0241
Experian — To report fraud, call:
1-888-EXPERIAN (397-3742), and write: P.O. Box 9532, Allen, TX 75013
TransUnion — To report fraud, call:
1-800-680-7289, and write: Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

Once you receive your reports, review them carefully. Look for inquiries you didn’t initiate, accounts you didn’t open, and unexplained debts on your true accounts. You also should check that information such as your SSN, address(es), name or initial, and employers are correct. Inaccuracies in this information also may be due to typographical errors. Nevertheless, whether the inaccuracies are due to fraud or error, you should notify the credit bureau as soon as possible by telephone and in writing. You should continue to check your reports periodically, especially in the first year after you’ve discovered the theft, to make sure no new fraudulent activity has occurred. The automated “one-call” fraud alert process only works for the initial placement of your fraud alert. Orders for additional credit reports or renewals of your fraud alerts must be made separately at each of the three major credit bureaus.

2. Close any accounts that have been tampered with or opened fraudulently.

Credit Accounts

Credit accounts include all accounts with banks, credit card companies and other lenders, and phone companies, utilities, ISPs, and other service providers. If you’re closing existing accounts and opening new ones, use new Personal Identification Numbers (PINs) and passwords. If there are fraudulent charges or debits, ask the company about the following forms for disputing those transactions:

For new unauthorized accounts, ask if the company accepts the ID Theft Affidavit (available at www.ftc.gov/bcp/edu/resources/forms/affidavit.pdf). If they don’t, ask the representative to send you the company’s fraud dispute forms.
For your existing accounts, ask the representative to send you the company’s fraud dispute forms.
If your ATM card has been lost, stolen or otherwise compromised, cancel the card as soon as you can. Get a new card with a new PIN.

Checks

If your checks have been stolen or misused, close the account and ask your bank to notify the appropriate check verification service. While no federal law limits your losses if someone steals your checks and forges your signature, state laws may protect you. Most states hold the bank responsible for losses from a forged check, but they also require you to take reasonable care of your account. For example, you may be held responsible for the forgery if you fail to notify the bank in a timely way that a check was lost or stolen. Contact your state banking or consumer protection agency for more information.

You also should contact these major check verification companies. Ask that retailers who use their databases not accept your checks.

TeleCheck — 1-800-710-9898 or 927-0188
Certegy, Inc. — 1-800-437-5120
Call SCAN (1-800-262-7771) to find out if the identity thief has been passing bad checks in your name.

3. File a report with your local police or the police in the community where the identity theft took place.

Keep a copy of the report. You may need it to validate your claims to creditors. If you can’t get a copy, at least get the report number.

4. File a complaint with the FTC.

By sharing your identity theft complaint with the FTC, you will provide important information that can help law enforcement officials track down identity thieves and stop them. The FTC also can refer victim complaints to other appropriate government agencies and companies for further action. The FTC enters the information you provide into their secure database.

To file a complaint or to learn more about the FTC’s Privacy Policy, visit https://www.ftccomplaintassistant.gov/.
If you don’t have access to the Internet, you can call the FTC’s Identity Theft Hotline: toll-free 1-877-IDTHEFT (438-4338).
For information on how to protect your Identity please click here for helpful suggestions provided by the Federal Trade commission.

Phishing

What is Phishing and Pharming?

Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.

Consumer Advice: How to Avoid Phishing Scams

To learn more about Spyware and how to protect against it click on the link below:

http://www.us-cert.gov/cas/tips/ST04-016.html

How to protect your computer

Please follow these links to learn more about how you can protect your computer from being compromised:

http://www.us-cert.gov/reading_room/before_you_plug_in.html
http://www.microsoft.com/athome/security/protect/default.mspx

Also check with your Anti-Virus vendor and be sure to always have the latest Virus definitions loaded on your computer.
To learn more about how important Henderson Federal Savings Bank thinks your information is click here to read our Privacy Policy.

Point of Sale Customer Guide

To enhance the security of the Point of Sale (POS) customer experience:

Check the Area around the POS Device

Scan the area briefly as you approach the cashier to ensure no electronic surveillance cameras are directed towards the POS device. Notify a manager if there are any suspicious looking individuals around. Avoid using the terminal if you feel unsafe or if it looks odd, such as having strange labels on it, or if it looks like it has been tampered with.
Avoid opening your purse, bag or wallet while in the queue – instead, have your card ready in your hand before you approach the POS.

Stay Focused During Transaction

Be especially cautious if strangers offer to help you complete the transaction, even if you are experiencing difficulty with it, never allowing anyone to distract you while you are at the POS. If the cashier or retail clerk offers to “help” you by entering your PIN or removing the card from your sight, kindly refuse the offer.
Ensure your handbag, wallet and/or possessions are secure if and when you are asked to sign the transaction slip.
Be on the look-out for individuals who might be watching you enter your PIN. If necessary, shield your PIN while it is being entered, obstructing potential unauthorized viewing of your PIN as it is entered by raising your hand for cover, or by positioning yourself such that it is difficult for others to see you enter your PIN.
Be aware of other customers standing too close to you or trying to observe your transaction. Check that other individuals in the queue keep an acceptable distance from you.
If there is a delay, time out, or if the transaction is cancelled, or aborted, and a second attempt is made to complete the transaction, make note of the date and location and check your monthly statement to ensure a double debit hasn’t occurred. You should only have to enter your PIN once for the transaction. If you notice unusual messages on the terminal screen, or are prompted to enter your PIN a second time, be sure to notify store personnel or the retailer’s customer service department before re-entering your PIN.
If you requested cash back on the POS transaction, make sure you have received the cash and check the amount on the transaction slip.
Never let your card out of your sight during a transaction and follow the merchant, retailer or waiter if they move away to another area to swipe your card.
Do not be in a hurry during the transaction, and carefully secure your card and/or cash in your wallet, handbag or pocket before leaving the counter. Don’t forget to take your card with you!

Protect your PIN, Card and Account

Do not be tricked into providing the three digit or four digit security codes that appear on the front or back of your card to anyone, not even to the bank, cashier or police, except in cases of card transactions on reputable internet websites with companies with whom you feel comfortable performing internet-based payments. These digits help prevent thieves from copying your card.
Do not give your card or PIN number to any stranger. Memorize your PIN (if you must write it down, do so in a disguised manner and never carry it with your card). Try not to use obvious and guessable numbers for your PIN like your date of birth. Please remember financial institutions do not use email, telephone or other means to ask you for your PIN.
If your card gets retained or lost, or if you are interfered with at a POS, report this immediately to the bank and/or police.
Keep your printed transaction record so that you can compare your POS receipts to your monthly statement.