Recent news about the OpenSSL Software Vulnerability called “Heartbleed”
Information regarding a critical OpenSSL software vulnerability called “Heartbleed,” was recently released. OpenSSL (open source implementation of the SSL or TLS protocols) is basically a secure method of sending encrypted data between servers. (Example: When you purchase a product online, the payment information i.e. debit/credit/prepaid card or checking account information, etc, is sent via a secure connection to the company’s payment processor to valid the information. The payment processor then returns validation information back to the company in order to complete the transaction). The passing of the account information, passwords, payment information or other sensitive information takes place using OpenSSL software.
The recently identified bug is a coding error in the OpenSSL library for certain versions of the software. At FSB, we are committed to protecting your personal and financial information; it is one of our top concerns 24/7. Therefore, we have been in correspondence with all of our system vendors and processors (Internet Banking, debit cards, credit cards, etc.) to determine if the vulnerability could have affected any of our systems. We have no indications the “Heartbeat” vulnerability has affected any of our systems, because any of our systems using OpenSSL software run on versions that are not susceptible to the bug.
Even though we have no indications of a compromise, precautions you should consider include:
- Change your passwords for all the sites you visit: Change your password within the next couple of days and then change your password again within a month. The reason for the separation between changing your password is because several sites will be fixing the vulnerable within the next few weeks.
- Make your passwords strong by using numbers, capital letter and special characters (&,*,(,#, etc…)
- Be on the lookout for phishing sites: Phishing is typically a fake website or email spoof where the site or email appears almost identical to the legitimate website or email from the company. The purpose is for hackers to gather sensitive information, such as usernames, passwords, debit/credit card number(s) and any personal information. Before entering any information, please carefully examine the page to ensure the logo appears authenticate and the verbiage on the screen makes sense. Also never click on a suspicious link contained within an email.
- Make sure your antivirus and malware programs are update: Ensure your antivirus and malware software programs are turned on and up to date in order to get the best protection.
If you have any questions, please feel free to contact us.
Windows XP Users Please Read
As of April 8th, Microsoft will stop supporting security updates for the Windows XP operating system. If your computer runs on Windows XP there are some risks that you need to know about. If you continue to use Windows XP, you could be putting yourself at risk to a virus or malware. Exposing your computer to a virus or malware could be dangerous if you use your computer for internet banking and/or store personal information on it.
Please take the time to read this article that explains certain risks and what options you have moving forward. Our intention is not to scare you, but simply to inform you of the risks involved.
Save More This Year!
Grow Your Money With a New 12 Month Certificate of Deposit (CD)
No Minimum Balance required to open!
*Automatic Transfers from Your FSB accounts or any other bank accounts make it easy to save!
Very Competitive Rates!
Contact us or visit one of our locations to sign-up!
*Automatic transfers are required and can be set weekly or monthly. Transfers can be set in any amount. Early withdrawal penalties may apply. Offer valid through December 31, 2014.