Perform Your Own Cyber Wellness Check

Want to do more to protect yourself from cybersecurity threats? Take a more proactive approach to your fraud prevention by conducting your own cyber wellness check.

Perform Your Own Cyber Wellness Check

Want to do more to protect yourself from cybersecurity threats? Take a more proactive approach to your fraud prevention by conducting your own cyber wellness check.

Changing your usernames and passwords is an important step in making your account more secure, particularly after a security breach.

If you can't remember, it probably means that it has been a while; now is a good time to start the the habit of regularly changing usernames and passwords to keep your accounts extra safe!

While it's good that you occasionally change your username and password, you need to do it more regularly for an extra layer of protection! Try changing your username and password every 3 to 6 months.

Great! Changing usernames and passwords regularly is a great way to guarantee that your accounts remain safe. Remember to always have a strong password, with a mix of words, numbers and special characters for an added level of security!

Do you ever change passwords and usernames for your online activities? 

I have no idea how to change my usernames or passwords and have never done so. 
I have the habit of regularly changing all my usernames and passwords, particularly after any known security breach.
I can't remember the last time I changed my usernames and passwords, but have done so in the past.
I occasionally change my passwords.

Nice job on using different usernames and passwords for each online account! Now earn bonus points and enable two-factor authentication on any accounts that offer this capability. With this added security, you'll be asked for a second layer of authentication (i.e., one-time passcode or challenge question) when you log in to an account from a new device or location.

When reusing login credentials, if a criminal is able to access your credentials for one site, they would have your credentials for all of your online accounts. If you have trouble remembering your credentials, try using a password manager. These programs can generate complex passwords and save them for you so you don't have to remember them.

It's good to hear that you're using different passwords. However, passwords that are easily guessed by doing a quick internet/social media search are not secure. Secure passwords or phrases are those that are complex. They have at least eight characters, upper and lowercase letters, numbers, and special characters. It's also best to avoid common names or dictionary words. (For example, the passphrase, "October is National Cybersecurity Awareness Month 2022!" would become OiNCAM21!)

It's great that you're using different complex passwords for each account, but you should also consider changing your usernames for each account for added security. If you have trouble remembering your usernames and passwords, try using a password manager.

Do you use the same usernames and passwords for all of your online accounts?

No, I use different usernames and passwords for each online account.
Yes, it's the only way I can remember them all!
No, I use the same username but different complex passwords for each online account.
No, but I do create passwords based on things I can remember, like the street I grew up on, or my mother's maiden name.

Try again! The problem with storing on a mobile device is it can be lost or stolen. Please make sure to use authentication tools offered by your mobile device to ensure it can't be easily accessed. Keeping yourself logged in on apps with sensitive information leaves your data quite vulnerable.

So close! We recommend being careful where you leave this information inside your computer — what folder, the name of the file, if it's easily found, if it's accessible by cloud, etc. These details could leave you exposed to security breaches. 

That's a good idea, as long as this journal is safely stored somewhere in your home (probably a safe or somewhere well hidden, but even that is not the most secure); if you bring your journal with you to all places with your devices, this might not be a suitable option security-wise, as your journal could be lost together with your devices, potentially causing a breach in security.

Yes! Using a password manager or biometric/one-time password are the most secure ways you can store passwords.

Where do you usually store important passwords?

My mobile device, of course. Or, I leave things logged in or ask to reset passwords if I need to use anything.
I have a file on my computer with all my passwords.
I have a journal with all my login credentials stored in a safe location at my home.
My device; however, I have it secured with Face ID, or other biometric recognition, or only use one-time passwords.

Excellent! As you probably already know, Citizens will never place an unsoliticited call, email or text requesting your login credentials. Fraudsters create nearly identical copies of login pages to steal information. Always check that the URL is legitimate, and when in doubt access the login page directly from citizensbank.com.

Nice try! Citizens will never place an unsoliticited call, email or text requesting your login credentials. Fraudsters create nearly identical copies of login pages to steal information. Always check that the URL is legitimate, and when in doubt access the login page directly from citizensbank.com.

Nope! Citizens will never place an unsoliticited call, email or text requesting your login credentials. Fraudsters create nearly identical copies of login pages to steal information. Always check that the URL is legitimate, and when in doubt access the login page directly from citizensbank.com.

That's not right! Be careful when investigating strange pieces of communication you receive as they might contain viruses and malware. Citizens will never place an unsoliticited call, email or text requesting your login credentials. Fraudsters create nearly identical copies of login pages to steal information. Always check that the URL is legitimate, and when in doubt access the login page directly from citizensbank.com.

What would you do if you ever received a phone call, an email or text asking for your banking login credentials?
I never respond to unknown callers/emails/messages, no matter how important and urgent they look.
I would give out my credentials if I believed something important is happening and I could be affected.
I maybe would give out my credentials, if I recognized the source of the communication.
I would probably answer the communication, but would also try to gather more information before giving away any of my details.

You're not wrong, as our app is on the internet; but we're looking for something more specific. You can find our app either on the App Store (for Apple devices) or the Google Play Store (for Android devices). 

Close, but not close enough! You can get a link to the Google Play Store or to the App Store on our website, but you cannot download the app without visiting the App Store or Google Play Store.

So close! Our app is available at the App Store and also at the Google Play Store but always ensure the developer is Citizens Bank, N.A.

Yes! You can get a link to the App Store or to the Google Play Store on our website, but you cannot download the app directly from there without visiting the App Store or Google Play Store.

You want the convenience of the Citizens Mobile App, but where and how do you download the trusted version?

The internet
The Google Play Store and the bank website
The App Store and Google Play Store
The App Store and Google Play Store. And, don't forget to confirm the developer is Citizens Bank, N.A.

Nice try! We highly recommend setting up these alerts to add an extra level of security to your account. Alerts make it a lot easier to identify any unusual transactions/behavior. You must enroll in alerts because Citizens will not automatically send them to you.

No, that's not it! We are happy to hear you'd like to set up your alerts! Alerts make it a lot easier to identify any unusual transactions/behavior. You must enroll in alerts because Citizens will not automatically send them to you.

So close! It's great that you have the alerts set up on your devices so you can spot anything suspicious right away, but please review them as soon as you receive them to avoid fraudulent activity.

Fantastic! Alerts are designed to ensure that all transactions and activities were made by you. Periodically check or change your alert settings to ensure they still meet your needs. 

You want the peace of mind to ensure you are aware of any unusual activity on your online banking accounts, but how do you do so?

Citizens sends me alerts without me having to do anything. 
I'm interested, but I don't have it set up and have no idea on how to do it.
I have alerts for my expenses, but very rarely look at them! 
I have alerts for all my expenses and make sure to always check details!

Nope! Opening banking apps on public Wi-Fi may leave you exposed to various security breaches. Use your banking apps only on private or secure Wi-Fi connections (they'll have a password and a padlock next to them).

That may not be a good idea, as opening banking apps on open Wi-Fi or Wi-Fi hotspots can leave you vulnerable to security breaches. Make sure you use a private or secure Wi-Fi connection before opening your banking app. 

Nice try! We understand that in some extreme situations it may be difficult to get a secure connection, but please remember that opening your banking app in Wi-Fi hotspots or unsecured locations comes with risks — and may lead to security breaches. 

Great! Using secure connection to open your banking app greatly reduces the risk of potential security breaches.

You're at your favorite coffee shop and you need to check your account balance, do you sign into your banking account on the public Wi-Fi?

Yes, all the time!
Sometimes when I'm having coffee or a drink in public, I will open my banking app to check details using open Wi-Fi.
Never, only my own secure Wi-Fi.
Not unless it's the only option available for some reason.

No, that's not it! Security updates (also known as patches) are vital periodical updates that fix vulnerabilities on software — making sure apps are always up-to-date security-wise. They need to be updated, as all apps constantly need maintenance and fixes in order to be safer for use. We recommend always setting up your device to automatically update them. This way, you'll always have the most recent version of all apps.

Nice try! We suggest setting up your devices to automatically update security patches/updates. Those notices would disappear since your devices would be updating themselves without the need for you to do anything. Plus, your apps would always be up-to-date security-wise, making your apps as safe as possible!

So close! We're happy to hear that you update your apps/security patches — we recommend you consider giving the automatic updates a try! You'll see that they will not only save time, but when you have to update everything manually, you might miss something.

Correct! By setting up your devices to automatically update security patches, you'll always have the latest version of your software installed — keeping them up-to-date security-wise. 

You get a notice on your phone saying you need to update your operating system or install a security update, what do you do?
I download and install the update as soon as it's available to ensure my device has the most up-to-date security features against known threats.
I'm not sure about the meaning of “security updates” on my devices — or why I would need to update them.
I don't have anything set-up automatically on my devices and receive plenty of update notices as well — but never really see the need to update anything. 
I update everything manually, I'm not keen on letting my devices update automatically.

Guess again! While jailbreaking or rooting could give you more freedom, you are opening yourself up to greater risk for cyberattacks. It could also expose you to bad apps containing malware.

No, that's not it! Jailbreaking or rooting is the act of changing your phone's software to remove the restrictions and limitations imposed by Apple or Google. Not only could this invalidate your phone's warranty, it could expose you to bad apps containing malware and put you at greater risk for a cyber attack.

So close! Jailbreaking or rooting removes security features on your phone which can affect the performance of your device, but more importantly, leave you more vulnerable to attacks. Jailbreaks rely on security holes in your phone's operating system. Cybercriminals can also take advantage of these same security vulnerabilities to hack into accounts and steal information.

Excellent! Not only could jaibreaking or rooting invalidate your warranty, it could expose you to bad apps containing malware, putting you at greater risk for a cyber attack, cause crashes and freezes, and shorten battery life.

Would you consider jailbreaking or rooting your mobile device?

Yes, I want to download apps from anywhere and have control over my operating system.
What is jailbreaking and rooting?
No, it could remove security features on my phone and cause it to behave erratically.
No, because I know jailbreaking (iPhone) or rooting (Android) could make my device vulnerable to attacks from malicious apps. 

Never respond to social media quizzes asking for personal information. Your mother's maiden name and the street you grew up on are common answers to security questions. Other quizzes are designed to collect multiple common security answers, such as first car, first pet, etc. Be aware of anything you post on social media, including photos/post tags, that could contain any personal information a fraudster could use.

You are getting there! Sharing fake answers for only SOME is one thing, but you should not share ANY real personal information at all. Even though fraudsters cannot use your "fake" answers, they can potentially compromise your profile, which could contain accurate information. Be aware of anything you post on social media, including photos/post tags, that could contain any personal information a fraudster could use.

You are almost there! Sharing fake answers may be fun, but avoidance of these quizes altogether is your best route. Even though fraudsters cannot use your "fake" answers, they can potentially compromise your profile, which could contain accurate information. Be aware of anything you post on social media, including photos/post tags, that could contain any personal information a fraudster could use.

Excellent! You know not to freely share your personal information for a fraudster to steal.

You come across a fun multiple choice question or "celebrity name" quiz that asks about the street you grew up on and your mother's maiden name. Do you respond?

Yes! Some answers are really funny.
I respond, but may change one or the other to make it appear more humorous.
I respond but use fake answers.
Never, as these are common security questions and provide fraudsters with your personal information.