Online Banking Security

We want our members to be confident when accessing your Credit Union online. While TECU uses multiple layers of protection to increase your security while using TECU online banking, here are some additional ways to protect yourself while online.

  • Install and use an anti-virus program and keep it up to date. Always use up-to-date anti-virus software that is capable of scanning files and email messages for viruses, worms and Trojan horses. This can help prevent your computer system and files from being corrupted or lost. A variety of anti-virus software packages are available on the market today and many of these products install anti-virus updates automatically, as long as you have the update feature enabled.
     
  • Use a personal firewall. Any computer or device connected to the Internet that is not properly protected may be vulnerable to a variety of malicious Internet intrusions and attacks. A personal firewall can help protect you from intrusion because it creates a barrier between your computer and the rest of the Internet. A number of firewall solutions are available in the marketplace today. They can be a hardware device, a software application or a combination of the two. Most firewalls can be set up to alert you if anyone tries to access your computer system.
     
  • Use strong encryption. The stronger the encryption your Web browser uses, the more difficult it is for intruders to intercept your online activities. It is recommended that you ensure your browser supports at least 128-bit encryption.
     
  • Use unique passwords and change them regularly. Always choose unique passwords that are difficult to guess. Use longer passwords that have eight or more characters, mix letters, numbers and special characters. These are much more difficult to figure out than shorter, more straightforward ones. Don't share your passwords, use different passwords for different accounts and remember to change them regularly.
     
  • Keep security patches up-to-date on your computer. After software has been released, security holes or bugs that may have been missed prior to its release are sometimes identified. Most major software companies today provide software patches or updates to address these issues. It is important that you regularly visit your software vendor's web sites and stay informed of any security related patches and updates they provide. Evaluate these updates and install them as necessary.
     
  • Be aware of the risk posed by installing software or files from unknown sources. Avoid downloading programs and software from sources you are not familiar with and don't download or use pirated software. These programs may contain viruses or other malicious code that could cause harm to your computer or be used to steal private or confidential information like account numbers and passwords. These programs may also come bundled with other programs that you may not be aware of. Programs such as spyware and adware may also be simultaneously installed on your computer for the purpose of tracking and reporting on your computing and browsing habits. It is important that you read the terms and conditions that come with any program or software carefully before installing it on your computer.
 

The Heartbleed Bug 

According to CBC.ca, Heartbleed is a security bug or programming error in popular versions of OpenSSL, software code that encrypts and protects the privacy of your password, banking information and other sensitive data you type into a "secure" website such as Canada Revenue Agency or Yahoo Mail. Such websites can be identified by the little "lock" icon on your browser or the "s" at the end of "https" before the web address.


Heartbleed is not a virus or malware, but could be exploited by malware and cybercriminals.

The vulnerability allows "anyone on the internet" to read the memory of the system protected by the bug-affected code. That way, they can get the keys needed to decode and read the data, according security researchers at the Finnish firm Codenomicon who discovered it.

The bug, named for the "heartbeat" part of the code that it affects, was independently discovered recently by Codenomicon and Google Security researcher Neel Mehta. The official name for the vulnerability is CVE-2014-0160.

The researchers have set up a website with more detailed information.

Visit the Heartbleed website.