About scams and spoofs
Many financial institutions that do business on the Internet have become the target of fraudulent email and website scams. Every Internet user should know about these spoof (also called phishing or hoax) e-mails that appear to be from a well-known company but can put you at risk.
Even if you don’t provide what they ask for, simply clicking the link could subject you to background installations of key logging software or viruses.
How to identify online fraud
It is difficult to distinguish if an email is legitimate. Scammers have become increasingly sophisticated in creating fraudulent emails and websites that look authentic. These emails and Websites often appear to be from legitimate companies and include images and logos of these organizations.
Characteristics of fraudulent emails and websites
Our bank will never send out an email requesting you to provide, update or confirm sensitive data.
Spoofs often have a sense of urgency telling clients that if they fail to update, verify or confirm their personal or account information, access to their accounts will be suspended.
Spoof emails typically ask for personal or account information such as:
- Account numbers
- Credit and check card numbers
- Social Security Numbers
- User IDs and passwords
- Mother’s maiden name
- Date of birth
- Other sensitive information
They often include links that include a legitimate company’s name or website address. The fraudulent emails will disguise or forge the sender’s email address so they appear to be from a legitimate company.
How to protect yourself from online fraud
- Never provide personal or financial information to unsolicited email, phone or pop-up website requests.
- Type the Website addresses (URL) into browsers instead of clicking on links in emails.
- Change User IDs and passwords every 30 days.
- Keep anti-virus and anti-spam filtering software on your computer up to date.
If you suspect an email to be a spoof
If you suspect that you’ve received a fraudulent email, please forward it to us immediately and then delete it from your inbox.
Our e-mail address is: [email protected]
The MultiKey service is an easy way to help prevent identity theft and fraud.
What is MultiKey?
MultiKey is a new online security feature that is now a standard part of your Aspire Financial Internet Banking login experience. As part of our ongoing commitment to help protect you against identify theft and fraud, MultiKey helps prevent unauthorized access to your accounts while reassuring you that you’re at the valid Aspire Financial website. MultiKey consists of four parts: User ID, three challenge questions, a personal image and an encrypted password. All four parts help protect you, whether you login to Internet Banking from one of your trusted computers or from a public computer.
Why do I need MultiKey?
MultiKey helps to ensure your information is secure by protecting you from fraud and identity theft in a couple of ways.
- It helps you recognize that you’re at the valid Aspire Financial Internet Banking site.
- You can ensure that we also recognize you as the true owner of your account because MultiKey helps us verify your identity with your chosen image. If your computer is not registered as a trusted computer, we’ll ask you one of your challenge questions as an additional line of defense against unauthorized access to your accounts.
How does MultiKey work?
MultiKey is made up of four parts: User ID, three challenge questions, a personal image and an encrypted password.
When you’re signing in from a different computer, we ask one of your challenge questions to verify your identity. When you answer correctly, a number of MultiKey images appears. If you see your image, you know it’s safe to enter your password and login. You will need to select your image and continue.
Has my password changed?
No. The MultiKey image, the three challenge questions and answers you provide are separate from your regular Internet Banking login password.
One of the ways we recognize you is by placing a cookie on your computer when you sign up for our MultiKey service. The cookie contains a randomly generated, unique number used as an identifier. When you login after that, your Web browser sends us this cookie, which lets us know that you’re using your own computer. The cookie is visible only to the Internet Banking site at Aspire Financial and does not contain any personal information. You can also access Internet Banking from any number of computers and have the same MultiKey protections.
What is a cookie?
A cookie is piece of securely-coded information sent by Aspire Financial to your computer when you login with our MultiKey service. Cookies include a randomly generated, unique number used as a sign-in or registration identifier. Every time you log in from that same computer, your Web browser then sends us back this cookie, which is a security feature that lets us know that you’re using your own computer.
How is MultiKey more secure?
MultiKey helps you know that you are at the valid Internet Banking site at Aspire Financial Internet Banking before you enter your password. In addition, we know it’s really you signing in because we recognize your computer or we ask you a challenge question to verify your identity.
What if someone knows my password? How will MultiKey prevent them from accessing my account?
When an unauthorized person tries to login from another computer, we will recognize that they’re using a different computer, and so we’ll ask one of your challenge questions. They won’t know the answer and will not be able to login to your account.
Why do I need to set up challenge questions?
Challenge questions help prevent unauthorized people from getting access to your Internet Banking information. That way, even if they’ve stolen your User ID and password, they won’t know the answer to the secret question. And if someone signs in from a computer that we don’t recognize (for example, if you login from a public library), we’ll ask you a challenge question to verify that it’s really you.
When I enter my User ID, it asks me a question instead of showing my MultiKey image. Why?
This is to help verify that it’s really you signing in. We ask a challenge question when you’re signing in from a computer that has not been registered as a trusted computer. Your correct answer confirms that it’s really you.
How do I know I’m at the genuine Aspire Financial site?
The MultiKey system helps to authenticate you as well as authenticate the website. After you type the correct address directly into your Web browser, enter your User ID and your personal MultiKey image will be displayed. That’s confirmation that you’re at the legitimate website. If you do not see your personal image, do not enter your password. Since this may represent a fraudulent website, please report this immediately to us at [email protected] or 701-543-3121.
How do you know that I’m signing in from my own computer?
When you initially login to the Aspire Financial website using the MultiKey service, a secure cookie is saved on your computer. When you login from the same computer again, the Web browser uses this cookie to authenticate your computer to our system. This confirms that you’re using a trusted computer. The cookie is visible only to the Aspire Financial Internet Banking site and does not contain any personal information. You can also access the Internet Banking site from any number of computers and have the same MultiKey enhanced security benefits.
Can I access Internet Banking from multiple computers?
Yes, you can access Internet Banking from multiple computers and have the same MultiKey enhanced security benefits. If you login from a computer that you haven’t registered as a trusted computer, you just need to answer one of your challenge questions to verify that it’s really you. Once you answer the question correctly, you will be asked if this computer should be registered as a trusted computer in the future. If you answer yes, you will not need to answer a challenge question when you use that computer in the future.
I share my computer with someone who also has an Aspire Financial Internet Banking account. Can both of us still login from this computer?
Yes. You can use the same computer to login to your individual Internet Banking accounts. The MultiKey service is based on the fact that each User ID is unique.
Is there a fee for using the MultiKey service?
MultiKey is free. It’s just another way Aspire Financial is working with you to safeguard your privacy.
How do I set up my MultiKey information?
It is quick and easy to set up and use MultiKey. You simply choose a MultiKey image and three challenge questions. You will setup your MultiKey information during your next login.
Our bank is dedicated to making information security one of our highest priorities. We utilize the latest software, hardware and other technologies to prevent unauthorized users from accessing our computer systems.
We have implemented many different levels of security including User ID, password, encryption of sensitive data, and others. We utilize a technology called SSL (Secure Socket Layer). SSL is software to secure and protect web site communication using encrypted transmission of data. The SSL creates a secure communications channel between our Internet Banking server and your browser.
The following are some of the technologies we have implemented to ensure all transactions are secure:
- Username and Password Protection
- Browser Encryption
- Network Security and Monitoring
Username and Password Protection
To access account information, you must provide a username and a password to enter the secure area of the site. Your password is not displayed when entered. If you do not provide this information, we cannot establish an online banking service for you.
What can I do?
Don’t let anyone else know your password. Never write it down where anyone can find it. We also recommend that you change your password every 30 days or sooner. Use letters (upper and lower case), numbers, symbols. Use a different password for different internet websites. Don’t use the same password for all of your websites that require you to login. Never access the online banking site from a computer or terminal that an untrusted individual or the general public may have access to. You should also take the standard precautions to keep your computer free from viruses.
Always Log Out
You should always log out of the online banking site when you are finished or if you are going to be away from your computer for an extended period of time. The log out will end your session, and you will be required to enter your User ID and password before entering the online banking website again.
If you have not accessed the internet banking for a period of time, your login session will automatically timeout. To start a new session, you will be required to enter your User ID and password on the login page.
Remember that once you’ve downloaded the proper browser, you must install it on your computer. Follow the browser manufacturer’s instructions that appear on your screen.
Secure Sockets Layer (SSL)
After you are connected with a website that is secure, you will see a padlock or key icon on your browser that shows being locked or connected. This icon will only appear after you have gone to the Login web page. The padlock or key icon may not appear locked on pages where you are not logged on and where general information is displayed about the site. However, you can be assured that any screen which displays or requests information about your account, username, password or any other sensitive information is encrypted.
If you would like to read more information about SSL encryption, we recommend you read VeriSign’s SSL Page
Network Security and Monitoring
Firewalls are an essential part of network security. They are used to protect your internal network from external threats that can compromise data and data transmissions. We are using our firewalls to monitor all transmissions from the internet. Our firewalls create logs of network traffic that allow for centralized auditing and security monitoring. We have also setup security policies on the firewall to stop any suspected malicious activity.