How Does MBG Keep My Personal/Financial Information Safe Online?
User ID and Password – Your user ID and password are unique identifiers that only you know. As long as you don’t share your user ID and password with anyone, no one can view your bills or personal information.
SSL and Encryption – MBG’s billing feature uses top-of-the-line Internet security, which includes SSL (Secured Socket Layers) 128-bit encryption. So what does that mean?
SSL is a set of rules governing the format of messages that are exchanged between computers. It assures that your connection and information are secure from outside inspection; that your information isn’t tampered with during transmission; and that the party actually receiving your information is who it claims to be.
For example, before your payment information is transmitted to a bank, it is encrypted using a secret “key.” When an encrypted message reaches its destination, the key is decrypted, or decoded, so it makes sense to the receiver. Anyone trying to intercept the information during the transmission would see nothing but gibberish because they would not know what the code represents.
For someone to steal your encrypted information, they would first have to figure out a way to intercept it, which is extremely difficult. They would then have to decode the encrypted message. It would be much easier for a thief to tap your phone or intercept your mail to obtain your credit card or bank account numbers than to try to intercept and decode data traveling over the Internet.
Commitment to Protecting Your Personally Identifiable Information – Mutual Benefit is committed to protecting your personal information. Click on the link on the bottom of this page to read Mutual Benefit Group’s Privacy Policy. The policy explains the types of personally identifiable information Mutual Benefit Group gathers about you when you visit our Web site; how we may use that information; whether we disclose it to anyone; the choices you have regarding our use of the information; and your ability to correct the information.
How Can I Protect My Personal/Financial Information When Paying Online?
According to the U.S. Department of Justice, identity theft is the fastest growing crime in the United States and has surpassed drug trafficking as the number one crime in America. Each year, attacks grow more frequent and more sophisticated. Identity theft happens when someone uses your name, address, Social Security number, credit card or bank account numbers, passwords and other personal information without your knowledge to commit crimes. The key to protecting yourself is to become educated about this type of fraud and take recommended actions. Following are some tips and resources that will help:
Educate yourself – Many bank and credit union sites regularly post information on their Web sites regarding the most recent and widespread online fraud schemes. You can also find such information, as well as many helpful tips on protecting yourself from online identity theft schemes, by visiting sites such as:
- staysafeonline.org
- us-cert.gov (posted by the United States Computer Emergency Readiness Team, US-CERT)
- antiphishing.org.
These sites also explain identity fraud terms that you may have heard but don’t understand, such as phishing, spyware, social engineering, and dumpster diving.
Know what NOT to do:
- Do not give sensitive information such as your Social Security number, address, date of birth, bank account number, passwords, PIN numbers, or the security code from the back of your credit cards to anyone unless you are sure that they are who they say they are, and that they should have the information requested. This includes e-mail requests for such information. Legitimate companies never ask for your personal information by e-mail. When you get such an e-mail, realize that the chances are excellent that it is a scam.
- Do not click on any link in an e-mail that requests personal information; do not follow unsolicited Web links in e-mail messages. Delete suspicious e-mails right away. Often such links contain a virus that will immediately infect your computer when you click on the link.
- Do not automatically open e-mail attachments. Even if the message looks as though it came from someone as familiar as your mother or your boss, be aware that viruses can mimic a return address, making it look as though the e-mail came from someone else. Attachments can contain a virus or spyware that will infect your computer. Be especially suspicious of attachments with an “exe” file extension. Delete e-mails with suspicious attachments right away.
- Don’t let your curiosity, your good nature, or your innate trust in an organization put you at risk. If possible, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments. Go to the official Web site for a financial institution or organization by typing its Web address in the address bar of your Web browser, not by clicking a link in an e-mail. If there is a real problem at the institution or organization, there will likely be a message on the homepage of the corporate/organization Web site. Or, call the company’s customer support department and ask if the message is legitimate. If an unknown individual claims to represent a legitimate organization, try to verify his or her identity directly with the company or organization. Be aware that Internet service providers and software vendors do not send patches or anti-virus software and updates via e-mail.
Know what TO do:
- Stay calm if you receive an e-mail telling you that a transaction failed, a direct deposit did not go through, an account was frozen, or that credit card information was stolen. Scammers send messages like these in hopes of upsetting you so that you will immediately follow their advice to click on a link included in the message to receive more information. The link contains a virus that compromises your computer. Rather than clicking on such a link, call the bank or business associated with the transaction to verify that there is indeed a problem.
- Look at Web addresses in your Internet browser. The letters “https” should precede any Web address through which you enter personal information. The “s” stands for “secure.” If you don’t see the “s,” you’re not in a secure Web session, and you should not enter information.
- Install and maintain up-to-date antivirus software, firewalls, and e-mail filters on your computer. Be sure that your computer operating system and common software application security patches are installed and current. Enable your computer settings to take advantage of automatic patch updates.
- Turn off your computer’s option to automatically download attachments.
- Save and scan attachments before opening them. If you feel you must open an attachment before you can verify the source, be sure that your anti-virus software is up to date. Save the file to your computer or a disk. Scan the file using your anti-virus software. If the file is clean and doesn’t seem suspicious, open it.
- Pay attention to the URL of a Web site. Malicious Web sites may look exactly the same as a legitimate site, but the URL may use a variation in spelling or a different domain, such as .com instead of .org.
- If you suspect that you are the victim of identity fraud or that your financial accounts may have been compromised, you should:
- Contact your financial institutions and credit card companies immediately to close accounts.
- Change any passwords you may have provided. If you use the same password for most of your dealings, change it on all accounts and don’t use it in the future.
- Watch for any unexplainable charges to your accounts.
- Consider reporting the attack to the police or filing a report with the Federal Trade Commission at ftc.gov. Sometimes, institutions, organizations, or businesses targeted by such scams may request that you forward a fraudulent e-mail to a particular address for analysis.
- Consult a computer security or anti-virus specialist or re-install a clean image of the computer system if you believe your computer may be infected with a virus or malicious code.