Security Threats

Safeguard your sensitive information
  • Learn useful tips.
  • Discover the latest scams.
  • Click here to learn more about recent scams.

Let's work together against
harmful security threats.

At First Bank, we want to help you identify and avoid threats to your accounts and personal information.

Useful Security Tips and Ideas

Threats are ever evolving and keeping up with current threats can be difficult. We encourage you to use caution and never provide confidential information via text, email, incoming call (by a person or automated call), or pop-up ad on your computer.

When you receive a call or message that seems suspicious or unusual, hang up and call the phone number from your most recent bill or the back of your card. With our increased dependence on electronic devices and the Internet, below is information to help educate and provide online safety tips to you and/or your business.

Ransomware is malware that is downloaded through email attachments that then encrypts an entire system, including any attached storage. One particular ransomware that businesses need to pay attention to is CryptoLocker.

The only way to decrypt an infected device is to pay a fee or "ransom" to the malware owner. Preventing the malware from loading is the key. Don't open any email with a .zip file as an attachment - even if you are familiar with the sender. The exception is if you confirm the sender actually sent the email.
 

Beware of email alerts which advise you that a package is being shipped to you, especially when the email contains a link to a tracking number. Clicking through a link in a phishing email can result in malware being downloaded to your PC which may then put your business at risk.

Never click on links or open attachments from email senders that you are not familiar with or expecting an email from. If the email is from a known sender but appears unusual or is unexpected, call the sender to verify the validity of the email before you open it or click on any links.
 

A large percentage of PCs with Java do not contain Java security patches or are not running the most current version of Java. Java runs on millions of PCs and is often exploited by cyber criminals to infiltrate or attack your PC. To combat this vulnerability, as part of your overall security best practices, keep Java up-to-date and secure.
 
This is a common form of identity theft for business customers. An account takeover occurs when a fraudster has an individual's information such as social security number, User ID and password, account number, and/or access to email accounts. Once the fraudster has access to this information, they can use it to pose as the customer and conduct unauthorized transactions.
 
There are many ways a criminal can obtain confidential information. Social engineering is a contributing factor to these and many more scams. Fraudsters use every avenue of communication to have you divulge sensitive account information.
 
Phishing uses fraudulent emails or pop-up messages to attempt to collect personal or account information. These messages often have a sense of urgency that suggests dire consequences, such as an email from your 'bank' stating your account has been or will be frozen.
 
Smishing uses a text message from an unknown number, asking you to click a link to another site or call a phone number. They entice you to provide personal or account information and may attempt to infect your mobile device with malware.
Vishing uses the telephone in an attempt to get the user to provide personal or account information, often presenting themselves as legitimate businesses offering assistance to the user.

Contact Us / Questions?

Your security is important to us. When communicating via email please do not include any personal, business, or confidential account information. Thank you! First Bank will never call, text, or email our clients and ask them to provide and/or update personal account information such as account numbers, PINs, eBanking IDs, usernames, passwords, debit card numbers, and social security numbers. Contact the First Bank Service Center at 800-760-2265, visit a First Bank branch, or email us about any suspicious communications or inquiries you have received. When in doubt, always trust your gut.

Stay Informed! Learn More About Recent Scams and Alerts!

Phishing, vishing, and smishing all involve spoofed communication that appears to be from a legitimate business urging you to “act immediately” or your account might be closed. Phishing uses fraudulent email messages, smishing employs text messages, and vishing combines both spam phone calls and fraudulent emails. Hackers use this information to access your accounts to withdraw money or make purchases.

Here is an example of a common email phishing scam.

Ways to Avoid Phishing, Vishing, and Smishing

  • When purchasing a product or service, go directly to a company's website. Pay close attention to the URL in the browser window and watch for the padlock symbol that indicates you are visiting a secure site.
  • Verify messages by contacting the company or financial institution that supposedly sent them.
  • Confirm the sender’s identity before replying to email requests and before opening attachments or clicking on links, even if they appear to come from a legitimate source.
  • Look up email addresses, website URLs, and phone numbers of reputable companies. Do not automatically use those provided in the messages or over the phone before doing your research and homework. 
  • Whether it’s a phone call, suspicious email, or an unsolicited text, always be cautious.
Virtual kidnapping scams happen when fraudsters place anonymous calls to family members claiming a loved one has been kidnapped and demand ransom money be paid. Criminals now use technology, such as artificial intelligence (AI), to make fake, hyper-realistic audio recordings (called deep fakes), using the voice of a loved one to make the ransom call seem very real. Learn more about virtual kidnapping scams.
The FBI has recently issued an advisory about the increasing threat of call back phishing, a sophisticated cyberattack tactic. Unlike traditional phishing, call back phishing doesn't include a malicious link in the email. Instead, it features a prominent phone number, urging the recipient to call for an urgent matter.
  • The email typically contains a convincing phishing message, like a fraudulent charge, designed to alarm the user into calling the number provided.
  • These phishing emails are usually composed of a single unclickable picture, displaying the phone number multiple times to encourage a call back.
  • When victims call, they are often directed to an overseas call center where operators are handling multiple call back scams.
  • In cases linked to ransomware groups, the fraudulent call center is specifically prepared for the scam, aiming to install ransomware or other malicious software on the victim's computer.

Ways to Avoid Phishing

  • Do not call the number in the suspicious email. Go directly to a company's website. 
  • Look up email addresses, links, and phone numbers. Do not use those provided in the messages or over the phone.
Experts are warning taxpayers to be aware of tax-related identity theft. Tax identity theft occurs when a criminal uses your personal information to file a tax return in your name and then claim a refund. Experts note that filing taxes early and identity protection PINs from the IRS are both ways to limit the risk of tax-related identity theft. Learn more about taxpayer identity theft.

The FBI is warning financial institutions and investors about cyber criminals creating fraudulent cryptocurrency investment applications (apps) to defraud cryptocurrency investors. Read more.

The FBI Criminal Investigative Division and the United States Securities and Exchange Commission’s Office of Investor Education and Advocacy (OIEA) warn of fraudsters swindling investors while pretending to be registered brokers or investment advisers. Read more.

It’s no secret that scams and fraudulent activity are at an all-time high. Fraudsters will stop at nothing to gain access to valuable personal information, access account numbers, and/or find ways to illegally receive payment from you in any manner. Read more.

Ransomware is a type of malware that is unwittingly downloaded when you click on a tainted link, open an infected attachment, or even click on a phony advertisement. If your computer freezes, and a message on your screen tells you that your computer will remain frozen until you pay a ransom or a fee, you have become a victim of ransomware. The criminals often ask for a minimal amount of money to give you access to your computer again. They believe that you are comfortable paying them to avoid the frustration of the situation. Sometimes the denominations are very small and the accepted method of payment transmission might include wiring money through a common wire service. Thieves also may ask you to make a payment via a premium text message or send them money as a type of online cash.

Protect Your Devices Against Ransomware

  • Install current firewall, anti-virus software, and anti-malware software on your computer, tablet, and other mobile devices.
  • Back up everything on your devices to a cloud service or a USB drive.
  • Never click on a link or download an attachment unless you have independently confirmed that the communication or advertisement is legitimate. Emails that contain links to businesses sent from friends may have been hacked by scammers. Go directly to a company’s website instead of clicking on a link in an email.
  • Create different passwords for all of your accounts.
  • Change your passwords regularly.
Savings Accounts
Take the steps to investing in your financial security.