Stained Glass

Security Header

  1. Phishing
  2. Identity Theft
  3. Corporate Account Takeover
  4. USA Patriot Act
  5. Fact Act
  6. Security Checklist
  7. Unlawful Internet Gambling Enforcement Act
  8. Lost/Stolen Debit Card
  9. Fraud Alerts

Phishing

What is Phishing?

There’s a new type of Internet piracy called "phishing." It’s pronounced "fishing" and that’s exactly what these thieves are doing: "fishing" for your personal financial information. What they want are account numbers, passwords, Social Security numbers and other confidential information that they can use to loot your checking account or run up bills on your credit cards.

In the worst case, you could find yourself a victim of identity theft. With the sensitive information obtained from a successful phishing scam, these thieves can take out loans or obtain credit cards and even driver’s licenses in your name. They can do damage to your financial history and personal reputation that can take years to unravel. But if you understand how phishing works and how to protect yourself, you can help stop this crime.

How does Phishing work?

  • In a typical case, you’ll receive an email that appears to come from a reputable company that you recognize and do business with, such as your financial institution, government agency or a credit card company. Phishing can also occur by phone.
  • The message will describe an urgent reason you must "verify" or "re-submit" personal or confidential information by clicking on a link embedded in the message.
  • The provided link appears to be the website of the financial institution, government agency or other well-known/reputable entity, but in "phishing" scams, the website belongs to the fraudster/scammer.
  • Once inside the fraudulent website, you may be asked to provide Social Security numbers, account numbers, passwords or other information used to verify your identity such as mother’s maiden name or place of birth.
  • Once this information is provided, those perpetrating the fraud can begin to access your accounts or assume your identity.

Identity Theft

How to Protect Yourself

  • Never provide your personal information in response to an unsolicited request.
  • If you believe the contact may be legitimate, contact the financial institution yourself.
  • Never provide your password over the phone or in response to an unsolicited Internet request.
  • Review account statements regularly to ensure all charges are correct.
  • Do not be intimidated by an email or caller who suggests dire consequences if you do not immediately provide or verify financial information.
  • If you fall victim to attack, act immediately to protect yourself. Alert your financial institution(s). Place fraud alerts on your credit files.
  • Report suspicious emails or calls to the Federal Trade Commission through the Internet or by calling 1-877-IDTHEFT.

Corporate Account Takeover

Corporate Account Takeover is a form of corporate identity theft where cyber thieves gain control of a business' bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts controlled by the thieves. Businesses with limited to no internal computer safeguards and disbursement controls for use with the bank's online banking system are vulnerable to theft when cyber thieves gain access to their computer systems, typically through malicious software (malware). Malware infects a business' computer system not just through 'infected' documents attached to an email but also simply when an infected Web site is visited.

Areas of Risk include online access of...

  • Wires
  • ACH
  • Bill Pay
  • Remote Deposit

How to Protect Yourself

  • Protect your Passwords and Tokens.
  • Do not share User ID, Password or Tokens.
  • Update virus anti-malware and computer software (PATCH Management Process).
  • Regular review of balances and transactions especially near the end of the day.
  • If you suspect any suspicious transactions please notify the bank immediately.
  • Request limits as low as possible, as it is easier to request a one time exemption than recover money that has been taken fraudulently.
  • Train all staff members and make aware of Corporate Account Takeover.
  • Be aware of Phishing (see above for more details).
  • If possible use dual control procedures such as having separate devices to initate and verify wires/ACH transactions.

U.S.A. Patriot Act

In the aftermath of September 11, 2001, President Bush and the Congress passed
U.S.A. Patriot Act into law on October 26, 2001.

In an effort to protect you and our country, the USA Patriot Act states we must:

  • Verify the identity of any person seeking to open an account relationship or who routinely conducts other banking transactions. This shall include but is not limited to Loans, Deposits, Safe Deposit, and/or purchases of cashiers checks and money orders;
  • Maintain records of the information used to verify the person’s identity including name, address, and other identifying information.

Grand Bank proudly supports these efforts to protect and maintain the security of our customers and our country, and will follow this law by obtaining picture identification and verifying other information given by the customer.

The Fact Act

Your individual credit report is one of the most important gauges of your financial health. It is a summary of your financial reliability, telling lenders about your history of paying bills and is used by them to decide whether to loan you money and how much to loan.

A new law makes it easier than ever to access your credit report and to change any errors it might contain, a major step toward establishing and maintaining your good credit and preventing identity theft. The Fair and Accurate Credit Transactions Act (FACT Act) assures you free access to your credit report annually from each of the three credit reporting agencies: Equifax, Experian and TransUnion.

To obtain your free credit reports contact:

Annual Credit Report Request Service
P.O. Box 105281
Atlanta, GA 30348-5281
Phone: 877-322-8228
www.annualcreditreport.com

Security Checklist

To help ensure that your Grand Bank online banking is secure, the following are some ways we are working to protect your private information and steps you can take to protect your privacy.

E-mail is unsecured.
Do not send confidential information such as account numbers or social security numbers through e-mail.

Firewall
A firewall is an electronic buffer that stands between the Internet and the Grand Bank server where access to Grand Bank online banking is managed. The firewall allows only authorized users to have access. The Grand Bank computer where Grand Bank online banking is hosted is not directly connected to the Internet.

Individual ID & PIN Information
You must enter a series of unique User ID and PIN number information to access your Grand Bank account. If your information is entered incorrectly three consecutive times you will automatically be "locked out" of our system. Please select a PIN that you can remember, (without writing it down) but that does not use information that can be easily guessed by someone such as birthdays, children’s or pet’s names, etc. Do not reveal your User ID and PIN to anyone. We also recommend that you change your PIN frequently (Grand Bank requires change every 90 days and will never solicit your PIN from you).

Automatic Log-off
Please log-off completely from Grand Bank Online when you have finished your online banking and never leave your computer unattended while you are logged into your Grand Bank Online Account. If you are logged into your Online Account but do not perform any activity for 10 minutes, you will be logged off automatically.

The Unlawful Internet Gambling Enforcement Act

The Unlawful Internet Gambling Enforcement Act of 2006 prohibits Grand Bank from processing restricted transactions through your business account. Grand Bank has elected not to offer accounts to organizations that offer or sponsor Internet gambling, and per the account deposit agreement you agree not to use your debit card(s) or make other electronic funds transfers for unlawful Internet gambling or other illegal purposes. Commercial accounts receiving or processing Internet gambling transactions are subject to closure.

Lost/Stolen Debit Card

In the event that your debit card is lost or stolen, please contact the bank immediately at (972) 735-1000 during normal business hours, or at 1-800-554-8969 for after hours assistance.

Fraud Alerts

On January 11, 2013, PULSE received reports of credible intelligence that fraudsters were planning a coordinated ATM "cash-out" event in the next few days. The potential attack that has been identified may be targeted at prepaid accounts. A cash-out event occurs when hackers gain access to the card parameter information allowing them to manipulate daily withdrawal amount limits, card balances and other card parameters in order to withdraw large sums of cash from ATMs. Monitor your accounts daily and notify the bank of any suspicious activity. On the weekend or after hours contact the number on the back of your debit card.