First National Bank is providing its personal and business customers with the following security awareness information to assist you in protecting your online account and transaction information. As the online banking landscape continues to be challenged by malicious threats, fraudulent attacks, and rapidly growing organized criminal groups, it becomes even more important that you understand and practice safe and secure online access methods to assist in mitigating significant personal or business financial loss. Fraudulent individuals are responsible for losses of hundreds of millions of dollars resulting from online account takeovers and unauthorized funds transfers.

Please note: First National Bank will never contact a customer and request electronic banking credentials. If you receive a phone call requesting your online credentials, hang up and contact us at (262) 670-3878.

Specifically for our business online banking customers , we strongly encourage a periodic risk assessment where you review access controls to your accounts. Specific areas to focus on are:

• Who has access to the computers used for Internet banking and who knows the credentials?
• Do you secure the computers used to access Internet banking after business hours?
• Is your anti-virus and anti-malware software up to date on the computer?
• How frequently is the online banking password changed and who knows it?
• Do you have an active firewall on the computer?

Suggested Risk Control Mechanisms to Minimize Online Banking Risk:

Block cookies on your Web browser: Surfing on the Internet creates hundreds of data points that come together and form an integral part of your “digital profile.” This profile is then sold without your consent to organizations around the world. Blocking cookies will limit this data collection process about you. Entering passwords on various websites rather than having an established cookie is a much smarter way to surf the Internet.

Your social networking profile should not contain your full date of birth: Birth dates are instrumental in the process of identity theft so only publish your birth month and day.

Do not download Facebook apps from outside the United States: Software applications on social networks have the ability to access vast amounts of personal information. There are careless or unscrupulous entities that collect this personal data and then lose, abuse or sell the data. A software application originated in the United States is safer and provides you with some recourse if complications come about.

Utilize a variety of usernames and passwords: Separation of usernames and passwords for social networks, online banking, e-mail and online shopping is extremely important. Having distinct usernames and challenging passwords provides further protection from identity theft or potential financial losses. Passwords should use the maximum allowable number and type of characters (such as upper and lowercase letters, numbers and symbols) and should not contain predictable terms or number patterns. Passwords that are written down or otherwise recorded should not be placed in visible or unsecured locations. If you feel something does not look right with your online banking, contact us at (262) 670-3878.

Approach with caution: Cybercriminals often use applications and links as their initial step in installing malicious software on personal computers, tablets and cell phones to enable fraudulent acts. Take the necessary steps to verify that applications and links posted on social media sites match up with legitimate websites. Make sure that the posted items are from individuals that you know and trust.

Mobile Phones, Mobile Banking and Mobile Payments: Mobile phone applications, text messages, instant messages and calls from unfamiliar or suspicious sources that request personal financial information and passwords should be declined and, when appropriate, promptly deleted. Do not open any links that the message may contain. Mobile phones should be set to lock automatically after no more than two minutes of non-use, with a password required to log back into the phone. Lost or stolen phones should be reported to the carrier promptly.

ATM, Credit, Debit and Prepaid Cards: Sign your cards as soon as they arrive in the mail. Card numbers should only be used in secure transactions and should not be provided in response to unfamiliar or suspicious websites, emails, text messages, telephone calls, mobile phone applications or social media messages. Conduct transactions only on secured websites — ones that say “https” in the address bar — and never choose the “Remember my card number” option. Report any lost or stolen cards promptly to the card issuer.

E-Statements and E-Bills: Review your e-statements and e-bills promptly to verify that all transactions were made by authorized parties. Report any unauthorized transactions to the appropriate financial institution, card issuer or biller. Compare your transaction receipts to your statements to ensure unauthorized charges were not added.

Monitor Credit Accounts: Monitor your credit accounts and credit reports regularly. An annual free consumer credit report is available online by accessing www.annualcreditreport.com or by calling 1-877-322-8228. You are allowed one free report annually from each of the three credit reporting agencies — Transunion, Equifax, and Experian. Report any unauthorized or suspicious account activity directly to the reporting agencies and have a fraud alert placed on your credit file if necessary.

November 2015