Security Center

Keeping Your Identity Safe

State Savings Bank is and will always be a relationship-based financial institution that serves its customers with safety. We will never, under any circumstances, ask you to verify any personal or account information over the internet or via email. There are several email scams where websites appear to be legitimate bank website that may expose you to malware and could lead to a compromise of your personal information.

Always err on the side of caution when opening an unsolicited email. Please be cautious if ever asked to reveal or confirm personal information online or if asked to go to a website that you believe isn’t associated with State Savings Bank.

If you have any questions regarding an email you have received, please contact us at 641-227-3161 and we will verify that it was sent from a State Savings Bank employee.

Protect Your Identity

Download an easy-to-understand newsletter Identity Theft — Protecting Yourself

Never provide your personal information in response to an unsolicited request, whether it is over the phone or on the Internet. Emails and Internet pages created by phishers may look exactly like the real thing.  They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, do not provide any information.

If you are unsure whether a contact is legitimate, contact the financial institution using a phone number that is in the phone book, on a monthly statement or on their website. You should be the one to initiate the contact, using information you have verified for yourself.

Never provide your account information and/or password or PIN over the phone in response to an unsolicited Internet request. You will never be asked to verify account information or passwords/PIN online by the financial institution. Thieves armed with that information and your account number can help themselves to your money.

Review account statements regularly to ensure all transactions are correct. If your account statements is late in arriving or does not arrive, call your financial institution to find out why. Check your account activity online regularly to catch suspicious activity early.

Don’t carry your Social Security card or other cards that show your SSIN in your wallet. Only provide your SSN when absolutely necessary-for tax forms, employment, student records, stock and property transactions, etc.

Don’t leave sensitive documents containing personal information where people can see it. Shred or destroy papers containing your personal information, including pre-approved credit card offers and bank statements you no longer need.

Retrieve your postal mail promptly, and discontinue delivery while you’re out of town. Whenever possible, mail bills from your post office, not your mail box. Stop or reduce junk mail or unsolicited credit card offers by visiting the National Credit Bureau’s opt-out website or call them at 888.567.8688.

Open your credit card bills and bank statements right away. Check carefully for any unauthorized charges or withdrawals and report them immediately. Call if bills don’t arrive on time-it may mean that someone has changed contact information to hide fraudulent charges.

Review your credit report at least once a year to check for changed addresses and fraudulent charges. Go to the Federal Trade Commission’s authorized website (https://www.annualcreditreport.com/index.action) for your free credit report.

If You Fall Victim

1. Place a fraud alert on your credit reports, and review your credit reports.

Transunion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, PO Box 6790, Fullterton, CA 92834-6790.

Equifax: 1-800-525-6285; www.equifax.com; PO Box 740241, Atlanta, GA 30374-0241

Experian: 1-888-EXPERIAN (397-3742); www.experian.com; PO Box 9554, Allen, TX 75013

2. Close the accounts that you believe or know have been associated with fraudulent activity.
3. File a complaint with the Federal Trade Commission’s Identity Theft Hotline.  They can be reached at 1.877.IDTHEFT (438-4338); or online at http://www.consumer.ftc.gov/features/feature-0014-identity-theft.
4. File a police report with local law enforcement or in the community where the identity theft took place.

Protecting Your Computer

• Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information.  Software firewalls are widely recommended for single computers.  The software is prepackaged on some operating systems or can be purchased for individual computers.  For multiple networked computers, hardware routers typically provide firewall protection.
• Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
• Install or Update Your Antispyware Technology: Spyware is just what it sounds like-software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware-in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries-shop where you trust.
• Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
• Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software.Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
• Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection-be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.

Before you get rid of an old computer, destroy the information on the hard drive. Often that means destroying the drive itself because erasing data doesn’t completely eliminate it or use software tools that will completely wipe data from the hard drive.

Secure Online Shopping

1. Use unique passwords for storefront logins (Amazon, Target, ebay, etc). If your password is compromised from a news site, email service or blog the first thing attackers do is try the compromised login information on sites like Amazon, ebay, and Paypal. Making sure you use unique login information for various sites can help keep you secure.
2. Emails can be easily spoofed to appear to be from major sites. Strategy: If you see an item in your inbox that is “on sale” or you find a posting on a third party site; always go to the company’s homepage and search for the item yourself to ensure you are not clicking on malicious links.
3. All legitimate online storefronts use HTTPS login and require CVC codes at checkout.  If the site you are making a purchase on does not use both of these methods we advise making your purchase elsewhere.
4. The most important thing to remember is to trust your instincts. If the price appears too good to be true or the company is one you have not heard of and cannot easily find information on most likely it is a company you want to avoid.

Password Tips

A good password is:

• Private: it is used and known by one person only;
• Secret: it does not appear in clear text in any file or program or on a piece of paper;
• Easily remember: so there is no need to write it down;
• At least 8 characters long: the longer the password the tougher it is to guess or crack;
• A mixture: of at least 3 of the following: upper case letters, lower case letters, digits and symbols;
• Not listed in the dictionary: this includes any major language;

Here are some hints to help you choose good passwords:

• Use a long passphrase like the sentence “My dog is brown and white!” or “It’s 5’clock somewhere!”  Passphrases are easy to remember, therefor don’t need to be written down and are difficult for someone else to guess. And because they are grammatically correct they are very easy and quick to type.
• Substitute numbers or symbols for letters in a password, for example: Pa$$w0rd. This makes dictionary attacks more difficult.

Here are some guidelines to avoid a guessable password:

• Don’t use your login name in any form (as-is, reversed, capitalized, doubled, etc…)
• Don’t use in any form your first or last name and more generally any information easily obtained about you. This includes address, phone number, names of close relatives, etc..
• Don’t use a word contained in any dictionary, spelling list or other lists of words (acronyms, sequences of letters like ‘abcdef’, place names, car names, cartoon heroes, etc…

Secure Email Message Center

State Savings Bank is committed to keeping your sensitive information safe to help prevent fraud and identity theft. To protect your sensitive information from unauthorized view, we have implemented Secure Email, a security feature that encrypts emails containing sensitive information such as social security numbers, date of birth, and account numbers.

How Does Secure Email Work?

1. When State Savings Bank sends you an encrypted email message, you will receive an email notification that informs you that you have a message being held at our secure email message center.
2. Within the email notification, there will be a link to connect you to our secure email message center. Once connected, you will be prompted to create your Secure Email account.
3. Follow the instructions for first-time users. Enter your email address for the User Name and create a Password that you will use each time you log in to Secure Email.
4. Once you have successfully logged in to your account, you are able to read your secure email, save it to your computer, or send a secure reply message back to State Savings Bank.

To Report Your Debit Card Lost or Stolen

During business hours (Mon-Thur 8am-5pm, Fri 8am-5:30pm and Sat 8am-12pm) call 641-227-3161 or 515-457-9533.

After business hours call 1-800-383-8000.