Cybersecurity involves practices designed to protect systems, networks, and programs from digital attacks, damage, and unauthorized access.
A Deepfake uses Artificial Intelligence (AI) to create convincing images, voices, and videos.
Deep fakes, are defined by Merriam-Webster as “an image that has been convincingly altered and manipulated to misrepresent someone as doing or saying something that was not actually done or said.”
Bad actors can teach themselves how to use (AI) very quickly. You can’t always believe the person on the other end of the phone is actually who they say they are. If you have any doubts or suspicions, tell the caller you need to call them back. When you return the call, use the phone number you know to reconnect.
As a financial institution, we handle sensitive personal and financial information. Cybersecurity is vital in protecting this data and maintaining trust with our clients.
We employ multiple layers of security, including firewalls, encryption, secure access controls, regular security audits, and ongoing staff training to identify and respond to potential threats.
Phishing is a type of cyber attack in which an attacker impersonates a trusted entity to trick victims into revealing sensitive information. Common signs of phishing include unexpected requests for information, poor grammar or misspelling, and email addresses or URLs that don’t match the company they claim to represent.
We use advanced email filtering, regularly train staff on identifying phishing attempts, and never request sensitive information through unsecured methods.
If you suspect you’ve received a phishing email, please do not click on any links or provide any information. Report the email to us directly.
You can maintain security by regularly updating your passwords, using a secure network connection, regularly updating your devices, and being aware of any suspicious activity on your account.
Two-factor authentication (2FA) is an extra layer of security that requires not only a password and username but also something that only the user has access to, like a piece of information or a physical token. It drastically reduces the chances of fraud, data loss, or identity theft.
In the unlikely event of a data breach, we will follow our robust incident response plan, which includes notifying impacted individuals, working to secure data, and cooperating with law enforcement.
We have compiled a list of resources from various reputable organizations for your convenience.
By law, you can get a free credit report each year from the three credit reporting agencies (CRAs). These agencies include Equifax, Experian, and TransUnion.
AnnualCreditReport.com is the only website authorized by the federal government to issue free, annual credit reports from the three CRAs. You may request your reports:
Secure Sign-In is a service to help protect you from fraudulent online activity. We use multiple layers and factors beyond access ID and password before allowing access to your account. If we suspect unauthorized account activity, we will ask for additional authentication before permitting access to your account. Secure Sign In provides you with a secure Web site, ensuring that only authorized individuals have access to their financial information online.
When you access the site for the first time using the credentials provided by your financial institution, you are required to change your password and establish a delivery method to receive your One-Time PIN. The One-Time PIN (OTP) is available through one of the following:
The OTP method is established during your initial sign in. If your institution converted from a different Secure Sign In method to IdP, your first sign in with IdP is treated as your initial sign in.
When this OTP method is selected, the PIN is delivered only to your phone, as email delivery is not supported for your institution. You need to enter the following:
If you choose the authenticator app, you can either install an app in advance, or have a link to an app emailed to you. If you choose the email option, you receive a link to download the FIS Authenticator app. If you have already installed an app, you are prompted to scan the QR Code or manually enter the string of characters above the QR Code provided in your OTP method set up.
Please note that the FIS Authenticator app does not have any account requirement, but if you use the Google Authenticator or Microsoft Authenticator you will need to sign into the app with your Google or Microsoft sign in information.
If you do any of the following during the sign in or OTP method set up, the information entered is discarded and you will be required to complete the processes the next time you attempt to sign in.
It is recommended that you register your device on the Desktop Registration page. To register your, select Yes, this is my computer or mobile device that I use regularly. IdP remembers your device, and you will not be prompted to authenticate with a PIN on subsequent sign ins. The option is available to enter a Device Name. This is helpful if you want to register multiple devices.
If you do not choose to register your device, you will be prompted to enter a PIN with each subsequent sign in.
The registration is device-specific, so we recommend registering each device you regularly use.
Yes, as a security measure, your device registration periodically expires – generally every 60 days – unless your institution chooses a custom range. When this happens, you will need to enter a PIN when you sign in and have the option to again register the device.
You may be prompted for a PIN on a registered device if the browser or location used on sign in is different than the browser or location used when the device was registered.
Yes, your PIN is case-sensitive. Enter your PIN in the format in which you receive it. However, the PIN is typically all numeric in which case it is not case sensitive.
You are the first line of defense for your online account security. We have taken numerous steps to keep your accounts secure, but you also play a role in maintaining the security of your account information. Here’s what you can do:
You may change your password often as needed; however, it is recommended that you make no more than one password change per day.
Use the Trouble signing in? link, and select I forgot or need to change my password. You need to enter your email or access ID and are then prompted to also enter a PIN to verify your identity. You will receive an email that includes a link you must use to change your password.
Use the Trouble signing in? link, and select I forgot my Access ID. You then need to enter your email and are prompted to also enter a PIN to verify your identity. An email is sent that includes your access ID.
©2024 Legacy Private Trust Company. All Rights Reserved.