MIDFLORIDA, What a Bank Should Be.

View All Branches

Locate a Branch/ATM

Geolocate ZipCode

Information for You

Security

Your security is important to us. We post scam alerts, safety tips and security notices so you can be on guard against similar activity that may lead to identity theft or fraud of your account.

Beware – Website Scam

Some customers have reported receiving an email or pop-up message while on MIDFLORIDA.com notifying them of a security breach and that their personal information has been compromised by a third party vendor. The notice goes on to say that you can get a free credit report by providing your credit card information. This is false and is a phishing scam and has been reported from multiple financial institutions. If you receive this email or pop-up, do not click on any of the links and report the scam to phishing@midflorida.com.

To minimize future attempts to defraud you online, it is advised that your computer have anti-virus and anti-spyware software installed and that updates to those programs be done diligently. And remember, MIDFLORIDA would never ask you to give personal account information without having you sign into a secure site.

Sample of Website Scam – January 7, 2013

About the Security of MIDFLORIDA.com

MIDFLORIDA’s web site is protected by several layers of security and employs a host of third party monitoring services to prevent the spread of online viruses to its visitors. However, viruses can be picked up from other sites and then the virus will present itself in a manner that is intended to dupe you into providing information. The best way to prevent this is to install anti-virus and anti-spyware on your computer and make routine software updates as they are offered.

View Other Scam Alerts

If you receive a suspicious email or discover a suspicious activity, please email Risk Management.

Safety Tips

Secure your mobile devices

  1. Lock your device with a personal identification number (PIN) or password
    This is how you can prevent unauthorized access. Also, configure your device to automatically lock after a certain period of time. Even after your device is password-protected, never leave it unattended in public—lost and stolen devices continue to be the number-one threat to mobile users.
  2. Only install applications (apps) from trusted sources
    • Shop at reputable app stores—Before downloading an app, research the app and its publishers. If you are an Android user, avoid installing non-market applications by de-selecting the “unknown sources” option in your device’s Applications Settings menu.
    • Check other users’ reviews and ratings to see if an application is safe.
    • Read the app’s privacy policy—Check to see how much of your data the app accesses and if it will share your information with third parties, if there is a privacy policy. For example, if a game application requests access to your address book, you should ask yourself why it would need that access. If you are at all suspicious or uncomfortable, don’t download the app.
  3. Keep your system updated
    Download software updates for your mobile device’s operating system when prompted. This way, you’ll always have the latest security updates and ensure that your device is always performing at an optimal level.
  4. Back up your data
    It is relatively easy to do, and many smartphones and tablets have the capability to backup data wirelessly, so you can quickly restore the information on your phone if the data is lost or accidentally deleted. And, if you lose your device, you will still be able to retrieve your information.
  5. Configure Bluetooth securely
    Many cell phone Bluetooth hands-free earpieces have a default pin of 0000. A hacker with a Bluetooth antenna can connect to your earpiece and eavesdrop on everything that you are saying. In fact, they can even transmit to it.
  6. Have control of your phone if it is ever lost
    Run an application that can be used to remotely lock, wipe the data, or disable your phone if it becomes lost, stolen or compromised.
  7. *Avoid keeping sensitive data on mobile devices
    Phones and tablets are much easier for a thief to acquire than desktops, and even laptops. If your device is stolen, all of the information you have saved on that device is now in someone else’s hands. Pictures and personal e-mails may be okay to save on your device, but financial records, personal information, important passwords, or sensitive e-mail messages are not.
  8. Don’t jailbreak or enable root access on your phone
    So much of a phone’s security is tied to code signing and software sandboxing that jailbreaking a phone—removing the digital-rights management that locks it to a certain carrier—means significantly weakening the security of the device.
  9. On public Wi-Fi, limit email, social networking and online shopping/banking
    Be careful what you do on public Wi-Fi networks, and in particular, use extra caution when shopping and mobile banking unless you’re confident you have a secure connection.

Back to the top

Create and use strong passwords

Creating passwords that are comprised of numerals and letters can help keep your password from being easily discovered. Choose a lengthy password that is difficult to guess by writing a sentence that you can easily remember. Then pick up the first letter of each word. For example: “Indiana Jones and the Temple of Doom released in 1984” could be IJatToDri84. This method allows you to come up with an easy-to-remember password that is hard to crack, and you avoid the need to write it down in order to remember it.

To avoid an easy-to-guess password, follow these tips:

  • Avoid using personal information such as your name, phone number, birthday, social security number, driver’s license number or similar information of family members.
  • Avoid common dictionary words in any language
  • Avoid sequential or repeated numbers or letters (12345, 888888, abcde)

Using these obvious passwords, even if you spell them backwards or add numbers to the beginning or end, will make it easy for a criminal to crack your password and steal your account information.

Your passwords are just as important as the information they protect. Don’t share your password with anyone and never provide your password over email or in response to an email request. If you must write your password down, keep it in a safe place. Use more than one password for different sites and change your password regularly.

Back to the top

Phishing – Just a pastime?

When you hear the word “phishing”, it sounds just like “fishing” but it’s anything but a relaxing pastime. Phishing has become a new way for thieves to fraud you of your account information and identity. Phishing usually entails an email that involves an account problem along with a doctored version of a legitimate business’s web site. This combination has often lured people into replying with personal information such as account numbers, passwords and user names. Once the thieves have your information they can access accounts or potentially use the information to steal your identity. Although the phisher-men are coming up with new ways to accomplish their fraud every day, the best way to protect yourself is to never give out personal information, especially debit card or credit card information or account numbers, by email or phone if you have not initiated the request. Should you receive a call or email like the ones outlined above, you should contact your local authorities immediately.

Back to the top

Vishing – a telephony problem…

Vishing mimics phishing by trying to trap you into revealing your account numbers. But instead of being asked to click on a link, you’re asked to call a telephone number. The number may appear to be local or even toll-free. Some “vishers” use random dialer programs to “cold call” victims. When the victim calls, they reach an automated system prompting them to enter their account details and credit card information for “security verification” purposes, which is then digitally transcribed onto the scammer’s computer. Once the information is gathered, it can be used to drain your account, max out your credit card or steal your identity.

New technology has enabled cheap and anonymous Internet calling making it more difficult to tell phish and vish from actual attempts to contact customers. Always be suspicious if someone contacts you and asks for your account information.

MIDFLORIDA will never contact you and ask for your account information. On occasion, if our card processor notices some transactions on your debit card or credit card that seem questionable, they will contact you to confirm the transactions are valid. In this instance, you will given a case number to refer to the incident. They will already have your card number on file and will not need to request that information from you.

If you receive a phone call asking you to enter your account number or card number, hang up and call the customer service number on the back of your credit card or account card. If there truly is a problem on your account, they will know about it. If you feel you have been a victim of vishing, contact your financial institution or credit card company immediately.

Back to the top

What is PassMark™?

Reducing the threat of online fraud and identity theft through phishing takes more than a password, it takes a PassMark™. With PassMark™, you choose an image and establish a phrase which gives you assurance that you are on our Web site before you input your password. Once you’ve set up your PassMark™, you’ll be shown your PassMark™ image and phrase before you are asked to input your password when you log in. You will never be asked to provide your PassMark™ phrase or image. It will simply be shown to you when you log in so you can be sure you are on the correct site.

Having PassMark™ won’t eliminate the need to have a password, but makes it so your password is more protected. Only when you see your PassMark™, which includes your image and phrase, will you know that you are safe to put in your password. Establishing a PassMark™ image and phrase is required for use of MIDFLORIDA’s online services.

Back to the top

Keep your personal information personal…

Don’t share your driver’s license number, social security number or account numbers over the phone, by mail or e-mail unless you have made a request to a company. Destroy receipts that have personal information listed on them. Your trash can be invaluable to someone interested in stealing your identity. Keep personal information in a safe place and shred documents with personal information on them when you are ready to dispose of your files.

Back to the top

Protect Your Information…

Create unique PIN numbers and passwords that aren’t comprised of information that a would-be fraud could locate such as your mother’s maiden name, your birth date, your phone number or a part of your social security number. Never give anyone your PIN or password by email or by phone unless you have initiated the request. Carry only identifying information routinely used like a credit card, your checkbook and your driver’s license with you. Carrying social security cards, voter registrations, etc. make it easier to set up faulty accounts should your wallet or purse be lost or stolen. Guard your mail to make sure all letters and statements are picked up promptly from your mailbox and that your outgoing mail is picked up by the Post Office. If you are mailing bills and cannot be home to ensure the postman picks up the mail, consider dropping it in a collection box instead.

Back to the top

What does anti-virus/anti-spyware software do?

Anti-virus and anti-spyware software scans files and/or your computer’s memory looking for potentially harmful files. Both viruses and spyware leave behind signatures, or fingerprints, and if found, the software will either ask you how to handle them or remove them automatically. New viruses and spyware are continually being released, so it is important that you update your anti-virus and anti-spyware programs constantly.

Once you have installed an anti-virus/anti-spyware package, you should scan your entire computer periodically. Some programs will allow you to set an automatic scan to perform every so often, for example every 2-3 days. It is also a good idea to manually scan files you receive from an outside source before opening them, such as email attachments, web downloads and CDs.

Back to the top

Which anti-virus/anti-spyware software should you use?

Installing any anti-virus/anti-spyware software increases your level of protection. Most anti-virus software offers excellent performance and blocks and/or removes nearly every virus it’s supposed to protect against. However, with anti-spyware software, some people recommend installing more than one application, with the strategy being one program will catch what another program misses. Be careful of email messages claiming to include anti-virus software. The attachment could be a virus itself hoping to trick you into opening it and infecting your computer.

Back to the top

What is a Firewall?

Firewalls provide protection against outside attackers by filtering the information coming through your computer’s internet connection, therefore preventing outsiders from accessing your computer. Basically, it blocks needless or malicious data, while allowing any necessary information to come through.

Firewalls are offered in two forms: hardware (external) and software (internal). While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type you use.

Hardware – Typically called network firewalls, this type of firewall is built into an external device located in between your computer and your internet connection (cable or DSL modem). For those who have multiple computers on a network, hardware-based firewalls are particularly useful.

Software – A software firewall is a program on your computer that monitors all internet traffic. Some operating systems include a built-in firewall; if yours does, consider enabling it to add another layer of protection even if you have an external firewall. When loading a software firewall onto your computer, it’s best to install from a CD, DVD, or floppy disk rather than from the Internet. The risks associated with downloading software from the Internet are too dangerous.

Back to the top

Know what’s going on with your accounts…

Watch your account information, and know your billing cycles. Leaving statements unopened can mean a fraud can go undetected for several months. If you notice that you have not received a credit card bill, call your credit card company to verify the statement has been sent and the address on file. Often, a change in address is the first means of stealing someone’s identity. Review copies of your credit report to verify that there is no suspicious activity on your accounts or against your name.

  • Equifax 800-685-1111
  • Experian 888-397-3742
  • Trans Union 800-888-4213

Back to the top

Log offline when you are done…

If there isn’t a good reason to remain online, disconnect from the network so you don’t leave yourself open to hackers.

Back to the top

Beware of strangers – online.

Although you may miss a funny e-mail or perhaps a message or two, it is best when reading e-mail to be selective about the e-mails you choose to open. If a stranger came to your door, you’d probably be apprehensive about opening it. It’s the same with e-mail. If you don’t recognize who the e-mail is from, it’s probably in your best interest to delete it.

Back to the top

What is Pharming?

While you may be familiar with phishing, pharming is actually one of the newest forms of Internet fraud and identity theft. Pharming is domain spoofing which means you can be redirected without realizing it to a Web page that looks like the page you were intending to reach. In reality the site is duped and intended for fraud, and you should be wary when traveling to sites, especially for shopping. Shopping sites with the VeriSign network offer an additional layer of authentication and can be more trusted than others.

Back to the top

Take the long way home

When you receive a special online offer, remember to type in the URL instead of clicking on a provided link. While this doesn’t prevent you from being sent to a malicious site, it can minimize your risk. Some malicious sites use similar characters in their URL that you might not notice if you were just clicking on a link.

Back to the top