Taking a Personal Interest in You and Your Business

Fighting Fraud

Security Bulletin: Heartbleed Bug
Fraud Prevention Services
How You Can Protect Your Business from Internet Fraudsters
1st Enterprise Bank Security Bulletins

Security Bulletin: Heartbleed Bug

What is the Heartbleed Bug?
Heartbleed is a flaw in the programming on secure websites that could put your personal information at risk, including passwords, credit card information and e-mails. The Heartbleed Bug is a defect in encryption technology – called Open SSL – used by most Web servers to secure users’ personal or financial information. It is behind many secure “https” sites that collect personal or financial information. Basically, it provides a secure connection when you are conducting a transaction or sending an e-mail online. Experts discovered the bug recently and warned that cybercriminals could exploit it to access visitors' personal data or to impersonate a website and collect even more information.

Am I affected?
Most active users of the Internet have likely been exposed, since a majority of websites – including Facebook, retail and even government sites – use the Open SSL software. But it is unknown whether any criminals have actually exploited the bug, and several major sites, like Amazon, have already installed patches. Most sites with an address beginning with “https” are vulnerable until the website operator fixes the bug and users change their passwords.

Is my bank account safe?
Yes. 1st Enterprise Bank continually monitors incoming and outgoing transactions and maintains up-to-date, state-of-the-art security software to assist in detecting programming flaws similar to Heartbleed. However, you must immediately alert us if you suspect any unusual activity.

What can I do?
As always, it is a good idea to change your online banking password every few months. Also, monitor your account regularly and report suspicious transactions immediately. Beware of phishing scams – or e-mails with malicious links – that will attempt to get additional sensitive information from you.

What is 1st Enterprise Bank doing?
Our research indicates that the security currently in place protects the information you input to the Bank’s website(s), however because this vulnerability could be prevalent globally, it’s advised that you have a unique password setup for banking activities and recommend you change it regularly. A common password among multiple websites, including eBanking sites, presents a security risk to your confidential information since credentials compromised on a non-banking related site could lead to your credentials for banking activities being compromised as well.

Back to top

Fraud Prevention Services

1st Enterprise Bank is your partner in fighting fraud and the international thieves who are always looking for weaknesses they may be able to exploit. We offer the following solutions:

Positive Pay
You send us a list of the checks you issue on your 1st Enterprise Bank accounts and we will compare the checks presented for payment against your list. If a check is presented that doesn’t match the information you have sent us, you will be notified and given an opportunity to review the check and decide to have us pay or return it. As checks are paid, the information is dropped off the list so that duplicate checks will be paid only once.

ACH Blocks
Automated Clearing House (ACH) transactions are electronic, paperless debits or credits to your accounts. We can block electronic debits to your funds, except transactions from originators you have previously authorized, such as payroll services or tax payment services. When a transaction is blocked, you will be notified and given the opportunity to approve each debit.

Check Signature Review
Most financial institutions allow check transactions to be debited from your account without ever examining the check. 1st Enterprise Bank still looks at an image of every check presented for payment prior to allowing your funds to be debited. We even call to confirm checks presented for an amount agreed upon by you and us.

Encrypted Email Statement Delivery
One of the easiest ways for a fraudster to gain information about your financial affairs is to steal your bank statement right out of your mailbox. At 1st Enterprise Bank, your account statements, including paid check images, can be sent to you using the safety of encrypted email. The statements are sent on the first working day of the month.

Internet Banking Access via Secure Token
If you use Internet banking to pay bills electronically, initiate wire transfers, or process ACH transactions, 1st Enterprise Bank provides an additional level of security and safety for your funds. We issue you a device that changes your password every 60 seconds. That way, if your password is compromised by a computer virus or other means, it’s only good for 60 seconds from the instant you used it. If a fraudster gets your password, there is little chance he will be able to gain access fast enough to do any harm.

Wire Transfer Confirmation
At 1st Enterprise Bank, personal attention to your transactions is a high priority. That’s why we will call you any time a wire transfer request is received through Internet banking, fax or telephone. It’s just another way we take the extra steps necessary to protect your funds.

To get started with any of these services, contact your Relationship Manager or call the Operations Department at 213-430-7000.

Back to top

How You Can Protect Your Business from Internet Fraudsters

The Best Way to Protect Against Internet Fraudsters
Internet fraudsters have gone worldwide. Hackers from China, Russia, Korea, and Africa are using sophisticated methods of compromising computer workstations that are connected to the Internet for purposes of sending and receiving emails. Virus protection software updates always lag days or weeks behind the introduction of a new virus.

We recommend that our Internet banking customers dedicate a single workstation to connect with our Business Internet Banking, Personal eBanking and Remote Business Deposit services. This dedicated workstation should be configured to be restricted to accessing the www.1stenterprisebank.com website only. Access to other website addresses, especially those with email viewing capabilities, should be blocked.

By following this recommendation, fraudsters will not be able to introduce a virus into your workstation that could lead to the discovery of your user name and password.

For help in setting up a dedicated workstation, please contact us at 213-430-7000. We will gladly send a computer technician to your office to assist you in the configuration process.

Back to top

1st Enterprise Bank Security Bulletins

The following security bulletins have been designed to assist in fraud prevention by providing additional information regarding current trends in malware, social engineering or other schemes designed to perpetrate fraud, as well as information reinforcing security "best practice" guidelines.

Although our goal is to provide you with this helpful information, we also encourage you and your I.T. staff to be proactive in maintaining an awareness of both emerging and common security threats and taking steps to prevent those threats in your environment.

New Security Login Enhancements to Internet Banking Coming Your Way
Volume 2, Issue 1
Wire Fraud, Identity Theft and Check Protection: Risks and Prevention for You and Your Business
Volume 1, Issue 3
Vishing (and 'SMiShing') Countermeasures
Volume 1, Issue 2
Your Account Security, Our Priority
Volume 1, Issue 1

Copyright 2011, 1st Enterprise Bank, Inc. All rights reserved.