Preventive measures for your business.

Your business is important to you, your customers, and Banco Popular. It’s essential that you take preventive measures to protect it. Discover how you can make your business more secure.

Preventive measures for your business

Passwords

Choose passwords that are hard to decipher. Avoid choosing a password that is easy to guess, like the name of your business or the date of your birth. We suggest your passwords contain at least 8 characters and include numbers and both uppercase and lowercase letters. Change them periodically and don’t share them with anyone.

It’s best not to write down your passwords anywhere, but if you find it difficult to remember them all, keep them in an encrypted file on your computer. This way you will only need to remember one password.

Email / Phishing

It’s important to be alert when opening your business emails. There are many methods used by hackers that can put your confidential information at risk.

"Phishing" is a technique used by hackers to gain access to your information or your system, using an email designed to imitate a financial institution or government agency. Through this email, they ask for sensitive information about your business—bank account number, bank routing number, debit-card PIN, etc.—or asks you to verify your credentials. What should you do? Just don’t click on any link.


Some types of phishing:

CEO fraud: A message in which a person passes himself off as the head or top executive of a company, ordering the transfer of funds to a bank account due to an emergency.

Fake provider: Notification by a fake provider asking for a change to an account number or the immediate payment of a fictitious invoice in order to avoid cancellation of service.


Other techniques:

  • Offers that are too good to be true, with incredible investment opportunities
  • Links to fake websites of “prospective suppliers”
  • Pop-ups with ads, messages, or a window to go to an unsolicited webpage

If you or one of your employees opens one of these suspicious emails or provides sensitive information, take action immediately. The best defense: corroborate the information by several means. You should formulate a policy for providing information electronically and for the proper use of emails and the internet in the office, and discuss it with your employees. It is also recommended to save any evidence of fraudulent activity for investigation purposes.

Find more tips for identifying suspicious emails here; you can also learn more about phishing with the article: Protect your business against malware and phishing.

Learn more about preventive measures for your business with the articles: Fraud Prevention Best Practices, Don’t let fraud ruin your business, and Checklist: How to prevent fraud from taking place in your business.

Information systems

Make sure that all of your computers, tablets, and cell phones are protected with antivirus and anti-spyware programs. Be careful about using free antivirus or anti-spyware programs, as they may not be effective against the latest threats, and don’t install programs downloaded from the internet if you don’t know where they came from.

If you’re using broadband such as DSL or cable, install a firewall to limit the possibility of unauthorized access to your network and computer. If you use payment methods systems in your business, install a firewall and separate the transactions made with debit or credit cards into a specific network.

If a computer becomes contaminated with malware, remove it from the network immediately. This will allow you to protect other devices throughout your business. In addition, make system backups and update them regularly. This will prove useful in case your business falls victim to ransomware or malware that produces a loss of information.


Verify and constantly update your:

  • Card readers
  • POS systems
  • Computer network and internet router
  • Paper records of payments made by card
  • Methods for transmitting and storing computerized data on payments made by card
  • Apps for internet purchases to your business

Set up internal controls:

  • Make a habit of reviewing your accounts each day and pay attention to both your balances and transactions in process.
  • Restrict the physical access to your customers’ information by closing-off and limiting external access to the system you use for processing and storing debit and/or credit cards.
  • Implement controls to segregate functions and internal levels of approval with Web Cash Manager℠1.

Cash register

Your cash register transactions should be made through an isolated internet connection. That way you can prevent the possibility of hackers gaining access to the information exchanged in those transactions. Hackers use their technological skills to obtain unauthorized access to computer systems or networks and where they can commit crimes such as identity theft, data theft, and virus contamination.

To protect your clients’ information and preserve their trust, design and implement a layout for your checkout terminals that makes installing card-cloning devices on your point of sales machines practically impossible.

Wi-Fi connection

If you offer Wi-Fi to your customers, consult with an expert and ask him to help you configure and segment your network. Don’t use the same internet connection that you use to access your commercial bank accounts for sending and receiving emails or managing your social media.

You should never use a public computer to access your commercial accounts. If you go to a cyber café or a restaurant with Wi-Fi (including airports) don’t use their network to monitor your accounts. Remember that a hacker connected to that same network can gain access to your information. Also, when conducting online transactions, close all other open tabs on your web browser.

1Product offered by Banco Popular de Puerto Rico. Web Cash Manager consists of various modules that can be acquired based on the needs of your business. Each module entails different fees, which may vary based on the modules selected. For additional information on the costs, contact your relationship officer or our Business Banking Center at 787-756-3939 or 1-855-756-3939. This service is not available in countries that are subject to the U.S. Treasury Office of Foreign Assets Control (OFAC), commercial embargoes or economic sanctions programs. The Web Cash Manager service entails fee charges.