Security Best Practices

Protecting your personal information is key to preventing unauthorized access to your life.

Protecting Your Personal Information

Here are some steps that you can take to ensure your identity and information are as safe as possible.

Monitor your accounts frequently. Review your accounts and monthly statements to ensure that all information is correct. Additionally, review your credit report annually. Immediately report any discrepancies.
Verify the contact. Do not provide confidential information via email, text message, or phone call unless you initiated contact. When responding to requests, use a telephone number or web site address you know to be legitimate.
Beware of "free" offers. Beware of unsolicited requests for cash or account information in exchange for a prize or gift. Remember, if it sounds too good to be true, it probably is.
Travel light. Only carry what is necessary in your wallet or purse. Photocopy the front and back of your driver's license, passport, and credit cards and store in a secure place in case they are lost or stolen.
Protect documents. Keep sensitive documents in a safe place, shred all personal and financial information before discarding, and don’t discard receipts at ATMs and gas pumps.
Practice password safety. Create a strong password for each online service (10 characters, including mixed case letters, numbers, special characters). Change them frequently.
Protect yourself online. Verify use of a secure session (https:// not http://) in the browser when banking online and when making online purchases. The browser may display a lock icon or other indicator of a secure session, but that varies by the browser and its settings.
Beware of shoulder surfers. Be aware of your surroundings when entering your Personal Identification Number (PIN) or any other sensitive information at a point-of-sale terminal, an ATM, or in your computer, phone, etc.
Delete emails from senders you don't recognize. If you get an email that you think is from a person or company you recognize, use caution when clicking on embedded links. If you are suspicious, type the address into your browser instead of clicking the link. Be similarly cautious of email attachments.
Report. Notify your bank immediately if you discover that your checks, debit cards, or credit cards have been lost or stolen. Close accounts that you know or believe have been tampered with.

Protecting Your Business Information

Here are some steps that you can take to ensure your identity and information are as safe as possible. The First Horizon Family of Companies is committed to providing your company with the latest in secure technology for conducting your business or corporate banking. However, there are some important steps you can take to ensure your own internal security.

Conduct reconciliation of all banking transactions on a daily basis.
Initiate ACH and wire transfer payments under dual control, with a transaction originator and a separate transaction authorizer.
Familiarize yourself with our account agreement and with your liability for fraud under the agreement and the Uniform Commercial Code as adopted in the jurisdiction. You can also educate yourself with tips on combating fraud in your business.
Stay in touch with other businesses to share information regarding suspected fraud activity.
Immediately escalate any suspicious transactions, particularly ACH or wire transfers. There is a limited recovery window for these transactions and immediate escalation may prevent further loss.
Employ best practices to secure computer systems including:

If possible, for businesses that transact high value or large numbers of online transactions, it is recommended that all commercial online banking activities be carried out from a stand-alone, hardened and completely locked down computer system from which email and web browsing are not possible.
Be suspicious of emails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on Weblinks in suspicious emails could expose your system to malicious code that could hijack your computer.
Install a dedicated, actively managed firewall, especially if you have a broadband or dedicated connection to the internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers.
Create a strong password with at least 10 characters that includes a combination of mixed case letters, numbers and special characters.
Prohibit the use of "shared" usernames and passwords for online banking systems.
Use a different password for each website that is accessed.
Change the password a few times each year.
Never share username and password information for online services with third-party providers.
Limit administrative rights on users' workstations to help prevent the inadvertent downloading of malware or other viruses.
Install commercial anti-virus and desktop firewall software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
Ensure virus protection and security software are updated regularly.
Make certain computers are patched regularly, particularly operating systems and key applications with security patches. It may be possible to sign up for automatic updates for the operating system and many applications.
Consider installing spyware detection programs.
Clear the browser cache before starting an online banking session in order to eliminate copies of web pages that have been stored on the hard drive. How the cache is cleared will depend on the browser and version. This function is generally found in the browser's preferences menu.
Verify use of a secure session (https not http) in the browser for all online banking.
Avoid using automatic log-in features that save usernames and passwords for online banking.
Never leave a computer unattended while using any online banking or investing service.
Never access bank, brokerage or other financial services information at internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account number and sign-on information, leaving you vulnerable to possible fraud.

Keep these in mind as you use your smartphone to help prevent fraud.

Protecting your account information is critical in preventing unauthorized access to your account.

If you are traveling and plan on using your First Horizon Bank debit or credit card, give us a call.

Safeguarding your smartphone

With the increasing popularity of smartphones, more and more people are using apps to conduct personal business online – business that often requires the use of sensitive information such as bank account numbers, credit card data, or passwords. While your smartphone can make life simpler, you should also be aware of potential threats to the security of your smartphone and the precautions you can take to keep it secure. There are three areas where smartphone users can potentially fall victim to fraudulent activity.

Lost phones – if you've owned a smartphone for any length of time, chances are you've probably misplaced it, at least temporarily. The danger here is that, if you've made purchases on your phone or, perhaps, conducted banking activities with it, someone who finds or steals your phone may be able to extract sensitive personal information from it.

Set PINs and passwords on your phone’s home screen to prevent unauthorized access to your phone. Configure it to automatically lock after 5 minutes or less of being idle.
Wherever possible, use different passwords for each of your important log-ins.
Don’t modify your smartphone’s security settings, as it can undermine valuable built-in security features.
Keep your smartphone’s operating software up-to-date by enabling automatic updates from your service provider. You may also want to install trustworthy security apps that allow you to remotely locate and erase all of the data stored on your phone.
Always report a stolen phone. Wireless providers in conjunction with the Federal Communication Commission (FCC) have established a stolen phone database that will help your provider prevent your phone from being activated without your permission.

App downloads – hackers often use apps to entice smartphone users into downloading malware that can steal information or cause damage to your phone.

Only install apps from trusted sources. If you have doubts, you can check user reviews, confirm the legitimacy of the app store, and compare it to the app sponsor’s official website.
Understand app permissions before you select to download. Check the privacy settings for any app you want to install and use caution when granting permissions for an app to have access to your personal information. You should also review the app provider’s privacy policy.
You may also want to install security apps that allow you to remotely locate and erase all of the data stored on your phone.

Surfing on open Wi-Fi networks – cybercriminals often use unprotected Wi-Fi hotspots to target people online.

Avoid public hotspots and instead use protected Wi-Fi from sources you trust or your own mobile wireless connection.
Ignore pop-ups or prompts to download software. They are often a hacker’s attempt to infect your phone with malware or spyware.
If you don’t get automatic updates, manually update your smartphone’s security software before you travel. Wi-Fi in airports and hotels can be potentially troublesome if your smartphone is not fully protected with the latest security updates.

Multi-Layered Mobile Banking Security– when you use Mobile Banking, you can be certain that your personal information is protected. Our security measures are delivered in a multi-layered platform that offers you security at each level of your Mobile Banking experience.

At enrollment – you will provide credentials upon first use, and your identity is then verified by answering challenge questions generated by an existing authentication system. Once verified, you can use the device to immediately access mobile banking functionality.

Logging in – initiating a secure session requires two factors of authentication: 1) Your confidential passcode; 2) Confirmation of the correct end user device. Without both, authentication will not occur and log-in is prevented. Our process requires that our Mobile Banking users must have previously proven to the bank that the device being authenticated is in the user’s possession and is authorized for access.

Confirming transactions – our systems periodically present mobile users with step-up challenge questions in response to transfer, payment, and check deposit transactions deemed high risk or suspicious. This safeguard provides you with an extra level of security before a transaction is approved.

Safeguarding your card

First Horizon Bank is committed to providing you with the latest in secure technology for conducting your personal card and/or banking transactions. Protecting your account information is critical in preventing unauthorized access to your account. The following are a few methods criminals may use to obtain your card/banking information:

Card Skimming

Skimming devices that look and feel just like a card reader you use at an ATM or gas pump are inserted into the card reader or snapped over the terminal. These devices read your card data as your card is inserted into the terminal, and have the ability to transmit that data in real-time or store the data for future use.
Sometimes criminals use hand held devices to skim your card (such as an insert into an iPhone or iPad).

How can I prevent it?

Before using your card, inspect the terminal you are using. If there are any visible signs of tampering, or the terminal looks out of place, you should not use the machine and report it to the attendee/operator in the store where you are attempting to make the purchase. If you are using an ATM, report it to your bank representative, or call the number on the back of your card for assistance.
Do not use your PIN at a gas pump when using your debit card. In many cases, criminals have placed a small camera over the PIN reader to capture your PIN as you enter it. If you must use your PIN, cover the PIN pad with your hand to prevent a camera from recording while it’s entered.
When you have to hand your card over to an attendant or cashier to make a purchase, pay attention to what they are doing with your card. Ask them if possible, to please run your card in your presence.
If available, always insert your card into the merchant terminal. This is more secure and can prevent your card from being counterfeited.
When shopping online, be sure to look for the “secure transaction symbols” such as a lock symbol on the lower right of the screen.
Never give out your card number, PIN, CVV or personal information over the phone regardless of whether you initiated the call.

Additional Ways to Protect Your Card

Always use the chip. The encryption technology used in your chip cannot be counterfeited and helps to keep your card information secure.
Never give out your card number, PIN, CVV or personal information over the phone regardless of whether you initiated the call. Remember, to protect your security, the bank is not going to ask you for your account information and/or your PIN information.
Use Card Control functionality in Online Banking to restrict usage on your card.
If you have a First Horizon Bank Visa card, sign up for fraud text alerts to be notified when a suspicious transaction occurs.

Digital banking features that help you bank smarter, faster and safer.

Think you’ve been a victim of fraud? Here’s what to do.

To report confirmed fraud or suspicious activity on your First Horizon Bank account, or if a fraudulent account was opened in your name or with your Social Security number at First Horizon Bank, contact Client Services at 800-382-5465 or visit your local branch.

Call 800-382-5465

If you suspect an email or text message appearing to be from First Horizon Bank is fraudulent, do not submit any personal information and forward the email or text message to phishing@firsthorizon.com.

Email Us

Report any lost or stolen First Horizon Bank card(s) or check(s) immediately by calling Client Services at 800-382-5465 or visiting your local branch. Log on to Digital Banking to turn your card off to help limit or prevent unauthorized use.

Call 800-382-5465