Security

Consumers National Bank takes Cyber Security and the online security of our customers very seriously. As such, we wanted to inform you that The Federal Trade Commission (FTC) has released new cyber resources for small businesses, including non-profit and charity organizations. These resources, which cover topics such as ransomware, phishing, and email authentication, aim to help smaller organizations protect their network and information. I just wanted to take a moment to share these resources with you and your business so that you may be more prepared to deal with the fast paced world of Cyber Security.

The National Cyber Security and Communications Integration Center (NCCIC) encourages small businesses and consumers to review FTC's Cybersecurity Resources for Non-Profits article, FTC's Cybersecurity for Small Business web page, and NCCIC's Resources for Small and Midsize Businesses web page for more information.

Ensuring the security of your personal information online is a top priority for us.

Consumers National Bank will never request personal information by phone, e-mail, or text message including account numbers, personal identification information, passwords or any other confidential customer information.

Cyber threats target each age group differently. How you respond can make all the difference.

Cyber Safety for Baby Boomers: Protecting a Generation That's Earned Its Peace

Baby Boomers (born between 1945 and 1964) are increasingly connected through email, online banking, and social media. But with that connectivity comes risk. This generation is often targeted by cybercriminals due to a mix of trust in authority, unfamiliarity with evolving digital threats, and the management of significant financial assets.

Why Seniors Are at Risk

• May be less familiar with digital tools and scams
• Often managing retirement accounts and savings
• Vulnerable to emotional manipulation, isolation, or cognitive decline
• Embarrassment or fear May prevent reporting scams

Common Scams Targeting Baby Boomers

• Phone impersonation: Scammers pose as banks, government agencies, or distressed family members
• Romance scams: Exploit emotional trust to solicit money
• Phishing attacks: Urgent emails or texts demanding action
• Voice cloning: Mimics loved ones to request financial help

Safe Habits to Adopt

• Let unknown calls go to voicemail
• Never send money or personal info unless you initiated and verified the contact
• Use bookmarks for trusted websites
• Ask a trusted family member to help review financial accounts or suspicious messages

How Younger Generations Can Help

• Set up call blocking and privacy settings
• Offer regular tech check-ins
• Reassure seniors that asking for help is okay and falling for a scam isn’t their fault

Secure Your Circle: Cyber Safety Tips for Gen X & Millennials

If you were born between 1965 and 1999, chances are you're juggling work, kids, finances, and aging parents-all while staying connected through smart devices, cloud tools, and social media. You're the go-to tech support for your family but in the rush of daily life, cybersecurity basics can slip through the cracks.

Why this group is at risk

With broad digital footprints and multiple responsibilities, this group is exposed to a wide range of online threats. Their roles as family decision-makers and informal IT support mean that a single compromised account or device can ripple across households and workplaces.

Common Threats to Watch Out For

• Phishing emails disguised as invoices, work requests, or school notifications
• Credential harvesting via fake login pages and data breaches
• Tech support scams using pop-ups or misleading search results
• Sextortion scams threatening to release compromising content

Smart Cyber Habits to Adopt

• Use a password manager and enable multi-factor authentication (MFA) on all accounts
• Be cautious of urgent message—verify before clicking or responding
• Back up important files and photos regularly
• Lock devices with strong passcodes and enable location tracking

How Other Generations Can Help

• Children: Ask simple questions like “How do you know that message is real?” to spark reflection
• Teens & Young Adults: Share trending scam alerts and help spot fake accounts or sketchy memes
• Older Adults: Encourage offline time, mental clarity, and caution with unsolicited calls or offers

Think Before You Tap: Cyber Safety for Teens & Young Adults

Born between 2000 & 2012 (Ages 13—25)
This generation is social-first, mobile-centric, and grew up with smartphones, social media, and instant access to everything. While often tech-savvy, they can be risk-tolerant, making them prime targets for online threats.

Why Teens & Young Adults Are Vulnerable

Hyper-connected and constantly online, many young people prioritize convenience and social interaction over privacy and security. Their limited financial experience makes them susceptible to scams disguised as job offers, scholarships, or easy money. Peer pressure and digital identity also influence risky behavior.

Common Threats to Watch Out For

• Fake profiles & romantic manipulation used for social engineering
• Sextortion & blackmail involving shared personal images
• Phishing links in DMs, group chats, or fake giveaways
• Account takeovers from weak or reused passwords

How Other Generations Can Support

• Parents & Adults: Offer judgment-free guidance and share personal online lessons. Frame check-ins as support, not surveillance.
• Seniors: Share wisdom about trust, risk, and reputation. Reinforce the value of privacy.
• Younger Siblings: Ask questions, observe, and help spot risks. Curiosity can spark teachable moments.

Staying Safe Online: A Guide for Kids (Ages 5—12)

In today’s digital world, children are growing up surrounded by tablets, streaming services, and online games. While this tech-savvy generation is quick to adapt, they’re still developing the critical thinking skills needed to navigate online risks. That’s why it’s essential to build safe habits early.

Why Kids Are at Risk

Children born between 2013—2020 are digital natives. They’re most active on platforms like YouTube, Minecraft, and Roblox but their curiosity and trust can make them vulnerable to:

• Impersonators pretending to be gaming friends or influencers
• Messages offering fake in-game rewards that link to harmful content
• Predators seeking personal information or photos
• Apps that collect excessive personal data

Smart Habits for Safer Surfing

Help your child stay safe by encouraging these behaviors:

• Only chat or play with people approved by a parent or guardian
• Speak up if something online feels uncomfortable or scary
• Avoid sharing real names, school names, or locations in usernames
• Stick to kid-friendly platforms with parental controls turned on

How Families Can Support

Cybersecurity is a team effort. Here’s how different generations can help:

• Parents: Set parental controls, monitor screen time, and co-use devices
• Teens: Help configure apps securely and model positive digital behavior
• Grandparents: Encourage offline hobbies, read stories, and play educational games together

Our online banking product requires that you only use an internet browser that supports 128-bit encryption. You may "test" your browsers ability to meet these requirement at www.fortify.net/sslcheck.html.

There are numerous scams presented daily to consumers so you must always exercise caution when it comes to your personal and financial information. The following tips may help prevent you from becoming a fraud victim.

• Be aware of incoming e-mail or text messages that ask you to click on a link because the link may install malware that allows thieves to spy on your computer and gain access to your information.
• Be suspicious of any e-mail or phone requests to update or verify your personal information because a legitimate organization would not solicit updates in an unsecured manner for information it already has.
• Confirm a message is legitimate by contacting the sender (it is best to look up the sender’s contact information yourself instead of using contact information in the message);
• Assume any offer that seems too good to be true, is probably a fraud.
• Be on guard against fraudulent checks, cashier’s checks, money orders, or electronic fund transfers sent to you by unknown sources or with requests for you to wire back part of the money.
• Be wary of unsolicited offers that require you to act fast.
• Check your security settings on social network sites. Make sure they block out people who you don’t want to see your page.
• Be leery of any offers that pressure you to send funds quickly by wire transfer or involve another party who insists on secrecy; and
• Beware of Disaster-Related Financial Scams. Con artists take advantage of people after catastrophic events by claiming to be from legitimate charitable organizations when, in fact, they are attempting to steal money or valuable personal information.

Warning Signs of Fraud or Scams

• You are asked to wire money or send a prepaid money or gift card to a stranger.
• You have won a contest that you have never heard of or entered.
• You are pressured to “act now!”
• You must pay a fee to receive your “prize.”
• Your personal information is requested. 
• You are asked to provide your online banking credentials so that your funds can be “mobile deposited” on your behalf.
• A large down payment is requested.
• The company refuses to provide any information in writing.
• You are asked to keep conversations a secret. You are guaranteed to make money.

If you think you are a victim of a fraud or scam, contact your state, local, or federal consumer protection agency.

Also, a local law enforcement officer may be able to provide advice and assistance. By promptly reporting fraud, you improve your chances of recovering what you have lost and you help law enforcement. The agency you contact first may take action directly or refer you to another agency better positioned to protect you.

Violations of federal laws should be reported to the federal agency responsible for enforcement. Consumer complaints are used to document patterns of abuse, allowing the agency to take action against a company.

People who have no intention of delivering what is sold, who misrepresent items, send counterfeit goods or otherwise try to trick you out of your money are committing fraud. If you suspect fraud, there are some additional steps to take.

• Contact the Federal Trade Commission. The FTC enters Internet, telemarketing, identity theft and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
• If the fraud involved mail or an interstate delivery service, contact the U.S. Postal Inspection Service (https://postalinspectors.uspis.gov/). It is illegal to use the mail to misrepresent or steal money.

FDIC Consumer Protection  http://www.fdic.gov/consumers/

Consumer Action: Complaints  https://www.usa.gov/consumer-complaints#item-212527

US Department of Homeland https://www.cisa.gov/audiences/individuals-and-families

Ohio Attorney General   https://www.ohioattorneygeneral.gov/Individuals-and-Families/Tipster

Protecting Your Business: Start With Security https://www.ftc.gov/news-events/audio-video/business

Federal Communication Commission - Business Cyber-planner:  http://www.fcc.gov/cyberplanner

Consumer Information: Identity Theft https://www.consumer.ftc.gov/features/feature-0014-identity-theft

Federal Trade Commission: Identity Theft by Mobile Phone https://consumer.ftc.gov/unwanted-calls-emails-and-texts/unwanted-emails-texts-and-mail

Federal Trade Commission: Tips for Using Public WiFi Networks https://www.consumer.ftc.gov/articles/0014-tips-using-public-wi-fi-networks

Identity Theft/Phishing/Pharming/Email Scams

Phishing attacks use both social engineering and technical activity to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Pharming schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware.

To protect yourself against these typical online risks:

• If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message, either. Legitimate companies don't ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address yourself. In any case, don't cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different site.
• Use anti-virus software and a firewall and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
• Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.
• A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It's especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software "patches" to close holes in the system that hackers or phishers could exploit.
• Don't email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
• Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
• Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

If you believe you've been scammed, file your complaint at www.ftc.gov, and then visit the FTC's Identity Theft website. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk.

If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See www.annualcreditreport.com for details on ordering a free annual credit report.

Online Banking Security

You can help protect yourself by taking the following actions to stay safe and secure your information:

• Be aware of suspicious emails asking for your personal information.
• NEVER provide any personal information such as Social Security number, Account number phone or the Internet if you did not initiate the contact.
• NEVER share usernames or passwords with ANYONE
• Do not use personal information as your Username or Passwords.
• Create hard-to-guess passwords that include upper- & lower-case letters, number and special characters.
• Change your passwords frequently and do not re-use the same passwords.
• Always sign out or log off your online banking sessions.
• Avoid using public computers and Wi-Fi to access your online banking accounts.
• Ensure your computer has the most recent Anti-Virus software and is being updated daily.
• Ensure your computer or mobile device have the latest software version.

Mobile Banking Safety Tips

Managing your finances using a smartphone or tablet can be very convenient.  However, you should consider these safety tips to protect your account information:

• Be proactive in protecting your smartphone and/or tablet by installing anti-malware software on the device.
• Research any application (app) before you download it. Fraudulent apps are often designed with names that look like real apps. It’s best if you access an app using a link from the provider’s website.
• Create a strong password or PIN for your mobile app and your device.
  • Use at least eight characters
  • Do not use your username, real name or company name
  • Do not use a complete word
  • Make it significantly different from previous passwords
  • Use a character from each of the following categories (some apps may limit symbols)
    • Uppercase letters
    • Lowercase letters
    • Numbers
  • Use an auto-lock or time-out feature so your device will lock when it is left unused for a certain period of time.
  • Do Not share your username or password with anyone.
  • Upgrade your device to the latest operating system version.
  • Do not jailbreak or root your mobile device. Doing so exposes the security controls and makes your device vulnerable to cyber-attacks.
  • Check your account history periodically to make sure there are no fraudulent transactions.
  • Take precautions in case your device is lost or stolen, before your device is lost or stolen.  Avoid leaving your device unattended in public places.
  • Consult your wireless provider to see if they provide a service to remotely erase your device or turn off access to your device and/or account in the event your device is lost or stolen.
  • Always conduct your transactions in a safe environment. Use your cellular service or your own internet provider rather than unsecured/public Wi-Fi networks like those offered at coffee shops. 
  • Don’t send account numbers or PIN in emails or text messages, because those methods are not necessarily secure.

Commercial Banking Online Security

In addition to the information provided regarding “Online Banking Security”, Commercial & Small Business account holders should institute additional measures in order to further protect their online banking information.

• Perform your own annual internal risk assessment & evaluation on all online accounts.
• Establish internal policies regarding employee internet usage.
• Educate your employees on the risks.
• Establish proper user account controls, Do Not share accounts or passwords.
• Review all transactions.
• Ensure all company computers are equipped with up-to-date antivirus protection software and virus definitions are being updated daily.

Customers can request one free copy of his or her credit report every year. Reviewing your credit report can help you find out if someone has opened unauthorized financial accounts, or taken out unauthorized loans, in your name. To order, visit annualcreditreport.com or call 1-877-322-8228.

Experian
P. O. Box 2002, Allen, TX 75013 
Tel: 888-397-3742

Experian is the largest of the three credit bureaus. When ordering your credit report, you might be asked to provide the following information: First, middle and last name; current address; previous addresses for the past five years; social security number, date of birth; spouse's name. If you are not entitled to a free credit report, you will need to pay them the applicable fee.

Equifax
P. O. Box 740241, Atlanta, GA 30374 
Tel: 800-685-1111

When ordering your credit report, you might be asked to provide the following information: Full legal name, address, social security number, most recent former address. If you are not entitled to a free credit report, you will need to pay them the applicable fee.

Trans Union
P. O. Box 1000, Chester, PA 19022 
Tel: 800-888-4213

When ordering your credit report, you might be asked to provide the following information: First, middle and last name; current address; previous addresses for past two years; social security number, date of birth; current employer; phone number. If you are not entitled to a free credit report, you will need to pay them the applicable fee.

You can learn other ways to avoid email scams and deal with deceptive spam at www.ftc.gov/spam.

A computer virus passes from computer to computer like a biological virus passes from person to person. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Most viruses are a nuisance, but some are quite dangerous.

A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quickly. For example, the Code Red worm replicated itself over 250,000 times in approximately nine hours on July 19, 2001. A worm usually exploits some sort of security hole in a piece of software or the operating system.

Your best protection from acquiring a computer virus or a computer worm is to use a personal firewall, updated anti-virus software, and monitor emails and web surfing activity of people using your computer.