Watch for Suspicious Activity
- Review online banking reports and audit reports on a daily basis. Verify that ACH,
Wire Transfer, and other transactions are valid. INTRUST Bank can assist you in
protecting your accounts from both ACH and check fraud with the following additional
- Positive Pay: A check fraud
prevention service that compares checks presented for payment against a list of
checks you have issued.
- ACH Debit Block: This service
automatically returns any unauthorized ACH activity on your account.
- ACH Debit Filter: This service
posts only ACH debit entries that you have authorized.
- Things to watch for/call the bank if you see the following:
- Suspicious transactions posting to your account
- Activity on Reports that is out of the ordinary
- If you suspect that someone is trying to gain access to your online banking information,
notify a representative in INTRUST Bank’s Treasury Services Department. They can
be reached from 7:30 a.m. to 6:00 p.m. at 316-383-1494 or toll free at 800-905-6630.
- If an urgent situation arises you can lock-out your User ID by intentionally entering
an incorrect password 3 times. This will lock the ID and require either the Admin
to unlock it, or the Bank if you are locking the Admin ID.
- Have dedicated PC(s) for accessing bank sites.
- Use one computer for transaction entry and approve transactions on another.
- We strongly encourage you to limit, or better yet, eliminate Web-surfing activity
on those PC’s that are used for commercial online banking. Establish an internet
policy for your company.
- Schedule daily scans of your computer to check for viruses.
- Make sure your Antivirus Software, Operating System, Firewall, and Internet browser
are operating properly and are up to date.
- Install the latest security updates and patches on your computer. If possible turn
on Windows Automatic Updates and schedule automatic installation of critical updates.
- Keep your passwords secure. User passwords, including PIN numbers and passwords
generated from a security token, should never be shared with anyone. Please know
that INTRUST Bank will never call and ask for a user passwords or a single-use password
from a security token.
- Use different passwords for different Websites.
- Never write passwords down on paper or store them in an unencrypted computer file.
- Utilize a password vault program that includes strong encryption.
- Change passwords regularly.
- Use strong passwords.
- Use a combination of upper and lower case letters, numbers and keyboard symbols.
- Passwords should not contain your user name, real name, or company name.
- Never send sensitive information such as account numbers via unsecure e-mails. (See
"Security" below for tips to determine whether an e-mail is secure.)
- Treat all unsolicited e-mails with caution and never click on the links from such
e-mails to visit unknown Websites. When in doubt, delete the e-mail without even
- As a convenience to you, e-mails from INTRUST may include links to reach pertinent
information on our Website or other Internet sources. However, if you suspect that
an e-mail appearing to be from INTRUST is fraudulent (from an illegitimate source
posing as INTRUST) or if the online banking Website does not include the personal
security cues you’re accustomed to seeing when logging in, we recommend that you
log in to our online banking Websites by opening intrustbank.com in a new browser
window instead of the links provided in e-mails. Learn more about e-mail phishing.
- Do not use Admin login credentials (or users with equivalent permissions) for everyday
- Ideally users with administrative rights should only be used when making changes
to the system (e.g. setting up new users, setting up payment templates, etc.). You
should limit the number of users with administrative rights to as few as possible.
- Ensure ACH, Wire, and Book Transfer limits are set at levels appropriate for actual
- Users should be given only the permissions they need to do their jobs, and no more
permissions than that.
- If you have multiple users performing online banking functions, make sure they are
properly trained and understand the importance of keeping your company’s banking
- Make sure the Website you are visiting is secure.
- If the Website you are visiting is on a secure server, then it should start with
“https://...”, rather than the usual “http://...”
- Look for a padlock icon on the browser’s status bar.
- Please note that the fact the Website is using encryption does not mean that the
Website is legitimate. It only tells you that the data is being sent encrypted.
More small business security tips and tools visit The U.S. Chamber of Commerce Small Business Center