Fraud Protection

Gulf Coast Bank offers Digital Banking and Alerts to help you monitor personal accounts and Business Solutions, such as Digital Business Banking and Positive Pay, to help you monitor your business accounts activity. Signing up for these services will allow you to identify fraudulent transactions sooner; therefore allowing you to notify Gulf Coast Bank. Experts also suggest you replace paper invoices, statements and checks with electronic versions, if offered by your employer, bank, utility provider or merchant. Gulf Coast Bank offers eStatements for both personal and business accounts. Below you will find additional resources: 

• Online Security Statement
• Privacy Policy
• Debit Card Fraud Protection
• CardControl App To Safeguard Your Debit Cards From Fraud

 

Email Policy

Time is money. Gulf Coast Bank offers innovative, sophisticated information access and reporting to save you time so you can focus on the day to day operation of growing your business. It is not our practice to: 

• Send an e-mail that will require you to enter personal or financial information directly into an e-mail 
• We will never send you an e-mail threatening to close your account if you do not take the immediate action of providing personal information 
• We will never share your name with any contacts outside our company in a manner that would be inconsistent with our Privacy Policy 

 

Fraud Alerts

The FDIC does not directly contact consumers, nor does the FDIC request bank customers to install software upgrades. Information about counterfeit items, cyber-fraud incidents, and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 3501 North Fairfax Drive, CH-11034, Arlington, Virginia 22226, or transmitted electronically to alert@fdic.gov. Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form. For your reference, FDIC Special Alerts may be accessed from the FDIC's website. To learn how to automatically receive FDIC Special Alerts through e-mail, please click here.

NACHA, the electronic payments association, does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive. For additional information and guidance, please click here to visit the NACHA website for consumers. 

Click here to visit the Federal Trade Commission's page to view the current scam alerts. 

Gulf Coast Bank has identified a variety of resources to help you protect yourself from identity theft and even tips on how to protect your kids online. Please explore the below resources to learn more. 

Protect Yourself Against Identity Theft

Federal Trade Commission IdentityTheft.gov 

Online Security Tips 

Phishing is one of the most popular forms of e-mail fraud. It is a form of criminal activity that attempts to fraudulently acquire sensitive information such as passwords, account numbers, or financial information by masquerading as a trustworthy person or business in a seemingly official electronic communication. Phishing emails are often sent to large lists of people, expecting that some percentage of the recipients will actually have an account with the real organization. The term comes from "fishing," where bait is used to catch a fish. In phishing, e-mail is the bait. Click here to learn more.

Below are a few tips to help protect your personal and financial information. 

 

Email Security Tips 

• Never provide personal information in a response to an e-mail request, no matter who appears to have sent it. Legitimate companies don’t ask for this information via email or in a pop-up message. This information includes: Account Numbers, Social Security Numbers, Mother’s Maiden Name, and User IDs and Passwords. 
• Ask yourself if you have initiated contact with the agency or business that is contacting you. If the answer is “no”, it is likely that the communication is an act to commit fraud. 
• Do not click links provided in an e-mail. Copy and paste the link into your browser window. 
• Do not open e-mails bearing attachments from un-trusted sources. 
• Call the person or the organization listed in the FROM line before you respond or open any attached files if it looks suspicious. 

 

Internet Purchasing Security Tips

• Google the company name with “fraud” or “scam” behind the company’s name. For example: ABC Company + Fraud or ABC Company + Scam. 
• Before making a purchase online know who you are dealing with. Confirm online the seller’s physical address and phone number in case you have questions or problems. 
• Know exactly what you are buying. Read the fine print for the product closely and know exactly what the costs are for the product or service. 
• Check out the return policies and delivery dates. If you return it, know who pays the shipping costs or restocking fees. Know when you will receive your order. A Federal Trade Commission (FTC) rule requires sellers to ship items as promised or within 30 days after the order if no specific date is promised. 
• Read your bank and credit card statements immediately and check unauthorized charges or overcharges by merchants. 
• Look for “secure transaction” symbols like a lock symbol in the lower right-hand corner of your web browser window, or https://.... in the address bar of the website. The ‘s” indicates “secured” and means the web site page uses encryption. 

 

Debit & Credit Card Security Tips 

Gulf Coast Bank has blocked all debit card transactions in foreign countries. If you are planning to visit a foreign country or are using your debit card to make a purchase from a company in a foreign country, please notify us in advance. Click Here for the complete details.

• Sign the back of the card as soon as you get it. 
• Never give your account number to someone calling you or sending you an e-mail. 
• Never give your PIN to anyone. That includes family members and friends. 
• Never leave your credit card and/or debit card as a “security deposit” or as identification. Instead, use your driver’s license (make sure your Social Security number is not on your license). 
• When you are expecting a new or replacement card, look for it in the mail. If you do not receive it in a timely manner notify the issuer immediately. 
• Never leave receipts behind where someone could pick them up. Destroy them as if you would any other document with personal or financial information. 
• Always review financial and account statements to ensure accuracy. 
• Report suspected fraud immediately to your financial institution. The sooner you report suspected fraud, the more likely the losses can be minimized. 

 

Mobile Banking Security Tips 

• The best way to sign up for Mobile Banking is through a secure sign-up feature on your bank’s website, or via a mobile app on your cell phone downloaded straight from your bank. Never sign up through an unsolicited phone call or email. 
• Secure your mobile phone in a secure location. Use the lock function on your phone when it is not in use. 
• Set the phone to require a password to power on the handset or awake it from sleep mode. 
• Frequently delete text messages from your financial institution. 
• Never disclose via text message any personal or financial information. 
• Be aware of your surroundings. Don’t type any sensitive information if others around you can see. 
• Download the updates for your phone and mobile apps. 
• If you lose your mobile phone, notify Gulf Coast Bank immediately. 
• If you change your mobile phone number or e-mail address, remove the old information from your mobile banking profile in Online Banking. 

 

Protect Your Kids Online 

Adults are not the only ones affected by online fraud and identity theft. Fraud and identity theft can happen to kids as well and it is important to protect their personal information as well. Below are a few tips to keep your family safe. 

• Talk to your kids about what they can do to help protect the family computer and personal information. 
• Teach your children not to divulge personal information on the telephone and online. 
• Protect their personal information as if it was your own. This includes Social Security numbers, account numbers and passwords. 
• Kids should use passwords that contain a combination of upper and lower case letters, numbers and symbols. Never use a birthdate or address. 
• Kids can protect their passwords by not sharing them with their friends. 
• In addition to blocking inappropriate content, it's a good idea to block sites and downloads that might be a risk to your security and privacy. A child might accidentally infect your computer with spyware or other unwanted software. Some popular sites for kids might try to download programs without permission. 
• Watch for potential warnings signs include pre-approved credit card offers addressed to your child or calls from collection agencies. 
• As logical and tempting as it may be don’t request a credit report for your child. A parent could unwittingly establish a credit report and open the door to thieves. 

 

What to do if you do suspect your child has been a victim of identity theft. 

1. Call Social Security. A call to the agency can discover whether any income has been associated with the child's Social Security number. If it has, there's a chance the number is being used fraudulently. 
2. If your child does have bank accounts such as a savings, notify the financial institution of your suspicions. 
3. Report your suspicions to the Federal Trade Commission. 

We know that Internet and online security is important to our business customers. That’s why we would like to provide you with a few suggestions you should consider implementing. Taking the time to implement these suggestions will help protect yourself and your business from fraud and potential financial losses. 

The Basics  

• Passwords containing a combination of letters (upper and lowercase), numbers, and special characters are always recommended. 
• Choose difficult security questions. 
• Certain users have an authentication image that is assigned a phrase upon the initial login. Always verify that the authentication image and phrase match. If the image and phrase do not match, stop immediately and contact a treasury management representative. 
• Don’t ever share your login information or token with anyone, you are responsible for securing this information. 
• Don’t write your login information down or leave it visibly on your desk. 
• Avoid opening multiple Internet windows and leaving an online session opened while completing other tasks. 
• Always sign out of your online session when you are finished or leave your computer. 

 

Computer Security 

Here are a few recommendations on how to make your computer secure: 

• It is recommended that you use a specific computer dedicated to your business needs. 
• Public or shared computers should be avoided when accessing online banking. 
• Keep your computer and anti-virus updated. 
• If wireless Internet is used for the business ensure that the network is password protected. 
• Do not use unsecure or public wireless networks. 
• Be cautious of unsecure websites. Look for the signs of a secure website, such as the web address will begin with ‘https’ the ‘s’ is for secure and/or a closed padlock, which also means the site is secure. 

 

Desktop Teller Best Practices 

We are happy to offer our business customers the ability to remotely deposit checks at your business, with the added benefit of a later cutoff time of 6:00 P.M.! With the convenience of remotely depositing checks, comes the responsibility for maintaining the security of those checks. Gulf Coast Bank & Trust Company requires that you securely store the original checks for at least 90 days, and then destroy the checks. Checks may be destroyed in various ways; an in-house shredder or professional shredder service are recommended. During the 90-day retention period the checks should be under lock and key in a file cabinet, or secure location within the business. We understand that some businesses may choose to keep the original checks longer due to industry requirements or record keeping practices; in that case the checks should remain securely stored. 

Businesses that utilize desktop teller are asked to complete the following prior to making a deposit. 

1. Verify the date on the check is valid. Most checks are valid for 6 months, unless otherwise noted with a shorter time period. 
2. Confirm the check is made payable to a name that matches the account title and endorsement stamp being used. 
3. Endorse all checks for deposit with an endorsement stamp that is clearly visible. 
4. Total the amount of the checks prior to beginning the deposit 
5. The legal amount of a check is the amount in words, not in numbers. Ensure that these amounts match and if they do not, always use the amount in words. 
6. Validate the signature on the check. 
7. Now you are ready to remotely deposit your checks. 

 

Corporate Account Takeover 

How does Corporate Account Takeover work? 

• Criminals target victims by scams 
• Victim unknowingly installs software by clicking on a link or visiting an infected Internet site. 
• Fraudsters began monitoring the accounts 
• Victim logs on to their Online Banking 
• Fraudsters Collect Login Credentials 
• Fraudsters wait for the right time and then depending on your controls – they login after hours or if you are utilizing a token they wait until you enter your code and then they hijack the session and send you a message that Online Banking is temporarily unavailable. 

 

Where does Corporate Account Takeover come from? 

• Malicious websites (including Social Networking sites) 
• Email 
• P2P Downloads (e.g. LimeWire) 
• Ads from popular web sites 

 

What is Malware? 

• Short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. 
• Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software. 

 

What is Rogue Software? 

• Form of malware that deceives or misleads users into paying for the fake or simulated removal of malware. 
• Has become a growing and serious security threat in desktop computing. 
• Mainly relies on social engineering in order to defeat the security software. 
• Most have a Trojan Horse component, which users are misled into installing.  
  • Browser plug-in (typically toolbar) 
  • Image, screensaver or ZIP file attached to an e-mail 
  • Multimedia code required to play a video clip 
  • Software shared on peer-to-peer networks 
  • A free online malware scanning service 

 

What is Phishing? 

• Criminally fraudulent process of attempting to acquire sensitive information (usernames, passwords, credit card details) by masquerading as a trustworthy entity in an electronic communication. 
• Commonly used means:  
  • Social web sites 
  • Auction sites 
  • Online payment processors 
  • IT administrators 

 

Email Usage 

• What may be relied upon today as an indication that an email is authentic may become unreliable as electronic crimes evolve. 
• This is why it is important to stay abreast of changing security trends. 
• Some experts feel e-mail is the biggest security threat of all. 
• It is the fastest, most-effective method of spreading malicious code to the largest number of users. 

Software Use  

• Never use a jailbroken device. Jailbroken devices have the ability to download unapproved applications which have not passed malware tests. 
• If you receive a text from an unidentified party or unexpectedly, do not click a link or reply to the message. 
• If you are directed to a website by another application, look out for identifying markers that the site may be compromised. 

 

Wifi Usage 

• Public wifi connections are not secured. Try to avoid using unsecured wireless connections. If you must use an unsecured wireless connection, avoid signing into any sites or apps that require the input of passwords or contain sensitive information. 

  

Device Setup 

• Always keep your phone and your installed applications up to date with the latest updates as they become available. 
• Anti-malware applications are available for most devices and should be installed. 
• Always configure a PIN to unlock your device. 
• Setup your device for remote wiping capability and always use a password to protect applications where available. 

Tips from the Federal Government to help you protect your personal information online. 

FDIC: Identity Theft

Federal Trade Commission: Identity Theft 

Federal Trade Commission: Scam Alerts

How to Report Fraud 

If you have detected fraudulent activity on any of your Gulf Coast Bank Accounts, contact us immediately at 1-800-223-2060 or visit your local banking office. 

Lost or stolen MasterCard Check Card: 504-565-4640 

After hours: 1-800-554-8969 

Lost or stolen Credit Card: 1-800-325-3678