Skip to main content Go to Online Banking

Online Banking LoginLogin

FDIC Digital Sign, using the official FDIC wordmark. This digital sign indicates the deposit institution is backed by the full faith and credit of the US government.

ALARM Personal

Prevent Phishing with ALARM

Use ALARM every time you get a suspicious email.

 

A — Address

  • Check the sender’s email address, not just the display name.
  • Watch for:
    • Misspellings (e.g., micosoft.com instead of microsoft.com)
    • Extra words or numbers (e.g., support-paypal123@gmail.com)
    • Free email services for “official” messages (e.g., a “bank” using @gmail.com).
  • If you’re not sure:
    • Do not reply to the email.
    • Contact the person or company using a known, trusted method (official website, phone number, or a fresh email to their known address).

 

L — Links

  • Hover over links (don’t click yet) to see where they really go.
  • Warning signs:
    • The link text doesn’t match the hovered address.
    • Strange domains or spelling errors (e.g., yourbank.secure-login.co instead of yourbank.com).
  • When in doubt:
    • Type the website address yourself into the browser instead of clicking.
  • Remember: even just clicking a malicious link can put you at risk.

 

A — Attachment

  • Be extra careful with attachments, especially:
    • If you weren’t expecting them.
    • If they are from someone you don’t know.
    • If the file name looks odd or generic (e.g., invoice_84739.zip, payment_info.scr).
  • High‑risk file types include: .exe, .scr, .js, .bat, .zip, .rar, or Office files that ask you to “enable macros.”
  • If in doubt: don’t open it. Verify with the sender using a separate, trusted contact method.

 

R — Reputation

  • Ask yourself: Does this email fit what this sender usually sends?
    • Is the tone unusual (too urgent, too informal, too threatening)?
    • Is the grammar or spelling poor for this sender or organization?
    • Are they suddenly asking for money, gift cards, passwords, or confidential info?
  • If it feels “off”:
    • Stop. Don’t click or reply.
    • Confirm via phone or a new email to a known-good address.
    • If you can’t confirm, delete it.

 

M — Makes Sense

  • Does the email actually make sense in your real life?
    • Were you expecting a password reset?
    • Did you apply for this job or ask for this report?
    • Did you really win a prize, lottery, or refund you never applied for?
  • Common red flags:
    • Too good to be true offers.
    • Urgent threats (“your account will be closed today!”).
    • Requests for secrecy (“don’t tell anyone about this”).
  • If the story doesn’t make sense, someone is likely trying to trick you. Just delete the email.

 

Extra Safety Tips

  • Never share passwords by email or text—legitimate companies won’t ask.
  • Use multi‑factor authentication (MFA) wherever possible.
  • Keep your software and antivirus up to date.
  • If you think you clicked something bad:
    • Disconnect from the network (if possible).
    • Notify your IT/security team or support desk immediately.
    • Change passwords from a known‑clean device.

 

Remember: If something feels wrong, it probably is.
Pause, use ALARM, and verify before you click.

Top
Some content requires Adobe Acrobat Reader to view.