1. Protect access credentials
Never give out Internet Banking logins or passwords, or other authorization credentials. If you receive an e-mail, phone call, or text message claiming to be from Heritage Bank, asking for your credentials, it is likely a “phishing” attempt. DO NOT respond to it. Report it to your local Heritage Bank branch immediately.
2. Increase your internal controls
Implement dual custody on all online payment services (ACH, wire transfer, payroll) and self-administration services; reconcile accounts daily to detect suspicious activity; update antivirus and antispyware software and firewalls regularly.
3. Educate your employees
Instruct your employees never to give out the credentials they use to access your online banking systems or accounts. Repeat this message often so it remains top of mind.
Remind your employees of the following:
- Do not click on links purporting to be antivirus or anti-malware software.
- Do not download files from peer-to-peer sources or other unknown sources.
4. Know your employees
Perform a credit check and a background check on all new employees who have access to your accounts, account records, or cash. Call at least three references to verify information.
5. Keep authorizations up to date
When an authorized signatory or approver on your accounts leaves your company, notify your Heritage Bank branch location immediately to have that employee’s name removed from all authorizations. Conduct an annual audit of all your bank signature cards, Internet Banking agreements, access codes, and other authorizations to ensure they are current.
6. Know your vendors
Require all changes to vendor payment account numbers to be made in writing on the vendor’s letterhead and verified with a call to the vendor’s telephone number in your files.