By selecting and reading the topics below, you can learn about how TriWest protects your information and how you can conduct business online safely.
Learn how TriWest protects your accounts
The privacy and security of your account information are very important to us. TriWest uses the following features and technologies to help ensure the security of your personal and financial information during online transactions.
- Web browser encryption. To access your accounts through TriWest.com, your Web browser must support 128-bit encryption and Secure Sockets Layer (SSL) version 3.0 protocol. These technologies provide the highest level of security and privacy when you access account information, initiate online account transactions, or send secure messages.
- User name and password protection. The length and complexity of your TriWest username and password are determined by the Department of Defense and implemented accordingly. After multiple unsuccessful logon attempts, your account will be disabled as a precaution. If your account is disabled, you can restore access by calling TriWest and answering your preselected security questions.
- Security questions. You'll be asked one of the security questions you chose if you call and request a password reset.
- A time-out feature. Secure areas of our site have built-in timers that terminate your access after a specified amount of time with no activity to help reduce the possibility of unauthorized access from an unattended computer. When you finish viewing your account information, log off the site and close your browser.
- Extra verification. We'll send confirmation letters or e-mails when changes are made on your account. If you receive a letter confirming a change you did not authorize, contact TriWest immediately.
In addition to these safeguards, TriWest will never:
- Send an e-mail asking for your personal account information.
- Ask for your Web password in an e-mail or request it via the phone or U.S. mail.
- Display a popup warning or security alert when you log on if you've kept your Web browser up to date. If you do encounter a logon security message, close the window and ensure your computer anti-virus is up to date and computer patches are current.
Back to Top
Guard against online fraud and scams
Con artists have devised clever ways to trick people into revealing personal information online, including schemes known as "phishing" and "pharming." Precautions taken by TriWest—and you—can help keep your information secure.
Here's what you need to do
As you conduct business online, taking a few simple precautions can go a long way toward protecting your personal information.
- Verify website security. Make sure the website has the proper encryption by first verifying that the Web address (URL) begins with https://. Then mouse-over the padlock image (depending on your browser) in your Web browser window to show the security. You can also double-click the image to get additional information on SSL security.
- Check your last logon date and time. TriWest.com will display the last time you, or someone authorized by you, logged on to your account. Contact us if you suspect the last logon date and time don't match the last time you logged on.
- Log off and close your browser. TriWest recommends that after accessing your account information online you click Log off at the top of the page and close your Web browser. Some of your account information can stay in your browser's memory until the browser is closed.
- Open all TriWest communications in a timely manner. We provide confirmations through U.S. mail and e-mail for online transactions. Watch for these confirmations and if you have any questions about a confirmation statement, contact us immediately.
- Take caution when using public computers. Be cautious when using public computers (especially when traveling abroad and those found at libraries, Internet cafés, and schools), or using shared ones, such as home computers. You don't know what may be installed on these computers. Public computers are traditionally on open networks and can be susceptible to monitoring without your knowledge.
- Use wireless technology safely. If you have a wireless network at home, make sure to follow manufacturer's guidelines to secure your network. If you're not sure how, contact the manufacturer for assistance. If possible, don't check your accounts over a public wireless Internet connection.
- Update your software. Keep your computer software up to date. TriWest recommends you enable automatic updates to ensure your computer operating system always receives the recommended security updates. It is also recommended you keep third party applications such as Adobe Acrobat Reader and Adobe Flash up to date as these programs have a history of being attacked more the operating system itself.
- Review your credit report. Review your credit report every four to six months for unauthorized activity. Go to http://www.annualcreditreport.com/ to receive your free credit report or call 877-322-8228. You can also contact any of the following credit reporting agencies.
Phishing attacks seek to gather personal information, such as Social Security numbers and passwords, to access victims' accounts. A phishing attack often appears as an unsolicited, but authentic looking, e-mail that may threaten to close your account unless you verify some information. Although the links in the message may look like a familiar website address, they may point to a fake website that gathers the information you enter. Criminals then use that information to steal a person's identity.
TriWest will not ask for personal information such as your Social Security number, account numbers, or passwords in an e-mail. Do not respond to, open an attachment in, or click on a link within an e-mail if you suspect the message is fraudulent.
Phishing e-mails typically include typos and other mistakes, terms the company may not use, or e-mail addresses that look different than ones the company uses.
Pharming is another type of online attack where website names (such as www.TriWest.com) are changed to point to an attacker's numeric Internet address (the "IP address") instead of TriWest's legitimate IP address. Successful pharming attacks are less common than they were a few years ago; however, it's possible for an attack to be temporarily successful against poorly protected servers.
To guard against pharming, TriWest webpages that display your account information, or allow you to make changes, use Secure Sockets Layer (SSL) technology. SSL webpages start with "https://" instead of "http://". One of the advantages of SSL is that your Web browser verifies the identity of the server. If an attacker successfully changed a website name so that a secure TriWest.com address brought you to an attacker's site that looked like TriWest.com, your browser would display a warning. The warning would say the name on the certificate does not match the name of the site. If you encounter a similar message, don't access the page.
Back to Top
Secure your computer
If you're a TriWest customer, you probably already know that we take protecting your privacy seriously. We're always reviewing and upgrading our security procedures and equipment. But have you done your part? Read on for some tips on how to protect your computer.
Update computer software
Your computer uses many pieces of software, including an operating system (such as Windows, Mac OS, or Linux), Web browser software, and other applications for finances, personal productivity, and entertainment. Threats from viruses and attackers often take advantage of vulnerabilities in these software packages. Most vendors offer a system to help customers keep their computer software up to date. Contact the software vendor directly to access any available updates.
Malicious code such as viruses, worms, and Trojan horses can infiltrate personal computers, allowing attackers to compromise the integrity of software packages or even take control of your computer. It's up to you to protect your critical information.
Fortunately, it's easy to safeguard your computer against viruses and malicious code. First, install antivirus software to protect, detect, and repair attacks from most viruses. Second, and just as important, ensure that software is up to date. New viruses appear daily. Your antivirus software is only as good as its last update.
High-speed Internet access is now available to most U.S. residents, offering tremendous speed and 24-hour connectivity to the Web. But being continuously connected to the Internet exposes your computer to online threats. Hackers' virus-like worms are constantly "knocking on doors" looking for available targets. You can help protect your computer by using a firewall.
Personal firewall software takes its name from the barriers built into cars and buildings that separate potentially hazardous environments from protected areas. Similarly, firewall software on computers protects them from the hazards of the Internet by monitoring the types of activity or attempted activity between the computer and a network. Computers guarded by a firewall can refuse attempted connections that aren't initiated by you or that are suspicious.
TriWest recommends that all customers install, use, and update personal firewall software. You should also look for included firewalls if you're purchasing home networking equipment such as a router. As with antivirus software, your firewall software must be kept up to date.
Spyware protection/Anti-spyware software
Even computers that are protected by a firewall and safeguarded against viruses can be targeted by spyware. Spyware is software that appears to offer some tangible benefit, but actually monitors your behavior, typically to deliver targeted popup advertising. This illegal access is often used to intercept the user IDs and passwords to your online accounts. TriWest recommends that customers install anti-spyware software and configure it to scan your computer weekly, at a minimum. This will help combat and remove spyware from your computer.
There are additional ways to help protect yourself and your computer from spyware:
- Verify any software you install on your computer. If you encounter a Security Warning window when installing a program that reads "Do you want to install and run [name of program] issued by [name of company]?" and you do not recognize the company, click No to stop the install.
- Install a popup blocker to prevent spyware popup windows. (Spyware is often installed after clicking deceptive links in popup windows.) Note: You may want to change the settings in your popup blocker program to allow for popup windows on TriWest.com and other reputable sites that you use.
Back to Top
Create a strong security profile
The information in your security profile, including your password and security questions and answers, is your best line of defense on the Internet. If this information becomes compromised or is easy to guess, unauthorized users are more likely to get through technological controls designed to keep them out. Here are a few tips for keeping this personal information safe:
- Never share your password or user name with anyone or store them on your computer.
- Practice smart password management. Create longer user names and passwords; generally, they're more secure than shorter ones. On TriWest.com, passwords can contain up to 50 characters.
- Use a unique user name, password, and set of security questions and answers for TriWest's site. Use different combinations for hobby or leisure websites.
Passwords can be secure and memorable
You can create a password that's difficult for someone to guess, yet still memorable to you. Try one of these suggestions to create a strong password:
- Combine two or more words or abbreviations with numbers. For example, cpu34ch!P.
- Remove vowels from a phrase and add numbers. For example, Swim twenty laps becomes Swm20lps!.
- Abbreviate a favorite phrase. For example, I ride my bike 50 miles every Saturday becomes Irmb50mes!.
Note: Do not use any of these examples as your password.
- Use famous people's initials. For example, a list of U.S. Presidents including George Washington, Abraham Lincoln, and Thomas Jefferson becomes 1gw2al3tj!.
Password dos and don'ts
Your TriWest.com password should be:
- Composed of letters, numbers, and a special character.
- Different than your passwords on other hobby or recreational sites.
- Changed on a regular basis. Please note the new TriWest.com password must be different than any of your previous 5 passwords.
Your TriWest.com password should not be:
- Written down or stored on your computer, unless encrypted within a password manager program.
- A common word or close variation.
- Comprised of anyone's social security number, name, or other personal information.
- Comprised of three or more sequential letters, numbers, or keyboard patterns (e.g., QWERTY).
- A repeat of any of your previous 5 passwords.
Back to Top
Tips for creating security questions and answers
When you enter an answer to your security question, it must exactly match the answer we have on file. Otherwise, the system will reject your entry.
To create security answers you can remember in the future, follow these simple tips:
- Choose questions you can answer consistently. If you answer the security question "What is your favorite hobby?" with "golfing," the system will reject "golf" in the future.
- Use one-word answers whenever possible. Avoid qualifiers such as "the," "and," "inc.," "co," etc.
- Note the emphasized words in the questions. For example, if your security question is "What is your current best friend's FIRST NAME?" don't put "John Smith."
- Be careful with people's names. When using a friend's name as an answer, make sure to use his or her familiar name. That is, if you call your friend "Jimmy," don't use "James" as your security answer.
- Pay attention to instructions. If the question asks for your wedding anniversary, note the preferred format (MMDD).
- Be careful with spaces. If you use "El Paso" as an answer to one of your security questions, the system will reject "ElPaso."
- Avoid using quirky or nonsensical answers. You probably won't remember them later.
- Do not use profanity.
Back to Top