Additionally, you will find valuable information regarding online security by clicking the following link: Homeland Security - Online Safety
How Gibraltar Private Bank & Trust Protects You While Banking Online
Gibraltar Private Bank & Trust Online Banking has implemented various layers of security features to help reduce the risks associated with Online Banking and to help protect your account information from unauthorized access.
These layers include:
All Online Banking data transmitted to us is encrypted. Encryption is the process of transforming information into an indiscernible coded message. When you click on “login”, we encrypt your Online Banking User ID and Password using Secure Sockets Layer (SSL) technology. This secure connection is established before your Online Banking User ID and Password are transmitted and maintained for the duration of your Online Banking session.
If you are using one of the following browsers; Microsoft IE 7.0 or higher, Firefox 3.0 or higher, or Safari 3.2 or higher, an EV (Extended Validation) SSL certificate will be active.
The EV SSL certificate will be evident as the browser will display https://, turn green, show a closed padlock and “Identified by VeriSign” (see below):
After your initial login, we require you to change your Online Banking Password before any transactions can be requested.
Password guessing is deterred with a lock-out feature. Our system will automatically lock-out a user when an incorrect Password is entered multiple consecutive times.
Online Banking sessions have a time-out limit requiring you to login again after a period of inactivity to prevent unauthorized access to your session.
Our Identity Verification Feature provides an additional layer of security by getting to know you and your typical and characteristic Online Banking behavior. If atypical behavior is detected you will be prompted to verify your identity by answering your established Challenge Questions.
Upon proper exit from Online Banking, an alert will be displayed requesting to close the webpage of the session you have logged out of.
Do not use the same password you have for social media or personal email with your online banking. Keep them separate.
Understanding the Risks
As your trusted financial partner, Gibraltar Private Bank & Trust is committed to the safekeeping of your confidential financial information. As part of this commitment we want to make you aware of current online threats and to provide you with valuable information to help identify and guard against them. Nothing can eliminate all of the risks; however, an informed and vigilant user is a key defense.
Phishing is a scam where Internet fraudsters request personal information (such as User IDs, PIN’s, Passwords and identifying information), from users online. These requests are most commonly in the form of an email from an organization with which you may or may not do business. Fraudulent emails such as these may look official, sometimes including the company logo. The email usually states that the company needs you to update your personal information or that your account is about to become inactive, all in an effort to get you to click on a site or divulge confidential information. No reputable business will ever email you requesting that you update your personal information, including account numbers, system passwords or Social Security Numbers via a link to their site.
Pharming is another scam where a hacker installs malicious code on a personal computer or server. This code then redirects clicks you make on a website to another fraudulent website without your consent or knowledge. To avoid pharming, follow these computer safety guidelines: Safety & Security Center. Also, be careful when entering financial information on a website. Look for the key or lock symbol at the bottom of the browser and / or URL. If the website looks different than when you last visited, be suspicious and don’t click unless you are absolutely certain the site is safe.
SMiShing or Vishing
There is a variant of traditional phishing scams that uses telephone calls, instead of email, to collect confidential information. Customers may receive an automated phone call or an email saying their account has been compromised and gives them a phone number to call to resolve the issue. When they call, they reach an automated answering program that asks them for confidential information to verify their account. Customers should never give confidential information in response to suspicious requests such as these.
Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used. It is usually integrated into or bundled with a legitimate program. It can be used to carry spyware or trojans.
Spyware is a type of malware that is typically secretly installed on computers and collects little bits of information at a time about users without their knowledge and can be difficult to detect. The software then relays this information to advertisers, marketing groups, and others for advertising or malicious purposes. Information that is commonly collected includes login IDs, Passwords, account information and computer files.
Spyware is usually installed without your knowledge when you download legitimate software. Sometimes the fine print of the license agreement includes information about the spyware component, but not always. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs.
Keylogging is a method by which fraudsters record your actual keystrokes and mouse clicks. Keyloggers are “trojan” software programs that target your computer’s operating system (Windows, Mac OS, etc.) and are “installed” via a virus. These can be particularly dangerous because the fraudster can capture your User ID and Password, account number, Social Security Number, “Secret Question” answers and anything else you have typed. If you happen to have the same User ID and Password for many different online accounts, you’ve essentially granted the fraudster access to any company with whom you do business.
Trojan horses are designed to allow a hacker/fraudster remote access to a target computer system. Once a trojan horse has been installed on a target computer system, it is possible for the hacker/fraudster to access it remotely and perform various operations. Operations that could be performed by a hacker/fraudster on a target computer system include:
- Use of the machine as part of a botnet (i.e. to perform spamming or to perform Distributed Denial-of-service (DDoS) attacks.)
- Confidential Data theft: User IDs, Passwords, account information.
- Installation of software, including other malware.
- Downloading or uploading of files.
- Modification or deletion of files.
- Keystroke logging.
- Viewing the user’s screen.
- Wasting computer storage space.
- Crashing the computer.
A virus is software capable of causing great harm to files or other programs on a computer. Viruses cannot spread from computer to computer on their own. They usually access new victims through infected email attachments. Some signs that may indicate your computer is infected with a virus include:
- It is operating much slower than normal or getting hung up.
- You suddenly start seeing pop-up advertisements.
- You see a new home page.
Online Banking Security Guidelines
- Properly exit from Gibraltar Private Bank & Trust Online Banking as soon as you finish your banking activities.
- Never walk away from your computer with your account information on the screen.
- While using a computer in public areas beware of “shoulder surfers” who may be trying to look over your shoulder to view your Password or account information.
- Monitor your account on a daily basis to detect any unusual activity immediately.
- Beware of fraudulent emails or websites known as “Phishing” or “Web Spoofing” schemes that appear to be from Gibraltar Private Bank & Trust or other legitimate sites
- Always go directly to Gibraltar Private Bank & Trust’s website by selecting “Client Login” or typing www.gibraltarprivate.com directly into the browser address bar.
- Know what your Financial Institution’s website looks like and what questions are asked to verify your identity. Some attacks, known as man-in-the-middle attacks, will change the login page.
- A vigilant user can sometimes spot these attacks by noticing slight modifications to the Bank’s standard page; extra security questions, poor grammar, misspellings, a fuzzy or older logo or a change to the location of each feature.
- Be suspicious of any email that asks for personal information, requests your authentication, or indicates a problem with your Gibraltar Private Bank & Trust online account.
- If you receive an email like this, DO NOT REPLY by email. Instead call Gibraltar Private Bank & Trust at (305) 476-1982 to notify us of the fraudulent email.
- Gibraltar Private Bank & Trust does not request personal or account information from clients via email or pop-up windows.
- Only use trustworthy computers. Shared public computers like those in airport lounges, internet cafes, public libraries, and hotel lobbies could be connected to keystroke loggers or infected with password-stealing viruses. Do not use them to access Online Banking or other websites containing confidential information about you.
Online Banking Password Guidelines
Your Online Banking Password is the key to your Online Banking account and your personal and financial information. Here are some tips to keeping your Password secure:
- Create a strong and unique Online Banking Password by making it as long and complex as possible with a combination of uppercase and lowercase letters, numbers, and symbols.
- Refrain from using predictable sequences of characters such as “1234” or “abcd”.
- Do not use words that can be found in a dictionary or information related to you such as your birth date, address, names of family members, etc.
- Disable any “AutoComplete” or similar features on any computer you use for Online Banking.
- Do not share your Online Banking PIN with anyone, including Gibraltar Private Bank & Trust employees.
- If you feel that your Online Banking ID and/or Password have been stolen or compromised, immediately change your PIN Online and notify Gibraltar Private Bank & Trust.
- Change your Password on a regular basis. We recommend changing your Password every 60-90 days.
- Do not use the same Password for other websites.
- Never email your Password or respond to an email request for your Password or other confidential information. Gibraltar Private Bank & Trust will never ask you to submit confidential information in an email.