Safety & Security Center

ONLINE BANKING

Over the past decade, the threat and impact from cybercrime continues to rise. Scams and hacking techniques are more sophisticated, new threats are continually being developed and organized crime groups both in the United States and internationally have become a major force in expanding online fraud and theft. To help combat this, the Federal Financial Institutions Examination Council (FFIEC) has issued supervisory guidance designed to help make online transactions more secure in response to a growing online threat environment.

At Byline, we’re committed to ensuring that our online financial solutions have built-in security features which are continually enhanced to respond to evolving and emerging digital threats.

IMPORTANT INFORMATION FOR USERS OF OUR ONLINE SERVICES

BYLINE BANK AND YOUR LOGIN CREDENTIALS
As good neighbors, we care about protecting your privacy and data. So we want to make sure you know that we’ll never call, email or contact you to request your online banking

• Access ID
• Password
• Other logon credentials

If you receive such a request, do not provide any information over the phone, or via email. Instead, contact us immediately at (773) 244-7000 to report the incident.  If you notice any suspicious activity on your account(s) or have received a suspicious call, email, letter or other similar contact regarding your relationship to Byline Bank, please call Byline or contact your local branch for assistance, immediately.

PROTECT YOURSELF BY CONTROLLING ONLINE BANKING RISKS. 

Password Security Tips

• Protect your account. Don’t share your User ID or password with anyone. Make sure you safeguard your User ID and password information, and never leave it written down in an unsecured location.
• Change it up. Create a unique User ID and password for each site that you visit. Don’t use the same identifying information on multiple websites. In the case that one website were to be breached, it will make it harder for hackers to access your data. This also prevents you from having to update all of your credentials if one site is compromised.
• Strength in numbers (and characters). Create strong passwords that contain a mix of upper case letters, lower case letters, numbers, and special characters (!@#$%^&*). The longer the password the more secure your account and data will be.
• Change is good. Many websites force password changes every 30 or 60 days. If a website doesn’t do so, take the initiative and change your password on a regular basis.

Website Security Tips

• Monitor your account activity. Log in and view your online account activity on a regular basis and review periodic account statements to make sure they’re accurate, on a monthly or quarterly basis.
• Make sure you always log off from a website— don’t just close the page or “X” out.
• Secure websites have a web address that includes an “s” (https rather than http). If this is lacking, the site is not genuine. Don’t log in or conduct business on sites that may not be secure.

Computer / Network Security Tips

• Use your computer’s security monitoring software that includes anti-virus, anti-malware and firewall functions, and take advantage of security features like individual log-in accounts, when possible.
• Keep your computer’s system security up-to-date by applying patches and updates, whenever they become available.
• Always enable passwords on your computer, wireless router, or any other physical or wireless system.

PHISHING AND SOCIAL ENGINEERING

The term “phishing”—as in fishing for confidential information—is a scam that encompasses fraudulently obtaining and using an individual’s personal or financial information.  Bank accounts can be the target of thieves and fraudsters. Please be aware of common email phishing scams where the message appears to come from known and trusted sources, such as the Federal Deposit Insurance Corporation, the Internal Revenue Service, or the National Automated Clearing House Association (the ACH payment network). Some red flags that can help you to quickly identify a potential email phishing scam are:

1. Unusual Greeting: A phishing email may not refer to the email recipient by name or in a nonsensical manner “Client(s)”.
2. Sense of Urgency: An email that claims an urgent need to communicate with you for your own security, or a request to verify payment information immediately, using  compelling language that urges the recipient to take action.
3. Random Generation of Numbers: A phishing email may contain a random sequence of numbers, such as ACH Payment #38350555 canceled, that can also be inserted into the subject line or text of the email to make it appear as though it is a specific transaction ID or payment amount. That random number can also be inserted into the file name of the pdf.exe file or pdf.zip file, creating a sense of uniqueness and legitimacy.
4. Strange or Unfamiliar Links: The links may look official, but when the mouse cursor rolls over the link the link source code points to a completely different website which may contain malware as a pdf executable file or pdf zip. Never open attachments, click on links, or respond to emails from suspicious or unknown senders.
5. Fraudulent Use of Legitimate Business Logo, Website, Address, Phone: Fraudsters often insert actual identification references to a business into their phishing emails to make them appear legitimate.

Please be aware that bank accounts are at a heightened risk of such scams, and be sure to protect yourself by first trying to recognize fake messages, and by installing up-to-date virus protection software on your business computers. If in doubt, do not click on links presented in any message you think is suspicious, rather attempt to authenticate any requests via trusted communications channels such as calling a company representative.

At Byline, we take great care in safeguarding your personal and financial information. To better protect you, remember that we’ll never send an e-mail requesting your information or asking you to verify a request or transaction. 

Please contact us if you have any questions or concerns.

ATM SAFETY TIPS

Although crimes committed at or near ATMs remain low, t you should always use common sense to better protect yourself when using an ATM.

Look around the area first

Before using an ATM, survey the location. Avoid ATMs located in dark areas, that have obstructions blocking your view or the view of the public, or are in the vicinity of anyone or anything suspicious. If you’re already making a transaction and something suspicious happens, stop the transaction and leave the area.

Allow authorized entry only

If you use an ATM in a locked foyer or vestibule make sure the door closes and locks before you start your transaction. Don’t hold the door open for the person waiting behind you. Each person should have their own card to gain entry.

Drive-up safety

At the drive-up ATM, always be alert to the area around you. Keep your doors locked and the engine running. Open your window only when you are ready to make the transaction. If something or someone in the area looks suspicious, don’t stop at the ATM. If you have already started the transaction, stop it and drive away.

Minimize your time at the ATM

Be prepared to start your transaction when you approach the ATM. Use caution when counting your money. When you are finished, put your receipt, card, and money away as soon as possible.

Know what to do

If you’re followed after leaving an ATM, go quickly to a well populated, well-lit area. Report the incident to the police as soon as possible.

Your personal identification number (PIN) is confidential

Your PIN is confidential. Memorize it because your ATM/Debit card cannot function without it. Your PIN prevents anyone else from using your card. Don’t write your PIN on your card or store it with your card. Avoid using your birth date or Social Security number as your PIN. Never give your PIN to anyone. Stand directly in front of the ATM keyboard or number pad to block the view of others standing nearby when you are using your card at the ATM. Although your ATM/Debit card can be used only with the correct PIN, you should report a lost or stolen card to your financial institution at once.

Report missing cards at once!

Although your ATM/debit card can be used only with the correct PIN, you should report a lost or stolen card to your financial institution at once.

Save your receipts

Check your receipts against your monthly statement to reduce the chance of transaction fraud. Report any unauthorized transactions or irregularities to your financial institution.

By following these safety tips, you can help protect your personal safety and privacy every time you use an ATM to make a financial transaction.