The Heartbleed Bug continues to impact computer systems worldwide. The problem, which was disclosed last week, involves encryption software called OpenSSL, which is used by a large number of Internet web sites. The Heartbleed bug can cause sensitive information stored on servers to be disclosed, including passwords, usernames, personal information and credit/debit card numbers.
Mercer Savings Bank wants to assure you that your information is safe. The Bank’s software systems, ATMs, online solutions and mobile banking solutions are secure to protect your data from viruses including this latest threat. Mercer Savings Bank is confident that you will not be impacted in any way.
However, as with any hacking threat, you should take the Heartbleed bug seriously and consider the following these steps:
1. Change your passwords. This is a good idea to do periodically, but in the wake of Heartbleed, you should do it ASAP. The Department of Homeland Security (DHS) says that you should only change passwords after the vulnerability has been fully addressed at the individual websites. Use strong passwords with letters (including capitals), numbers and symbols. Keep passwords long, 10 or 12 characters if possible. To keep track of your various passwords, use a password manager.
2. Clear your Internet browser cache, history and cookies. Again, this is a good idea to do on a regular basis. Exactly how to do this depends on your browser.
3. Beware of email messages promising instant solutions. Unfortunately, when crisis strikes, many unscrupulous people try to take advantage of others. In the coming days, you may receive emails that ask you to click on links to rid your computer of Heartbleed. Don’t fall for it.
4. Check your credit card and bank statements. If you see suspicious or false charges, contact the issuer or bank immediately to limit your liability.
5. Closely monitor your email accounts, social media accounts and other online assets for irregular or suspicious activity, such as abnormal purchases or messages.
6. Check for the “s.” After a website you are visiting has addressed the vulnerability, the DHS states you should ensure that if it requires personal information such as login credentials or credit card information, it is secure with the HTTPS identifier in the address bar. Look out for the “s,” as it means secure.
If you have any questions, feel free to contact us.