WCF Financial Bank
FDIC Digital Sign, using the official FDIC wordmark. This digital sign indicates the deposit institution is backed by the full faith and credit of the US government.

Security

Be Safe When Banking Online

Online Transactions

Federal financial regulators report that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers.

In order to help ensure the security of your online transactions, we want you to know that we will never email, call, or otherwise contact you to ask for your username, password, or other electronic banking credentials.

Tips for Safe Online Banking

You can help protect yourself by implementing alternative risk control and processes:

  • Choose an adequate username and password that, at a minimum, mixes in lowercase letters, uppercase letters and numbers.
  • Periodically change your password (e.g. at least every 90 days).
  • Safeguard your username and password information.
  • Use current anti-malware and anti-virus software.
  • Make sure you have a firewall in place when conducting your financial transactions.
  • Log off the system when you’re done conducting business instead of just closing the page.
  • Monitor your account activity on a regular basis.

Tips for Safe Online Business Banking

We may require owners of business accounts to perform their own risk assessments and control evaluations. For example:

  • A list of the risks related to online transactions that your business faces, including:
    • Passwords being written down and left out in the open
    • The use of old or inadequate passwords
    • The possibility of internal fraud or theft
    • Delays in terminating the rights of former employees
    • The lack of dual control or other checks and balances over individual access to online transaction capabilities
  • An evaluation of controls your business uses, such as:
    • Using password-protected software to house passwords
    • Conducting employee background checks
    • Initiating a policy and process to terminate access for former employees
    • Segregating duties between two or more people so no one person has too much access or control
    • Conducting internal or third-party audits of controls
    • Using firewalls to protect from outside intrusion or hackers

Mail & Phone Security

We recommend you learn ways to protect yourself from common fraud schemes.

Vishing

Vishing scams target consumers by “spoofing” text or voicemail messages that ask you to call a phone number and give your personal information. Here’s how it works:

  • You receive a “spoof” email, text message, or voicemail about suspicious account activity.
  • The email, text message, or voicemail message will ask you to call a “customer service” number.
  • When you call the customer service number, a recording will ask you to provide personal information such as account numbers, passwords, a social security number, or other critical information.
  • The recording may not mention the company’s name and could potentially be an indication the call is being used for fraud.
  • In a variation of this scam, you may receive a phone call.
  • The call could be a “live” person or a recorded message.
  • The caller may already have your personal information, which may seem as if the call is legitimate.

Smishing

Smishing is when consumers’ cell phones and other mobile devices are targeted with mobile spam. The spam, or text messages, attempt to trick consumers into providing personal information. Here’s how it works:

  • You receive a fake text message, which may include a fraudulent link, asking you to register for an online service.
  • The scammer attempts to load a virus onto your cell phone or mobile device.
  • The scammer may also send a message ‘warning’ you that your account will be charged unless you cancel your supposed online order.
  • When you attempt to log on to the website, the scammer extracts your credit card number and other personal information.
    • In turn, your information is used to duplicate credit, debit and ATM cards.
  • Scammers may also send you a text message again ‘warning’ you that your bank account has been closed due to suspicious activity.
  • The text message will ask you to call a ‘customer service’ number to reactivate your account.
  • When you call the number, you are taken to an automated voice mail box that prompts you to key in your credit card, debit card or ATM card number, expiration date and PIN to verify your information.
  • Again, your information is used to duplicate credit, debit and ATM cards.

Lottery/Sweepstakes Scams

Lottery/Sweepstakes scams target consumers by a notification, which arrives through the mail, by email, or by an unsolicited telephone call. Here’s how it works:

  • The notification advises you have won a prize, but you did not enter in any type of lottery or sweepstake by the promoter contacting you.
  • The promoter will ask you to send payment to cover the cost of redeeming the prize when the prize does not exist.
  • In this type of scam, you may rarely if ever receive any winnings in return.

Check Overpayment Scams

Check Overpayment scams target consumers who sell items through an online auction site or a classified ad. Here’s how it works:

  • The seller takes a big loss when the ‘buyer’ passes a counterfeit cashier’s check, money order, corporate or personal check as payment.
  • The counterfeit check is written for more than the agreed price.
  • The ‘buyer’ will ask the consumer to wire back the difference after the check has been deposited.
  • The check will more than likely bounce and the consumer becomes liable for the entire amount.

Tips for the Mailbox

►Deposit outgoing mail at the Post Office.

►Remove incoming mail from your personal mailbox as soon as possible, or use a P.O. Box or locked, secure mailbox.

►Request a mail hold from the United States Postal Service or call them at 1-800-275-8777 if you plan to be away from home for an extended period.

►Know your billing cycles. If bills are late or missing, contact your creditors.

►At Debit Card renewal time watch for your replacement debit card from WCF Financial Bank. If you need to replace your debit card, come to our offices and get a new card without using mail service.

►Switch to a more secure way of receiving your account statement. When you sign up for WCF Financial Bank's Online E-Statements, your statement will no longer sit in your mailbox. Instead, we will send you an email when your statement is available through your secure Online Banking account.

Tips for the Phone

►Do not give out personal information, such as your account numbers, card numbers, Social Security, tax identification numbers, passwords, or PINs, unless you have initiated the call.

►We will not make an unsolicited call requesting your personal information.

►If you ever believe you are not talking to a representative of a legitimate company, hang up and call the phone number listed in the telephone book.

Phishing & Spoofing

While WCF Financial Bank works to protect your banking privacy, you also play an important role in protecting your information. Here are a few steps you can take to protect your identity:

Phishing scams target consumers by “spoofing” emails and websites. Here’s how it works:

  • You receive an email message, asking you to click on a link in order to update some sensitive personal information.
  • The link will redirect you to a “spoofed” website, which is designed to look like a legitimate website.
  • The website will ask you to input personal information such as your account numbers, PINs, or a social security number.

Email Protection Tips

►Do not click links in Emails to log in, or to update or confirm your sensitive information

►Do not fill out forms in Emails

►Be cautious about opening attachments or downloading files, regardless of who sent them

►‘Spam’, or mass email messages, often contain links to phishing websites and other unsavory websites.

►Many phishing scams originate outside of the United States. Be wary of emails from people or sources you don’t know or trust.

►Poor grammar and misspelled words from unknown sources asking you for personal information are clear warning signs of a phishing scam being operated outside of the United States.

►Legitimate companies or organizations will never ask you to divulge any personal information over email.

►Phishing emails may also be fake contests or offerings, asking you to input personal information.

►If an offer or email you receive is too good to be true, it most likely is.

Bank Error Messages

One of the newest schemes by fraudsters involves spoofing bank error messages. Here’s how it works:

  • Fraudsters will send you an email message about a data or site maintenance error at Security State Bank of Kenyon or any of your banks.
  • The email will ask you to click on a link, which will redirect you to a site and will install malware on your computer.
  • This malware allows scammers to intercept your password and bypass the dual authentication system many financial institutions use.
  • The next time you attempt to log in to your online banking service, scammers attempt to steal your password and may quickly drain your account.

Federal Protection

Federal regulations provide consumers with some protections for electronic fund transfers. These regulations generally apply to accounts with Internet access.

For example, these federal laws establish limits on a consumer’s liability for unauthorized electronic fund transfers. They also provide specific steps you need to take to help resolve an error with your account.

Note, however, that in order to take advantage of these protections, you must act in a timely manner. Make sure you notify us immediately if you believe your access information has been stolen or compromised. Also, review your account activity and periodic statement and promptly report any errors or unauthorized transactions. See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these protections.

Fake Check Scams

Did someone send you a check and ask you to send some money back?  That's a scam!  Did you win a prize and are told to send back taxes and fees?  Did you get paid as a "secret shopper" and are told to wire back money?  Did you sell an item online and did the buyer overpay?  These are scams!  Learn more about Fake Check Scams.

If you become aware of suspicious account activity, you should immediately contact the authorities and contact us.

Cybersecurity

Online scams aren’t so scary when you know what to look for. And at WCF Financial Bank, we’re committed to helping you spot them as an extra layer of protection for your account.

Learn more about cybersecurity.

Cybersecurity

Read Our Security Policy

Security News

Top
Some content requires Adobe Acrobat Reader to view.