How We HelpBusinesses
How We HelpIndividuals
- Who We Are
Helpful Tools &Information
Beware of current Scams
New Data Breaches that may affect You
Equifax Data Breach-Click here for more information about the data breach and to find out if your information has potentially been impacted.
Click here to view a list of current data breaches.
Corporate Account Takeover (CATO) is a type of business identity theft where cyber thieves gain control of a business’ bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts controlled by the thieves. It is important for businesses to take extra precautions to safeguard their computers and login credentials to prevent fraudulent transactions. Below is list of external sources with information and best practices to help safeguard against a potential compromise.
Internet Crime Complaint Center (IC3) “Fraud Advisory for Business” is a helpful document to better understand Corporate Account Takeover and how to best prevent it and educate your employees.
The Better Business Bureau’s website provides information on their website on data security and important cyber security.
Federal Trade Commission (FTC) is a national resource to help you deter, detect and defend against identity theft.
NACHA – The Electronic Payment Association’s website provides tools, resources and sound business practices to help businesses mitigate Account Takeover risk.
1. The FDIC does not directly contact bank customers (especially related to ACH and wire transactions, account suspension, or security alerts), nor does the FDIC request bank customers to install software upgrades. Such messages should be treated as fraudulent and the account holder should permanently delete them and not click on any links.
2. Messages or inquiries from the Internal Revenue Service, Better Business Bureau, NACHA, and almost any other organization asking the customer to install software, provide account information or access credentials is probably fraudulent and should be verified before any files are opened, software installed, or information is provided.
3. Phone calls and text messages requesting sensitive information are fraudulent. If in doubt, account holders should contact the organization at the phone number the customer obtained from a different source (such as the number they have on file, that is on their most recent statement, or that is from the organization's website). Account holders should not call phone numbers (even local prefixes) that are listed in the suspicious email or text message.
We’ve assembled a variety of excellent resources that can help you learn more about privacy and security issues. Please note that these sites are not associated with Grinnell State Bank and that by using them you are governed by their own privacy policies.
Identity theft resources
Online Fraud Resources
Credit score monitoring resources
Additional privacy and security resources
Below is a list of possible issues your computer may have if it has been compromised
Secure your computer
Here are some ways you can secure your computer to help protect your information.
Equip your computer with:
Monitor your account activity
Checking your account activity frequently can help to detect fraud earlier. You can receive information quickly about activity in your accounts when you set up Alerts. In addition to Alerts that are automatically already turned on for your protection, you can set up additional Alerts to stay on top of your balances, payments and transactions.
Create strong passwords
Be smart about social networks
Follow internet security issues in the news and discuss them with friends, family and colleagues. Explore online resources like the National Cyber Security Alliance and Microsoft Security At Home websites that provide comprehensive information about topics such as securing your computer and safe online behavior.
Phishing and spoofing
Phishing and spoofing emails ask you to go to a fake website that looks like Grinnell State Bank and provide your account information. These emails may even ask you to call a phone number and provide account information.
Ways to identify phishing and spoofing emails include:
Why criminals send fraudulent email
One of the ways criminals try to trick people into providing personal account information for identity theft purposes is to send email that appears to have been sent by Grinnell State Bank, but has been sent by the criminal.
The phone email asks you to go to a website that looks like Grinnell State Bank site, but is a site the criminal has set up asking you to provide your personal account information. Sometimes the email may ask you to call a phone number and provide account information.
Ways to protect against phishing and spoofing:
Malware, short for malicious software, includes viruses, spyware and Trojans that are designed to infiltrate or damage a computer system, steal personal information and commit fraud. There are several easy ways you can minimize malware risk:
Vishing uses Voice over Internet Protocol (VoIP) to leave an automated recording on your phone that says your account has experienced unusual activity. The message instructs you to call what appears to be a Grinnell State Bank phone number (in fact, the caller ID has been fooled into displaying “Grinnell State Bank”). Sometimes criminals also end emails and text messages containing fraudulent phone number. Rather than provide any information, you should contact us immediately to verify the validity of the message.
Fake Mobile Banking apps
Criminals may develop and publish fake mobile banking applications that look like official Grinnell State Bank apps bur are in truth designed to steal your online banking credentials. Here are tips for recognizing an unofficial Grinnell State Bank app.
To help protect your accounts and information, never download or install a Grinnell state Bank Mobile Banking app if you spot any of these warning signs.
SMShing and smishing are like phishing (which typically happens via email), but take place via SMS text message. A criminal sends you a text message that tries to trick you into replying with financial or personal information or clicking on links that will sneak viruses onto your mobile device. Don’t respond to a text message that requests personal or financial information. Grinnell State Bank will never ask you to provide your information in this way.
Lost and stolen devices
Mobile phones and tablet devices offer convenience, but they’re also easy to lose or steal, which can put your information at risk. Here are some ways you can protect yourself now in the even your device is lost or stolen later:
Traditional online threats
Viruses, malware and other programs intended to steal your personal information or financial details can infect some mobile devices. If your table supports a traditional anti-virus product, consider installing that software. Backup the device’s data and keep the copy in a safe and secure location. This will allow you to restore your data in the event you need to wipe the device clean to remove a harmful software threat.
A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.
Things to know if you are a victim of a data breach:
The actions you’ll need to take will depend on the type of data compromised.
If the compromised data was…
Sometimes the letters from breached companies also contain offers for free credit report monitoring provided by the company. While these programs are not generally worth paying for—since you can monitor your own credit for free—you may as well accept it if it’s being handed out. Monitoring services will alert you to some uses of your SSN quicker than you may be able to spot through your credit report, meaning you can resolve any problems quicker.
If you believe you've been a victim of a social engineering scam or any type of fraudulent activity, contact us immediately to protect your account.
You can also report social engineering scams to:
Here are some ways to help you protect your Social Security number:
Elder abuse (also called "elder mistreatment," "senior abuse," "abuse in later life," "abuse of older adults," "abuse of older women," and "abuse of older men") is "a single, or repeated act, or lack of appropriate action, occurring within any relationship where there is an expectation of trust, which causes harm or distress to an older person."
The following conditions or factors increase an older person's risk of being victimized:
Indicators are signs or clues that abuse has occurred. Some of the indicators listed below can be explained by other causes or factors and no single indicator can be taken as conclusive proof. Rather, one should look for patterns or clusters of indicators that suggest a problem.
Sign your cards immediately
Sign the signature panel on your credit and debit cards as soon as you receive them.
Monitor your debit card transactions
Grinnell State Bank offers ShazamBolt$ which will allow you to setup alerts on your debit card activity, so you can easily monitor your purchases. Signing up for Shazam Bolt$ is easy, enroll today to take control of your debit card transactions. Download the ShazamBolt$ app at the Apple app store and Google Play.
Check your statements
Save the receipts from your charges and keep them in a safe location. Check your statements to verify that they properly reflect the amounts you have authorized. Report any fraudulent transactions immediately. Once you have reconciled your statements, shred up all receipts and discard them.
Go paperless with Online Banking
Access your Grinnell State Bank statements through Online Banking and ask us to stop sending paper. Checking your balances and viewing your account statements online is safer than having information sent through the mail.
Keep a list of all your card account numbers
Keep the list in a safe and secure place and include the telephone numbers to call in your cards are ever lost or stolen.
Use ATMs safely
Use ATMs with surveillance cameras and be aware of people and your surroundings. When you enter, or exit an ATM in an enclosed area, be sure you close the entry door completely. Do not open locked ATM vestibule doors for others or allow any unknown persons to enter the ATM area while you are making your transaction. Shield the ATM keypad with your hand or body while entering your PIN. Secure your card and cash after completing your transaction and before exiting the ATM area. Count your cash later in the safety of your locked car or home. Your ATM/Debit card is like cash, so keep it in a safe place
Always be cautious
Never provide credit or debit account information to anyone who calls you. Grinnell State Bank will never reach out to you in this way to request sensitive account information.
MasterCard® SecureCode™ helps prevent unauthorized use of your card online with an extra layer of security that prevents fraudulent purchases when you check out online.
Start protecting your card today in a few easy steps, simply CLICK HERE to register on the website. Then click the "Register Card" link on the website to begin your card registration.
As more people bank and shop online, proper internet security is more important than ever. Safeguarding your information can be as simple as consistently reviewing your bank accounts and reporting any suspicious activity. But there are a number of other things you can do to stay safer online. Here are ten tips to help protect you and your money.
By following these online and mobile security tips, you can help protect your personal information from falling into the wrong hands. If you suspect information related to your bank account has been compromised, contact us immediately for assistance addressing the issue.
Free Public Wifi is everywhere.. hotels, airports, coffee shops, restaurants and even stores; but should you use it?
Experts advise that you should never enter personal and confidential information into your phone or laptop while using public wifi and to avoid public wifi altogether when dealing with confidential information. This includes credit card information, logins, passwords, etc. Hackers can set up a bogus wifi access and name it "free public wifi" and have instant access to your phone or laptop once you connect.
If a business is offering wifi access that requires a password, that is a much safer bet; but you are usually much better off waiting to do anything with sensitive information until you are on your cellular service or at home.
If you notice your card is lost or stolen during normal bank hours, please contact the bank. If it is outside of normal bank hours, please call 800-383-8000, to report your card lost or stolen with Shazam, our debit card company.