Preventing Account Fraud
Bank of Oklahoma takes the privacy of our clients and the security of their accounts very seriously. Currently, there are a number of email scams that are designed to trick you into providing your user ID and password.
To help you defend yourself against these criminals, Bank of Oklahoma has compiled a list of simple online tips to help you safeguard your accounts and privacy from these online scams. We've also provided you with some general information on how to prevent account fraud and included links to the FTC's and FDIC's Web pages that contain more detailed information about online safety, identity theft and online fraud.
Bank of Oklahoma takes online security of our clients accounts very seriously. Currently, there are a number of email scams that are designed to trick you into providing your user ID and password. We will never request this information from you via email. Here are some important online security tips:
- Keep the security features of your computer software up to date. This includes your Web browser, virus scan software and firewall. Email attachments and links within email can sometimes contain viruses and infect your computer without your knowledge. Running frequent scans for viruses is highly recommended.
- Don't respond to unsolicited emails from companies that you do business with requesting that you re-validate your personal information or that provide a link to websites that require you to revalidate your account information. These links often lead to bogus websites that look legitimate in order to fool you into providing secure information.
- Before entering personal information on any website, look for the "locked padlock" icon in the browser frame, or "https" at the beginning of the Web address to ensure that the site is secure.
- Change passwords regularly.
- Sign out of the website after you have submitted an application or concluded a secure online session.
- When your computer is not in use, shut it down or disconnect from the Internet.
- If you think you may have fallen victim to an online scam, change your passwords and monitor your account activity closely.
What is Identify Theft?
Identity theft, also known as identity fraud, happens when a criminal or imposter obtains key pieces of your personal identifiable information, such as your social security number or credit card number, and tries to steal money from your accounts, open new credit cards on your behalf or commit other crimes—all using your identity. Identity theft can damage your credit, leave you with unwanted bills and require a lot of time and frustration to clean up.
How do thieves steal an identity?
By using your social security number, credit card number or other financial account information, identity theft may pursue various methods of stealing your information., including:
- Phishing: Pretending to be a financial institution or other company and sending email or pop-up messages to get you to reveal your personal information.
- Skimming: Stealing credit/debit card numbers by using a special device on ATMs or when processing a purchase.
- Pretexting: Pretending to be you when they call financial institutions, phone companies and other sources to get additional information.
- Account Take Over: In this instance, the criminal will take over the primary inbox of the victim completely, giving the criminal access to change all the passwords of any other accounts tied to the primary email, like banking and investment accounts.
- Spoofing: This is when a criminal pretends to be someone else by changing the sender address in an email.
- Redirecting your mail: Filling out a change-of-address form to have your billing statements sent to an address they choose.
- Common stealing: Stealing information from your mail (such as bank and credit card statements), signing you up for pre-approved credit card offers or taking information by stealing your wallet or purse.
- Dumpster diving: Digging through your trash looking for bills or other paper with your personal information on it.
How can I find out if my identity was stolen?
There are several ways you can check to see if your identity is stolen and ways to put personal safeguards in place, including:
- Check your accounts and bank statements each month to ensure there are no mysterious charges.
- Check your credit report at least once a year for transactions and accounts you don't recognize.
- Be sure to shred any information that contains information about your personal account numbers, social security numbers, credit card numbers or other personal information.
- Consider adding credit monitoring service or freezing your credit. Plenty of credit cards have monitoring for free, but paying for a reputable monitoring service is a great way to keep watch. You can even freeze your credit for 90 days at a time if you find out you have been a part of a large breech.
What should I do if my identity is stolen?
Notify all your banks and financial companies as soon as you realize your identity has been stolen or an account is at risk. If you bank with Bank of Oklahoma please notify us immediately. We'll work with you to help correct any unauthorized transactions in your Bank of Oklahoma accounts, fix any incorrect information we've sent to the credit reporting agencies and help protect you from any future identity theft or account fraud.
We also urge you to take these steps immediately:
- Contact Bank of Oklahoma ExpressBank immediately:
- We have safeguards in place to protect our clients' existing accounts including strong online security protection, Visa fraud protection for debit card purchases, and strong credential requirements for all interactions with the bank.
- There is no need to close your existing accounts or replace debit cards. However, we recommend signing up for Online or Mobile Access to be notified of activity on your bank accounts.
- Please note that the bank will not initiate calls to consumers. Clients should not give information to callers stating they represent of the bank.
- Call the fraud departments of all three credit reporting agencies: Ask them to place a fraud alert on your file. This alert tells creditors to call you before they open any new accounts in your name.
- Equifax: 1-800-525-6285
- Experian: 1-888-397-3742
- TransUnion: 1-800-680-7289
- File a complaint with the Federal Trade Commission (FTC). Trained counselors staff the FTC's identity theft hotline toll-free at 1-877-IDTHEFT (1-877-438-4338). Or you can file a complaint by visiting the FTC Identity Theft website.
- File a report with your local police. You may wish to file a report with the local police department. Even if the police can't catch the identity thief, having a police report can help you clear up your credit records later on.
- Always consider strong passwords. Keep strong passwords on all of your accounts and if you discover that your information has been involved in a breach, change your password immediately.
What is a phishing scam?
Phishing is an email scam that attempts to trick consumers into revealing personal information — such as their credit or debit card account numbers, checking account information, Social Security numbers, or banking account passwords — through fake websites or in a reply email. Typically the emails and websites use familiar logos and slick graphics to deceive consumers into thinking the sender or website owner is a government agency or a company they know. Sometimes the phisher urges intended victims to "confirm" account information that has been "stolen" or "lost." Other times the phisher entices victims to reveal personal information by telling them they have won a special prize or earned an exciting reward.
Spotting a Phish
While phishing emails can be quite sophisticated in appearance, the following features are often indicators. An email could be a scam if it:
- Asks you to provide personal information such as your bank account number, an account password, credit card number, PIN number, mother's maiden name or Social Security number.
- Fails to address you by your name.
- Warns that your account will be shut down unless you reconfirm your financial information.
- Warns that you have been the victim of fraud.
- Has spelling or grammatical errors.
How to Stay Safe Online
- Keep the security features of your computer software up to date. This includes your Web browser, virus scan software and firewall.
- Be cautious. View any email request for financial information or other personal data with suspicion. Do not reply to the email and do not respond by clicking on a link within the email message.
- Don't open emails or attachments from unknown sources. Be suspicious of any unexpected email attachments even if they appear to be from someone you know.
- Go directly to the company website by opening a new browser window and typing in the Web address.
- Contact the actual business that allegedly sent the email to verify if it is genuine. Call a phone number or visit a website that you know to be legitimate, such as those provided on your monthly statements.
- Do NOT send personal information (e.g. credit or debit card number, Social Security number, online passwords or PIN) in response to an email request from anyone or any entity.
- Review your statements. Check your monthly statements to verify all transactions.
- Always log off the website after you have submitted an application or concluded a secure online session (such as Online Access).
- Be careful and selective before providing your email address to a questionable website. Providing your email address makes you more likely to receive fraudulent emails.
Remember, Bank of Oklahoma will never ask you for personal information via email.
For more information about protecting yourself online, phishing scams and identity theft, visit:
If you suspect you have received a fraudulent email that appears to be from Bank of Oklahoma, forward it to us immediately at firstname.lastname@example.org. This email address is designed to handle only messages related to reporting suspected email or online fraud (i.e. phishing scams).
If you have specific questions related to fraud or have any other bank-related questions, email us your question and we will respond to you within 24 business hours.
Note: Do not change or retype the subject line. Doing so will make it more difficult for us to investigate. After forwarding the email to us, delete it from your inbox.
If you believe you have provided any personal information online in response to a fraudulent email, immediately call ExpressBank at 800-234-6181.
Please know these fraudulent emails were not sent by Bank of Oklahoma. When you report fraudulent emails that appear to be from Bank of Oklahoma but were not sent by us, we work closely with law enforcement agencies to investigate them. If you would like, you may want to forward suspicious emails to the Federal Trade Commission at email@example.com or contact them at 1-877-IDTHEFT.
Remember, Bank of Oklahoma will never ask you for personal information via email.
We appreciate your help in our effort to fight email and online fraud. Know that Bank of Oklahoma takes preventing fraud for our clients and the security of their accounts very seriously.
- Read our fraud prevention tips on this page.
- Watch for "phishing" scams.
- Remember, Bank of Oklahoma will never ask for your personal information via email.
- Report email and online fraud as soon as you expect it.
- Call our ExpressBank if you feel your online account has been compromised, 800-234-6181.