Call Us: 888.647.1265
Home / Resources / Learning Center / Security Center

Security Center

Stay Alert for Scams

Your security is our top priority.  We want to remind you to stay vigilant against scams and fraudulent activity.  
 
Remember, First Bank will never contact you to ask for your personal or financial information, such as your PIN, password, or one-time codes, via phone, email, or text message.  
 
Do not click on links received in email or text messages or respond to call requesting your personal information.  Instead, contact us directly as 888.647.1265.  This number is listed on the back of your First Bank debit card.  Or visit your local branch.  
 
Thank you for helping us keep your accounts secure!
 

Fraud Prevention & Detection

Fraud and identity theft can disrupt your financial life both short and long term.  We provide tools and resources to help you understand how we can help each other keep your finances safe and secure.  

Never give out personal information.  Remember, First Bank will never contact you to ask for your personal or financial information, such as your PIN, password, or one-time codes, via phone, email, or text message.

Safeguard your email. Email is often used to transmit malware and commit fraud.  Practice good habit to protect your computer and your identity.

Don’t open attachments with odd filename extensions.  If a file has a double extension, it is likely this is a dangerous file and should not be opened.  Additionally, do not open email attachments with the endings .exe, .pif, or .vbs as these may be dangerous if opened. 

Never give out your email address or sensitive information to unknown websites.  Be cautious of providing any information that can be used others for fraudulent purposes.

Never provide sensitive information in email.  Your bank, your favorite online store, or social media account will not extract personal information from you through email. 

Think before you click. Fraudsters will create a sense of urgency to gain access to your account or device, don’t believe them. 

Be wary of poor design, grammar, and typos. Delete messages with typos, bad grammar, and poor design.  This is a tell-tale sign of fraud.

Check your credit report annually. The best way to detect identity theft is to monitor your credit report.

Pay attention to your finances. Check your accounts frequently through Online and Mobile Banking.  Set up alerts so you know when payments or deposits are happening.  If you haven’t already, sign up for eStatements to receive your statement sooner. Report lost or stolen checks or credit cards immediately.

Shred all documentation that contains confidential information.  (i.e. bank and credit card statements, bills and invoices that contain personal information, expired credit cards and pay-stubs).

 

In addition to the information provided here, commercial and small business account holders should institute additional security:

 

  • Learn more about First Bank’s fraud protection and detection services and enroll.
  • Notify the bank by 2:00 pm (ET) of the following business day if an unauthorized ACH transaction is posted to your account.
  • Verbally confirm change payment instructions using a known phone number. 
  • Verify urgent requests in person, even from executives or teammates, to process invoices, change payment recipients, or provide sensitive information.
  • Practice physical safety.  Lock your location every night.  Store sensitive papers such as checks, deposit clips, bank statements, and canceled checks in a secure location. Shred old documents as often as possible. Evaluate the exterior of your facility to deter burglars.  Change locks and passcodes when an employee leaves employment. 
  • Do not give your business account number to people you do not know.  Be aware of unsolicited phone calls requesting this information. 
  • Implement a dual process for those who prepare checks, sign checks, and reconcile your accounts.
  • Perform your own annual internal risk assessment & evaluation on all online accounts.
  • Ensure all company computers are equipped with up-to-date anti-virus software.

Report Fraud or Stolen Card

Your debit card is lost or stolen. 

  • Call us at 888.647.1265.
  • Monitor your accounts carefully for fraudulent activity. 

Your credit card is lost or stolen. 

You receive a suspicious email or text message.

  • Do not click on any links or open any attachments.  Do not use the contact information contained in the email.  Instead call us at 888.647.1265 to verify it was First Bank.  

If you think you are a victim of fraud.

  • Call us at 888.647.1265 or visit a local branch.

You are a victim of identity theft. 

  • Call us immediately at 888.647.1265 or visit your local branch. 
  • Contact the three major consumer credit bureaus to place a fraud alert on your file.  Be sure to request a copy of your credit report to identify any unauthorized activity.
  • Contact law enforcement and keep a copy of the police report to show creditors.
  • File a complaint with the Federal Trade Commission (FTC).
  • Monitor your accounts carefully.
 

Types of Fraud

Fraudulent activity comes in many different forms, all with the same goal to obtain your personal, confidential, and financial information. 

Identity Theft.  Using a consumer’s identifying information by another person, without permission, with the intent to commit fraud. 

Advanced Fee or Nigerian Letters.  These scams occur when you receive a communication such as a letter or email that requires you to pay a fee up front in advance of receipt of any goods or services. 

Foreign Lotteries.  You receive a call, email or letter claiming you have won a large sum of money in a foreign lottery.  They just need your account number to deposit the winnings.  They may also request that you pay several thousand dollars to customs, taxes, and the like.  Once you receive your check, they ask you to wire the funds for the fees, and you keep the remainder as your winnings.  The bad news? The bank verifies the check is counterfeit.

Telemarketing.  Telemarketing fraud occurs when they ask for a fee upfront, such as they can get you a credit card or loan, or they can repair your credit.  Be wary of telemarketers who use scare tactics or tries to intimidate you. 

Phishing/Smishing/Vishing/Quishing.  Fraudsters use unsolicited email (phishing), texts (smishing), phone calls (vishing), or QR codes (quishing) to obtain your sensitive personal information.  This communication may appear to be from a legitimate business.  There is typically a sense of urgency attached, further enticing the consumer to submit their personal information, who then uses that information to commit identity theft.

Sweepstakes.  The scam begins with a notification you have won a sweepstakes or prize.  The catch?  You must pay a fee to claim your prize.  A legitimate sweepstakes or contest will never require you to pay a fee.

Counterfeit Cashier’s Checks.  Scammers create genuine looking cashier’s checks to use to purchase goods and services.  The counterfeit check is deposited to a consumer’s account and the depositor uses those funds, thinking the check is legitimate. 

Data Security

First Bank is committed to safeguarding the information our clients and customers share with us. Unfortunately, criminals have many methods they can use to obtain this information from you without your knowledge including the Internet, over the phone or through the trash you throw away. We have compiled helpful information concerning identity theft and financial crime and how you can protect yourself.

Online Banking Security

First Bank's online banking services contain security measures to limit the possibility of unintended distribution of confidential information and the potential for fraud-related losses. The service runs on a robust operating system. State of the art firewall technology is the first line of defense in preventing unauthorized access to any information housed. Included in this operating system is the capacity to allow only secure connections by end users.

However, there are steps you should take to further protect yourself while online.

  • Do not write down your password and store it near your computer system.
  • Change your password periodically
  • Change your password immediately if you suspect it has been compromised.
  • Never share or give your username, password or security questions to anyone regardless of the circumstances.
  • Avoid using public computers to access your Internet Banking
  • Ensure that your computer is equipped with up-to-date anti-virus software protection
  • Do not provide any personal information to web sites that do not use encryption or other secure methods of protection
  • Update your computer with the patches as recommended by the operating system manufacturer

Selecting Strong Passwords

The objective when creating a strong password is to make it as difficult as possible for anyone to make an educated guess about what you have selected. However, it should be developed in a manner that makes it simple to remember without writing it on paper.

Words to Avoid When Creating Passwords

  • Do not use your or any family member's name, nickname, or initials in any form
  • Do not use your user ID in any form.
  • Do not use other information that can be easily obtained about you. This includes birth dates, telephone numbers, license plate numbers, or Social Security numbers
  • Do not use all the same character (i.e., 55555) or consecutive keys on a keyboard (i.e., QWERTY).
  • Do not use words that would appear in a dictionary as they can be easily compromised by password cracking programs that employ electronic dictionaries.

Tips for Choosing Good Passwords

  • Develop a method of creating a password that makes it easier for you to remember, thus eliminating the temptation to write it down
  • You can use a favorite phrase, selecting the first letter of each word to create your password. For added security, be sure to include at least one number. For example, "Win One For The Gipper" becomes the password WOFTG7.
  • Use two short words and connect them with a number. For example, THE8DUKE.
  • Use a word that you can easily remember but remove the vowels and replace them with numbers. For example, the word "Internet" becomes the password 1NT3RN6T.

System Timeout/Lockout

In order to prevent someone from gaining unauthorized access to your financial information, you should always log off the system before walking away. As an added level of protection, the Internet Banking system has a timeout feature that automatically terminates your session after a period of inactivity.

For additional protection, access to the system accounts will be locked after three unsuccessful login attempts.

Check Your Credit

Any consumer can request one free copy of his or her credit report per year. Reviewing your credit report can help you find out if someone has opened unauthorized financial accounts, or taken out unauthorized loans, in your name.
Contact the three major credit bureaus to request a copy:

USA Patriot Act

The USA Patriot ACT has paved the way for financial institutions to help prevent fraud, identity theft, money laundering activities and the spread of terrorism.  Federal law requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account.

What does this mean to you?

When you open a new account or request a loan, you may be asked questions to establish and confirm your identity. We will ask for your name, address, date of birth, and other information that will allow us to identify you. We may also ask to see your driver's license or other identifying documents such as a passport, U.S. taxpayer identification (ID) number, Alien ID Card, or any other government-issued document evidencing nationality or residence.

Reg E
How Does Regulation E Apply to Your Accounts with Internet Access?

Regulation E protects individual consumers engaging in electronic fund transfers (EFT). Non-consumer (or business) accounts are not protected by Regulation E.
An EFT is an electronic exchange or transfer of money from one account to another, either within a single financial institution or across multiple institutions initiated through electronic-based systems. The term includes, but is not limited to:

  • Point-of-sale transfers
  • Automated Teller Machine transfers (ATM)
  • Direct deposits or withdrawal of funds
  • Transfers initiated by telephone
  • Transfers resulting from debit card transactions, whether or not initiated through an electronic terminal
  • Transfers initiated through internet banking/bill pay

How does Regulation E apply to a consumer using internet banking and/or bill pay?

Regulation E is a consumer protection law for accounts established primarily for personal, family, or household purposes. Non-consumer accounts, such as Corporations, Partnerships, Trusts, etc. are excluded from coverage. Regulation E gives consumers a way to notify their financial institution that an EFT has been made on their account without their permission.

Is My Account Protected?

Any fraudulent or unauthorized EFTs are protected. For a description on what an EFT is under Regulation E please refer to the section "What is an EFT?"

What are the applicable protections provided to consumers under the Act for consumers who use internet banking and/or bill pay?

If you believe an unauthorized EFT has been made on your account, contact us immediately. If you notify us within two (2) business days after you learn of the unauthorized transaction, the most you can lose is $50. Failure to notify the bank within two (2) business days may result in additional losses.

No Liability Limit

Unlimited loss to a consumer account can occur if the periodic statement reflects an unauthorized transfer of money from your account, and you fail to report the unauthorized transfer to the bank within 60 days after we mailed your first statement in which the problem or error appeared.

Exclusions from Protection

The term EFT does not include:

  • Checks – Any transfer of funds originated by check, draft or similar paper instrument or any payment made by check, draft or similar paper instrument at an electronic terminal
  • Check Guarantee or Authorization – Any transfer of funds that guarantees payment or authorizes acceptance of a check, draft or similar paper instrument but does not directly result in a debit or credit to a consumer’s account
  • Wire or other similar transfers – Any transfer of funds through a wire transfer system that is used primarily for transfers between financial institutions or between businesses
  • Automatic transfers by account-holding institution – Any transfer of funds under an agreement between a consumer and a financial institution which provides that the institution will initiate individual transfers without a specific request from the consumer:
    • Between a consumer’s accounts within the financial institution
    • From a consumer’s account to an account of a member of the consumer’s family held in the same financial institution
    • Between a consumer’s account and an account of the financial institution, except that these transfers remain subject to § 205.10(e) regarding compulsory use and sections 915 and 916 of the act regarding civil and criminal liability. (Refer to “Coverage in Detail” section below for a detail explanation of protections provided under Regulation E)
  • Telephone-initiated transfers - Any transfer of funds that:
    • Is initiated by a telephone communication between a consumer and financial institution making the transfer; and
    • Does not take place under a telephone bill-payment or other written plan in which periodic or recurring transfers are contemplated.

Regulation E – Coverage in Detail

For a complete detail explanation of protections provided and not provided under Regulation E; please visit the following link as provided by the FDIC:

FDIC – Electronic Funds Transfers (Regulation E)
http://www.consumerfinance.gov/eregulations/1005

How Regulation E applies to a non-consumer using internet banking and/or bill pay?

A non-consumer (business) customer using internet banking and/or bill pay is not protected under Regulation E. Because the non-consumer account is not protected by Regulation E special consideration should be made by the Business to ensure adequate internal security controls are in place that commensurate with the risk level that the customer is willing to accept.

Precautions a non-consumer should take because they are not protected by Regulation E

As a non-consumer customer, you should perform a periodic assessment to evaluate the security, and risk controls you have in place. The risk assessment should be used to determine the risk level associated with any internet activities the non-consumer customer performs and any controls in place to mitigate these risks.

For more information and tips on how to safe guard your online security, take a look at the following videos and links:

Protecting Personal Information: A Guide for Business
https://www.ftc.gov/tips-advice/business-center/guidance/protecting-personal-information-guide-business

Business Peer to Peer File Sharing:
https://www.consumer.ftc.gov/articles/0016-p2p-file-sharing-risks

Consumer Action: Complaints
https://www.usa.gov/consumer-complaints

FDIC Consumer Protection
https://www.fdic.gov/consumers

FDIC Consumer Alerts:
http://www.fdic.gov/consumers/consumer/alerts/index.html

ID Theft
http://www.ftc.gov/bcp/edu/microsites/idtheft

NACHA Fraud Resources
https://www.nacha.org/Fraud-Phishing-Resources

US Department of Homeland Security
http://www.us-cert.gov/home-and-business

Federal Communication Commission -Business Cyber-planner
http://www.fcc.gov/cyberplanner