Information Security Awareness

Identity theft is becoming one of the fastest growing crimes in America.

At AmeriFirst Bank, we take the safeguarding of your information seriously. In fact, we believe keeping your information safe and secure is every employee’s responsibility. We also encourage you to take steps in protecting your personal information.

No employee of AmeriFirst Bank will ever email or call you requesting that you update your personal information, including account numbers, passwords, driver’s license, Social Security Numbers, etc. by phone, email or a link to a website.

If you choose to contact AmeriFirst Bank using e‐mail, please be advised do not send privileged or personal information via regular e‐mail to us as information transmitted through this medium is not encrypted and therefore not secure. If you need to send privileged or personal information to AmeriFirst Bank by email please contact an AmeriFirst employee for a link to our secure email portal.

Protecting Yourself from Online Banking Fraud

The online banking industry has seen an increase in fraudulent activity over the last several months. With key loggers, virus attacks and phishing scams becoming more prevalent, are you doing all you can to protect yourself from becoming a victim of fraud?

Keystroke Logging or Keylogging

Keylogging is a method by which fraudsters record your actual keystrokes and mouse clicks. Keyloggers are “Trojan” software programs that target your computer’s operating system (Windows, Mac OS, etc.) and are “installed” via a virus. These can be particularly dangerous because the fraudster has captured your user ID and password, account number, Social Security Number ‐ and anything else you have typed. If you are like most other users and have the same ID and PIN/Password for many different online accounts, you’ve essentially granted the fraudster access to any company with whom you conduct business. After all, they’ve got your login credentials so they appear to be a valid user.

Here are some ways you can prevent yourself from being a victim of keystroke logging and ransomware:
  • Use up to date Anti‐Virus and Anti‐Malware Software. This is the single most important thing you can do to protect your computer from viruses and malware. There are many on the market today – some cost money while others are free. If you opt to use a free version, make sure it is being offered by a reputable company and do research on the company and its product before installing.
  • Keep your Operating System and other programs up‐to‐date with the latest security patches.


Phishing is a scam where Internet fraudsters request personal information from users online. These requests are most commonly in the form of an email from an organization with which you may or may not do business. In many cases, the email has been made to look exactly like a legitimate organization’s email would appear, complete with company logos and other convincing information. The email usually states that the company needs you to update your personal information or that your account is about to become inactive, all in an effort to get you to click the link to a site that only looks like the real thing. If you click on the link to go to the phony website and enter all of your information, you’ve just been the victim of a phishing attack. The fraudsters have just captured all the necessary information to access your accounts online. No reputable business will ever email you requesting that you update your personal information, including account numbers, system passwords or Social Security Numbers via a link to their site.

Follow these guidelines to protect yourself from phishing scams:

  • Never click on a link from a business requesting that you provide them with personal information.
  • Pay close attention to the URL (Internet address) behind the link. Often in phishing attempts, if you hover the cursor over the link the fraudsters want you to click on, it has nothing to do with the actual company they claim to be.
  • If your Financial Institution uses watermarks or personal images, do not log in unless you see the correct image on the screen.
  • Report any phishing attempts to your Financial Institution and to the Federal Trade Commission on their website.
If you are unsure that the request is valid, open a new Internet session and manually key in the business’ web address. If the business genuinely needs information from you, they will have you log in to your online account to see the request. In most cases, you’ll just be greeted with a message indicating that the business will never email you requesting personal information.

What should I do to protect myself from fraud?

Besides following the tips mentioned in the previous examples, there are other things you should do to safeguard your personal and financial information.

Change your passwords often. Even if your financial institution doesn’t require it, it is a good practice to change your passwords at least every six months. An easy way to remember: change them when you change your clocks to adjust for Daylight Savings Time.

  • Don’t use the same ID and PIN/Password for every online account you have.
  • Create passwords that mix letters, numbers, and special characters.
  • Never disclose your login credentials to other people or companies.
  • Do not store your ID and Password information where others could gain access to it. It is best not to write the information down at all.
  • Do not use public computers and open wireless networks for sensitive online transactions. Wi‐Fi spots in airports, hotels, coffee shops, and other public places can be convenient but they’re often not secure and can leave you at risk. If you’re accessing the Internet through an unsecured network, you should be aware that malicious individuals might be able to eavesdrop on your connection. This could allow them to steal your login credentials, financial information, or other sensitive information. Any public Wi‐Fi should be considered “unsecure.”
  • Businesses that use online banking services should consider doing periodic risk assessments and evaluate their controls in place to protect them.
  • Do not send confidential information of any kind by email unless it is encrypted.
  • Shred receipts, credit offers, credit applications, insurance forms, physician statements, checks, bank statements, expired charge cards, and similar documents when you don’t need them any longer.
  • Read your bank, credit card, and account statements, and the explanation of medical benefits from
    your health plan. If a statement has mistakes or doesn’t come on time, contact the business.
An excellent source of information on how to prevent identity theft and what to do if you are a victim of identity theft is the Federal Trade Commission website at Homeland Security’s website has some valuable information about staying safe online.

If you notice any suspicious or unusual activity related to any of your accounts, contact us immediately at 1-800-298-1763 or at any Branch Office; Union Springs 334-738-2060, Vaughn Road 334-409-2980, Prattville 334-358-0351 or Lee County 334-821-1329.

If you would prefer, download the PDF here:

Customer Information Security Awareness 2018

Rev. 2018‐9