Blackhawk Bank Internet Security

One of our highest priorities is to ensure your privacy and peace of mind by employing the most advanced online security measures in the industry. Once enrolled in Business Online Banking, you will be able to use a self-selected User ID, Password and Multi-factor Authentication System that serves as your first line of security. Once enrolled in Personal Online Banking, you will be able to use a self-selected User ID, Password and 2FA (Two-Factor Authentication) that serves as your first line of security.

Blackhawk Bank provides state-of-the-art encryption of all data transmitted between your computer and our secure site. Most browsers utilize an encryption method called Secure Sockets Layer (SSL), a protocol that encodes data before it's transmitted over the Internet.

Jack Henry and Associates (Blackhawk Bank’s SSL Certificate Issuer) will use SSL Certificates for security to help confirm that users have reached a legitimate Web site, not a “spoofed” site created by fraudsters to steal personal and financial information.

Address Bar: The address bar in the browser will display https://

Padlock Icon: A closed padlock is prominently displayed in the address bar. Users may click the      padlock to view details about the certificate that secures the site and the certificate issuer.

Security Status Bar: The security status bar rotates between the name of the authenticated            organization (Jack Henry and Associates is Blackhawk Bank’s Certificate Issuer) and VeriSign, the      trusted 3rd party that performed the Extended Validation authentication.

As part of our commitment to protecting you with the highest security standards, Blackhawk Bank’s Online Banking only supports the current and prior major releases.

Microsoft Edge will only be supported by the latest version. Online Banking may deny access to      Microsoft Edge versions 60 days after a new version is released.

Google Chrome should automatically update when major updates are released, approximately          every 12 weeks. If Chrome is two versions older than the current stable channel version, Online        Banking may deny it access.

Apple typically makes upgrades to Safari during the fall of each year. Online Banking may deny      access to older versions approximately 60 days after a new version is released. However, this          change requires that the new version of Safari is available on both MacOS and iOS devices.

Firefox should automatically update. If Firefox is two versions older than the current stable            channel version, Online Banking may deny it access.

Beta versions are not supported. When new versions of browsers are announced as ready to Release to the Web by the provider, they will become a supported version.

The following types of tools and/or access are not recommended and may impact experience:

• Accessing account via an embedded browser such as:
• Personal or Commercial Financial Management Software (Quicken, QuickBooks, etc.)
• Browser Bars within AOL, Yahoo, Google, etc.…
• Internet Portal access within gaming systems such as Xbox
• Use of browser Add-Ins (Emoticons, FunWeb Services, etc.)

     • Microsoft Edge
     • Firefox
     • Safari
     • Google Chrome

PLEASE NOTE: Your browser MUST accept “Cookies” to utilize this service. Each browser handles Cookies uniquely. Please check with your browser software manufacturer to determine how to verify that your settings will accept Cookies.

An icon, such as a lock or key, will be displayed in the corner of your browser’s window to let you know that your browser’s encryption is active.

Education is key to understanding the safeguards that you should employ to help you reduce your risk for fraud when banking online. Take precautions to protect your PC from viruses and malware.

Ideally, use a dedicated computer for online banking ONLY and a separate computer for email, surfing the Internet and online shopping. This is the best way to prevent the possibility of malicious software infecting the computer you use for online banking. Computer technology advances (e.g. ‘Notebook’ laptops) have made the purchase of a dedicated computer an inexpensive means of protection.

Avoid Spyware. The best way to protect your computer from spyware is to install an anti-              spyware program that monitors the activity of software on your computer. Like a virus scanner,        anti-spyware software detects and attempts to remove malicious applications from your                computer. Spyware infects computers when the user interacts with a malicious resource on the        Internet.

• Do not respond to unsolicited (spam) email.
• Do not click on a link within an unsolicited email.
• Be cautious of email claiming to contain pictures in attached files as the files may contain            viruses. Only open attachments from known senders. Virus-scan the attachments if possible.
• Contact the actual business that supposedly sent the email to verify if the email is legitimate.
• Avoid visiting websites that contain questionable content, including sites that offer illegal              music, movie and software downloads.
• Pay attention to the Google Results page. Google identifies sites that may contain malicious          content. Avoid clicking links that have been identified as such.
• To protect your privacy and help prevent unauthorized use of online banking you should              always “Logout” or ‘Exit’ secure websites to completely log-out. Do not simply click the                X to close your Internet session.
• Monitor your accounts and review your transactions regularly. Should you see suspicious              activity, report it immediately.
• Use encryption software on laptop computers.
• Familiarize yourself with the Security Settings on your PC.
• Educate all online banking users in your home about the risks and safeguards

• Keep your web browser software up-to-date to take advantage of security enhancements.
• Take precautions to keep your computer free from viruses that might be used to capture              Password keystrokes or send information from your hard drive.
• DO NOT use coffee shop or public Internet hook-ups or rented computers. Computers can            capture information from the Internet as part of the browser software's operation, or because          someone has loaded a program in it to secretly gather your information.
• If you are away from home and get an unexpected screen asking you for your credit card            number, password, or account information, DO NOT disclose it.
• If you save financial information externally, remember that a sophisticated user can read it,          even after you have "erased" the file. DO NOT share external information that contains                  confidential information.
• Practice "safe trash" with printouts of your account information. DO NOT throw them away            where prying eyes can find them. It is always a good idea to shred printouts of your account          information before discarding.

• Use BOTH upper- and lower-case letters.
• Place numbers and punctuation marks randomly in your password.
• Make your password long and complex, so it is hard to crack. Between 8 to 20 characters long        is recommended.
• Use one or more of these special characters: +_%@!$&*~
• To help you easily remember your password, consider using a phrase or a song title as a              password. For example, “Somewhere Over the Rainbow” becomes “Sw0tR8nBO” or “Smells Like          Teen Spirit” becomes “sMll10nspT.”
• Make your password easy to type quickly. This will make it harder for someone looking over          your shoulder to steal it.

• Create different passwords for different accounts and applications. That way, if one account is        breached, your other accounts won’t be put at risk too.
• Never use your online banking password for online shopping sites or free e-mail accounts            (Hotmail, Yahoo!, Gmail).
• Change your passwords regularly, about every ninety days.
• Don’t share your password with anyone else. Once it’s out of your control, so is your security.
• Never enable the “Save Password” option, even if prompted to do so. Pre-saved passwords            make it easy for anyone else using your computer to access your accounts.
• Never walk away from a shared computer without logging off. This will ensure no other users          can access your accounts.
• Don’t use sample passwords given on different Web sites, including the samples listed above.

Guessing. Programs designed to guess a user’s password are common. They often use personal        information found online—such as names, birth dates, names of friends or significant others,          pet names or license plate numbers—as a starting point. These programs can even search for a        word spelled backwards.

Dictionary-based attacks. Programs and software also exist that run every word in a                    dictionary or word list against a user name in hopes of finding a perfect match.

“Brute Force” attacks. By trying every conceivable combination of key strokes in tandem with          a user name, brute force attacks often discover the correct password. Programs can execute a          brute force attack very quickly.

Phishing. Phishing scams usually try to hook you with an urgent IM or e-mail message                  designed to alarm or excite you into responding. These messages often appear to be from a          friend, bank or other legitimate source directing you to phony Web sites designed to trick              you into providing personal information, such as your user name and password.

Shoulder surfing. Passwords are not always stolen online. A hacker who is lurking around in        a computer lab, cybercafé or library may be there for the express purpose of watching you            enter your user name and password into a computer.

Security Announcements from the FBI

Click here to read continuous updates regarding fraud and cybercrime from the FBI.