Skip Navigation Documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view,download Adobe® Acrobat Reader.
First Oklahoma Bank

Security Center

Your security is important to us, and we work relentlessly to protect you. It is import that we help keep you aware of the latest threats and informed of all the ways to protect yourself.

Millions of people become victims of cybercrimes each day. Cybercriminals use various techniques to attempt to steal your personal information or access your computer systems for their illegal activities. Here are some common methods thieves use and what you can do to protect yourself.  

Social Engineering

Social engineering is the art of manipulating or deceiving you in order to again control over your computer system. The hacker may use phone, email, mail or direct contact to gain illegal access. Phishing, Spear Phishing and CEO Fraud are all examples.

Email/Website Spoofing

These are used to make people believe they are receiving an email from a legitimate company, but they aren’t. Or that the user is visiting and interacting with a trusted website but is indeed a forged site.  The best way to handle spoofed emails and spoofed websites is by always exercising caution. If something seems “off” about an email, do not open attached files or click on included links. Type in a site’s URL manually to avoid landing on a spoofed version of it. By taking your time and being careful, you should be able to avoid most problems. 

Phishing

Phishing is a cybercrime that targets victims by email, telephone, or text messaging.  The fraudster poses as a legitimate company to lure the victim into providing sensitive data such as social security numbers, banking and card details and passwords.  The information is then used to access important accounts or obtaining new accounts, resulting in identity theft and financial loss.

Common Phishing Techniques:

Email/Spam

This technique target victims via email/spam by asking them to fill in personal details. Most of the messages have a sense of urgency requiring victim to enter credentials, update account information or verify accounts.

Vishing

In phone phishing, the phisher makes phone calls to the user and asks the user to dial a number. The purpose is to get personal information of the bank account through the phone. Phone phishing is mostly done using fake caller ID.

Smishing

This form of phishing is conducted via text messaging.  A smishing text, for example, attempts to entice a victim into revealing personal information via a link that leads to a phishing website.

Link Manipulation

Link manipulation is the technique in which the phisher sends the victim a link to a malicious website. When the user clicks on the deceptive link, it opens the phisher’s website instead of the website mentioned in the link.

Safety TIP! Hovering the mouse over the link to view the actual address stops users from falling for link manipulation.

Malware

Phishing scams involving malware are usually attached to the email sent to the user by the phishers. Once you click on the link, the malware will start functioning. Sometimes, the malware may also be attached to downloadable files.

Ransomware

Ransomware denies access to a device or files until a ransom has been paid. Ransomware is malware that gets installed on a user’s workstation using a social engineering attack where the user gets tricked in clicking on a link, opening an attachment, or clicking on malvertising.

Learn More Resources:

Social Engineering|KnowBe4

Phishing|Common Phishing Scams

Phishing|Phishing Examples

Protect Sensitive Information

Information such as your social security number, date of birth, routing or account numbers, usernames/passwords, and PIN numbers all should be highly protected.

  • NEVER share sensitive information with others.
  • Know that the bank will never call you directly and ask you to provide sensitive information listed above.
  • Do Not write your PIN number on the back of or keep it with your debit card.
  • Use a shredder to destroy mail that contains sensitive information.

Beware of Scams, and Scammers Techniques

Scammers target their victims.  Don’t fall prey to them.  Here are a things to watch for.

Scammers often create a sense of urgency to get their victim to roped into their scheme.  SLOW DOWN.  Ask yourself a few questions. Is this caller asking me to hurry and pay for something to avoid jail or penalties or collect prize money, secure a job?

Never send cashiers checks, checks or cash to people you meet online or to a person from whom you have received an unsolicited call.  

Unsure about the deal? Talk to a close friend, family member or reach out one of our bankers to discuss.

Don’t trust caller ID.  Scammers can spoof caller ID to make the incoming call look from a legitimate business.  What is the caller asking? Are you expecting a call from this company or individual? Are they asking you to provide sensitive information? STOP!  End the call.  Look the company phone number up from a trusted source and call them back. Do NOT call them back from the number showing on your phone.

Visit our Common Types of Fraud Methods page to learn more.

Protect Your Systems

  • Install Anti-Virus Software
  • Keep your computer and mobile operating systems up to date.
  • Use Firewalls
  • Back Up Your Data
  • Scan external devices such as flash drives before accessing them to avoid viruses.
  • Think Before You Click! Hover over links you are unsure of before clicking. Does it lead where it is supposed to?
  • Be Wary of Pop-Ups.
  • Use Trusted Browsers
  • Look at website URLs to make sure they are “SECURE”
  • Be selective of websites, don’t go to promo sites or unknown sites
  • Set Strong Passwords and update them regularly. Don’t use reuse a single password for multiple sites, i.e., entertainment sites and online banking
  • Don’t trust public Wi-Fi. Create a Virtual Private Network to encrypt your connection.
  • Disconnect from the internet when computer is not in use.

Consider Utilizing these First Oklahoma Banking Services:
  • Set alert preferences on your account via our mobile application. Alerts can be set for balance and or transaction monitoring.
  • Sign up to receive your bank statements electronically.
  • Lastly consider signing up with the U.S. Postal Services’ Informed Delivery  service so you can preview your incoming mail before it arrives.  This service can be beneficial in assisting you in monitoring your mailbox for mail theft.


Learn More Resources:

Phishing|10 Ways to Avoid Phishing Scams

Seeing unusual transactions or suspect your identity or online banking user login information has been compromised? Please contact us immediately. 

Preferred Option: Call us at 918.392.2500

Email :  customercare@firstoklahomabank.com

Additional Resources:

Report Lost or Stolen Debit Card

Notify us immediately if you suspect your card is lost or stolen to protect your account. 

Option 1:  Call

     1-918-392-2500 Business Hours

     1-918-392-2500 Option 1 After Hours to Transfer to Card Services Center

     1-888-297-3416 Card Services Center

 Option 2:  Use Your First Oklahoma Bank Mobile App

  1. Launch Your App
  2. Scroll Down to Card Management
  3. Under Card Services, Report Lost/Stolen

Identity theft occurs when someone illegally obtains your personal information (like your Social Security number, bank account number or other identification) and uses it to open new accounts or initiate transactions in your name. Essentially, someone else tries to become you. They might open new credit cards or bank accounts, forge checks or even apply for loans using your name and personal information. This can cause financial loss, damage your credit and lead to a long and stressful resolution process.

While thieves can obtain personal information via online methods, most identity theft occurs offline. Stealing wallets and purses, intercepting, or rerouting your mail, and rummaging through your garbage are some of the common tactics used to obtain personal information.

If your security has been compromised, it does not automatically mean that you are a victim of identity theft. It might be an incorrect entry or an isolated incident of theft. Contact the creditor right away

The good news is that the more information you have about identity theft the better your defense. For more information on Identity Theft, visit the Federal Trade Commission's ID Theft Website.

Recommended Resources:

Warnings Signs of Identity Theft

Know Your Rights

Create a Personal Recovery Plan

FTC Guide to Free Credit Reports

Credit Bureau Contact Information

Other Helpful Contact Information

How To Stop Junk Mail | FTC Consumer Information

Fraud Protection Tips for Your Business

You’ve worked hard to build your business, and it’s important to protect it.  Just like individuals, businesses can be targeted by cyber criminals.  A common threat today, is Business Email Compromise or CEO Fraud.  Through these crimes, billions of dollars are stolen from businesses every year. At First Oklahoma we are committed to providing information and resources you need to understand and recognize fraud, as well as the tools to help prevent it.

Familiarize yourself with the most common attack scenarios:

  1. Business working with a foreign supplier: This scam takes advantage of a long-standing wire-transfer relationship with a supplier but asks for the funds to be sent to a different account. 
  2. Business receiving or initiating a wire transfer request: By compromising and/or spoofing the email accounts of top executives, another employee receives a message to transfer funds somewhere, or a financial institution receives a request from the company to send funds to another account. These requests appear genuine as they come from the correct email address. 
  3. Business contacts receiving fraudulent correspondence: By taking over an employee’s email account and sending invoices out to company suppliers, money is transferred to bogus accounts. 
  4. Executive and attorney impersonation: The fraudsters pretend to be lawyers or executives dealing with confidential and time-sensitive matters. 
  5. Data theft: Fraudulent emails request either all wage or tax statement (W-2) forms or a company list of personally identifiable information (PII). These come from compromised and/or spoofed executive email accounts and are sent to the HR department, accounts or auditing departments.

Watch this video to learn about the latest scams-Don’t Be the Next Victim. Latest Business Email Compromise Scams.

Education & Awareness is Key!

Tell employees to slow down, use caution with any payment instruction changes and always call using a known number not one listed on the email to confirm legitimacy.

Please visit the sites below for additional information and ask yourself if your business is safe as it can be.

CEO Fraud|KnowBe4

Business Email Compromise - FBI

CISA.gov - Stopransomware

Check washing is a type of financial fraud that involves altering a legitimate check's details, often the payee and the amount, by erasing or modifying the ink using various chemicals and techniques. Once altered, the fraudulent party can cash or deposit the manipulated check, diverting funds intended for the legitimate recipient.

How Does Check Washing Occur?

Check washing typically occurs when a criminal gains access to a legitimate check, either by stealing it from the mail or directly from your possession. They then use chemicals to erase the ink while leaving the paper intact. Once the ink is removed, the criminal can rewrite the check to their own name or a different payee and alter the amount to their advantage.

How to Protect Yourself from Check Washing:

Protecting yourself from check washing involves taking precautions to safeguard your checks and the information on them. Here are some steps you can take:

  1. Use Secure Checks: Opt for checks with security features like watermarks, microprinting, and security ink. These features make it more difficult for criminals to alter the check's details.  To reorder checks for your First Oklahoma account, click or tap on "Reorder Checks" from the account details page in Online or Mobile banking, or you can call us at 918-392-2500 for assistance.  

  2. Use a Gel Pen: When filling out your checks, consider using a gel pen or a pen with permanent ink. Gel pens leave a thicker, more durable mark that is less susceptible to erasure or chemical alteration. Beginning _______ First Oklahoma Bank logo checks will include a gel security pen in each order.  

  3. Monitor Your Mail: Retrieve your incoming mail promptly, especially if it includes financial documents like checks. Consider using a locked mailbox for added security.

  4. Set Up USPS Informed Delivery: Take advantage of USPS Informed Delivery, a free service provided by the United States Postal Service. It allows you to receive email notifications with scanned images of your incoming mail pieces. This enables you to monitor your mail and detect any discrepancies or missing items promptly.  https://www.usps.com/manage/informed-delivery.htm

  5. Secure Your Checkbook: Keep your checkbook in a secure location when not in use, and never leave it in your vehicle. Avoid signing blank checks.

  6. Track Your Transactions: Regularly review your bank statements and online banking activity to identify any unauthorized transactions or alterations.

  7. Report Lost or Stolen Checks: If your checks are lost or stolen, notify First Oklahoma immediately to prevent misuse.

Understanding the threat of check washing and taking proactive steps to protect your checks are essential for maintaining the security of your financial transactions. By staying informed and vigilant, you can reduce the risk of falling victim to this type of fraud.

At First Oklahoma Bank, we prioritize your financial security and are here to assist you in safeguarding your financial interests. If you have any concerns about check safety or suspect any fraudulent activity, please contact Customer Care at 918-392-2500. Your peace of mind is important to us.

Search

Online Banking