Electronic Banking Safety Tips

Your safety is important to us and we would like to encourage you to keep the following tips in mind when using your card at an ATM:

• Be aware of your surroundings before conducting an ATM transaction. If you see someone or something suspicious, leave and come back later.
• When using a walk-up ATM, park as close as possible and check for suspicious persons or circumstances before leaving the safety of your car. Have your ATM card ready before you approach the machine.
• Do not leave your car running or the keys in the ignition while at the ATM. As you return to your vehicle, have your car keys ready and check around you and under your vehicle.
• If possible, have someone accompany you to the ATM. Use an ATM located in a highly trafficked area for additional security.
• Check the card reader to ensure it has not been tampered with.
• Use your body and hands to shield the screen or keypad when entering your Personal Identification Number (PIN).
• Do not count your money while at the ATM. Put your money, receipt and card away immediately and do not linger at the ATM. Always take your ATM receipt.
• Do not discard receipts for ATM transactions. Verify receipts against your monthly bank statement and report any discrepancies immediately.
• If you are followed after using an ATM, head to a place where activity, people and security can be found. Call the police if necessary.

Additional Precautions:

• Treat your ATM card like cash and ALWAYS keep it in a safe place.
• Keep your PIN a secret. Never write your PIN on your card, tell your code to anyone, or allow anyone to enter your PIN.
• Do not give out any information about your ATM card over the telephone. The Bank will never ask you for your PIN.

If your ATM card is lost/stolen or your PIN is compromised, report it immediately to the Bank by calling (657) 223-1000 between 9:00 AM - 5:00 PM and ask for the Client Services Department. You can also contact us 24 hours a day 7 days a week at (800)500-1044 to report lost or stolen cards.

From time to time, Infinity Bank may send you an email notice or an alert. However, we will never ask you to:

• Provide any personal or account information via email.
• Give us your Login ID or password via email.
• Send personal or account information via unsecure email. 

"Phishing"

Email fraud scams are commonly referred to as “phishing” or “spoofing.” In this type of scam, a consumer receives an email directing them to a fraudulent website. In most cases, the criminal has designed the website to closely resemble that of a legitimate organization, making it very difficult to detect that it is a bogus site. Criminals usually use this scam with businesses that are well known and that are normally considered trustworthy by consumers. In recent years, government agencies, financial institutions, auction sites, electronic payment services and other legitimate organizations have had their websites “spoofed.” The “spoofed” website will typically ask the consumer to verify or confirm personal and financial information and the criminal will then use the information obtained to commit fraud or other crimes. 

Safeguard Access with Strong Passwords

A “password attack” is a third party trying to gain unauthorized access to accounts by cracking a user’s password. This type of attack does not usually require any type of malicious code or software to run on the system. There is software that attackers use to try and crack your password, but this software is typically run on their own system.  As a point of reference, an attacker using a brute force password cracking program, can typically unlock a password with all lower-case letters in a matter of minutes. Strong passwords are really the only way to safeguard against password attacks.

Here are some suggestions for creating safer passwords:

• Create passwords that contain a combination of upper and lower-case letters, numbers, and special characters (@, #, &, %) if allowed.
• Ensure that your passwords are at least eight characters. The longer the better.
• Consider a passphrase; a combination of words separated by special characters. These are easier to remember, yet more resistant to cracking.

Avoid using:

• Account number
• Address or phone number
• Birth date or anniversary date
• Common words from the dictionary
• Social Security number 

Additional precautions:

• Do not share your password with anyone
• Use a unique password for each website
• Change your password at least twice a year

Access Secure Site for Infinity Bank

Never click on a link in an email that directs you to our website, you should always access Infinity Bank’s website by typing the correct website address, goinfinitybank.com, into your browser. Never provide any personal information in an email or website that you did not directly access.

Verify Your Banking Session is Secure

There are two indicators to verify that your session is secure. The first indicator is the https at the beginning of the web address. The “s” at the end of the http means all communications between your browser and the website are encrypted. The second indicator is the presence of a digital certificate displaying a padlock icon in the address bar to visually indicate that a https connection is in effect.  This indicator is commonly visible in Web browsers such as Internet Explorer, Firefox and Chrome (typically at the bottom of the screen).

Avoid using public computers (shared by many individuals) to pay your bills, check your account balance, or transact business. If you must use a public computer, remember to log out of any websites completely and log off the computer.

Additional information about Protecting Yourself Online

Electronic banking, including contactless cards, mobile or smartphone, are convenient and easy once you get set up. But it means taking special care about security to protect your money and your identity.  With the surge in mobile banking, there is an increasing risk of attack from cyber criminals. We want to help you protect your personal and financial information by offering these security tips specific to mobile banking:

• Before using a mobile device to connect with your bank from a public area, such as a coffee shop or an airport, always check to make sure that you are connecting using your cellular service and not an unsecured public Wi-Fi network.
• Make sure your banking app is legitimate. Only download mobile banking and payment apps from your bank's website or another reputable app marketplace.
• Don’t rely on carriers, recycling firms or phone deposit banks to “clean” your phone before disposal or resale to third parties. Follow your phone manufacturer’s instructions to remove all personal information from your phone before decommissioning it.
• We’ll send alerts for critical changes to your account, including changes to your address, email, phone number, Personal ID, passwords, PINs and other verification credentials. Take advantage of additional alert notifications we offer.
• If you use our banking app, it’s very important to notify us immediately if you lose your mobile device. Report it immediately by calling (657) 223-1000 and ask for the Client Services Department. That way, we can monitor your account for suspicious activity.

Please refer to the links below for more guidance on protecting your identity, personal and financial information and your money:

• https://www.consumerprotection.govt.nz/general-help/scamwatch/
• https://www.consumerfinance.gov/consumer-tools/fraud/
• www.staysafeonline.org