Protect Yourself & Your Business
Online and Mobile Banking Security Procedures
Great Western Bank (GWB) is committed to protecting your personal information. We’ve created these important security procedures to help you protect your personal and business financial information. It will also increase your level of online security. Please follow all applicable procedures to ensure the highest level of protection:
- Retrieve mail promptly and send bills and other sensitive documents from a secure mailbox.
- Shred private documents such as receipts, applications, bank statements, etc. Sign up for online statements to prevent theft of paper documents.
- Review your credit report at least once per year. Monitor your credit activity and alert the reporting agencies of any suspicious activity or significant changes to your credit score.
- Ensure all of your information is up-to-date with the Bank. This includes: your current phone numbers, mailing and email addresses and date of birth.
Online Security Tips
- Do not use your Social Security number as your username and/or password. Change your usernames and passwords regularly and use combinations of letters (capital and lower case), numbers, and special characters (for example, *, #, !). Do not use the same username and/or password for multiple accounts.
o If your GWB username/password is your social security number, please change it by contacting your local branch/banker or contact our customer service center at 1-800-952-2043.
- Protect your passwords. Do not write them down or share them with anyone.
- Protect your answers to any security questions. Select questions and provide answers that are easy for you to remember, but hard for others to guess. Do not write down your security questions or answers or share them with anyone. If you have selected security questions on other websites, avoid using the same questions to protect your GWB Online or Mobile Banking accounts. Please note that GWB will never ask you to provide answers to your security questions via email.
- Use secure websites for transactions and shopping. Shop with merchants you know and trust. Make sure internet purchases are secured with encryption to protect your account information. Look for “secure transaction” symbols which depict a lock symbol in the lower right hand corner of your web browser window, or “https://...” in the address bar of the website. The “s” indicates “secured” and means the web page uses encryption.
- Always log off from online banking and any website after using your credit or debit card, or other sensitive information. If you cannot log off, quit your browser to prevent any potential unauthorized access to your account information.
- Quit your browser when you are not using the internet.
- Be cautious when using public hotspots and consider your Wi-Fi auto-connect settings.
Email Security Tips
- Be wary of suspicious emails. Never open attachments, click on links, or respond to emails from suspicious or unknown senders.
- If you receive a suspicious email that you think is a phish (see, “Types of Online Fraud” below), do not respond or provide any information.
- If you respond to a phish email with personal or account information, contact 1-800-952-2043.
Mobile Banking Security Tips
When you use a mobile device for browser or text-based account access, keep these tips in mind:
- Use the keypad lock or phone lock function on your mobile device when it is not in use. These functions password-protect your device to make it more difficult for someone else to view your information. Also, be sure to store your device in a secure location.
- Frequently delete text messages from your financial institution, especially before loaning out, discarding, or selling your mobile device.
- Never disclose via text message, phone call, or email your personal or financial information, including account numbers, passwords, Social Security number or birthdate. GWB will never send a text message to your mobile device asking you for this type of information.
- If you lose your mobile device or change your mobile phone number, remove the old number from your mobile banking profile by contacting your local branch/banker or call GWB customer service at 1-800-952-2043.
Applications (“Apps”) are programs you can download to your mobile device. Apps that let you monitor your finances and conduct certain transactions are increasing in popularity.
- Download mobile apps from reputable sources only to ensure the safety of your personal and account information. We encourage users to download the most recent versions of our apps and keep them updated. Our apps are supported by Android, Blackberry, and iPhone devices. You can download the GWB app by visiting the associated App Store and searching for Great Western Bank, or visit m.mygwb.com on your phone’s browser and click the create an account link.
- For your security, sign off when you finish using a GWB app rather than just closing it.
- If you have suspicions about the authenticity of a GWB mobile banking app, access your account through our mobile banking site at m.mygwb.com
Computer Security Tips
- Use a current web browser. View a list of GWB supported browsers at greatwesternbank.com
- Avoid downloading programs from unknown sources
- Keep your computer operating system up-to-date to ensure the highest level of protection
- Install a personal firewall on your computer
- Install, run and keep anti-virus, anti-spyware and other software updated
- Beware of malware infections by drive-by downloads. Drive-by downloads may happen when visiting a malicious or vulnerable website, viewing an e-mail message or by clicking on a deceptive pop-up window. Malware is malicious software installed on your computer which has a harmful intent that can, for example, capture your login passwords and other personal data. Examples of malware include software such as spyware, adware, viruses, etc. The best way to protect yourself from malware is to exercise caution before installing programs on your computer or opening email attachments. Here are some precautions that are important to take:
- Only install applications and software from well-known companies you trust.
- Make sure your computer is cleansed from viruses/spyware and has up-to-date anti-virus and anti-spyware software installed
- Keep your operating system and browser up-to-date with the latest security updates and patches.
- Set your browser preferences to block pop–ups — these pop-ups can contain inappropriate content or have malicious intentions.
- Back up all sensitive information from your old computer before you discard and erase the hard drive.
- Change your wireless network default password as well as the default SSID (name used to identify your network), don’t broadcast your SSID and consider using encryption on your network.
- Turn your computer off completely when you are finished using it. Don’t leave it in sleep mode.
- Conduct online banking activities on secure computers only. Public computers (computers at internet cafes, copy centers, etc.) should be used with caution, due to shared use and possible tampering. Online banking activities and viewing or downloading documents (statements, etc.) should only be conducted on a computer you know to be safe and secure.
- Ensure your computer software and plug-ins are current. Before downloading an update to your computer program, first go to the company’s website to confirm the update is legitimate.
Examples of Online and Mobile Fraud
Types of Online Fraud
The following list, while not exhaustive, contains a description of common fraud techniques of which GWB desires its customers to be particularly aware:
Phishing and spoofing
Sometimes criminals may send you email that looks like it has come from GWB. These phony emails ask you to go to a Website that also looks like GWB and provide your personal account information. These emails may even ask you to call a phone number and provide account information but the Website is a fake.
- Asking for personal information should raise a flag since GWB emails will never ask you to reply in an email with any personal information, such as your Social Security number, ATM or Debit Card PIN.
- Urgent appeals claim that your account may be closed if you fail to confirm, verify or authenticate your personal information. GWB will not ask you to verify information in this way.
- Messages about system and security updates claim that the bank needs to confirm important information due to upgrades and state that you must update your information online. GWB will not ask you to verify information in this way.
- Offers that sound too good to be true often are. You may be asked to fill out a short customer service survey in exchange for money being credited to your account, and you are then asked to provide your account number for proper routing of the supposed credit. GWB will not request your information in this way.
- Typos and other errors are often the mark of fraudulent emails or websites. Be on the lookout for typos or grammatical errors, awkward writing and poor visual design.
To protect against phishing and spoofing:
- Make sure you are at GWB’s Website when you sign in to Online Banking. You can do so by typing www.greatwesternbank.com in your browser. If you’re using a secure browser, it will turn your address bar green.
- If you receive a suspicious email, do not click on any links or reply to it. Simply delete it.
- To report a suspicious email that uses GWB's name, you can forward it to email@example.com.
Money mules are unsuspecting victims who become middlemen for criminals trying to launder stolen funds. Victims are lured by the promise of a new career opportunity making large sums of money for minimal work. Criminals recruit money mules, send them stolen money and then ask the money mules to wire or transfer the money unwittingly to the criminals. Using the money mule masks the criminal's identity.
The money mule may keep a commission for performing the transfer or wire. The victims of these scams may not only have their bank accounts closed and financial reputation ruined, but are often left financially responsible for returning the stolen funds.
Common signs of a money mule scam:
- Overseas companies requesting money transfer agents in the US
- Opening new bank accounts to receive money from someone you don't know
- Accepting large sums of money into your personal bank account for a new job
- Transferring or wiring funds out of your personal bank account to people you do not know
Malware, short for "malicious software," includes viruses, spyware and trojans that are designed to infiltrate or damage a computer system. Malware is often used to steal personal information and commit fraud. There are several easy ways to minimize the risk of malware:
- Downloads from file sharing and social networking sites can be distribution points for malware
- Attachments and free software from unknown sources shouldn’t be opened or installed
- Pop-up advertisements asking for personal or financial information are likely fraudulent, so it's better to close them
- Updated security and system software can protect your computer from malware threats
Vishing uses Voice over Internet Protocol (VoIP) to call, leaving an automated recording. It alerts the consumer that their account has experienced unusual activity. The message instructs the consumer to call the same phone number shown in the spoofed caller ID with the same name as the financial company they are pretending to represent. And sometimes, criminals who try to get consumers to turn over personal data send emails and text messages containing fraudulent phone numbers.
Rather than provide any information, you should contact GWB at the customer service number you normally use to verify the validity of the message.
Types of Mobile Fraud
Fake Mobile Banking Apps
Criminals may develop and publish fake mobile banking applications attempting to steal your Online Banking credentials. Here are tips for recognizing an unofficial GWB application:
- The developer or author of the application is not GWB
- The application is being promoted on a third party site, somewhere other than the official application store for your mobile device
- There is a charge for downloading the application—GWB does not currently charge for mobile application downloads
- To help protect your accounts and information, don't download or install a GWB America Mobile Banking App if you spot any of these warning signs.
SMShing is phishing that happens via SMS text message. A criminal sends a text message tricking you into replying with financial or personal information or clicking on links that will sneak viruses onto your mobile device. To guard against these scams:
- Don't respond to a text message that requests personal or financial information. GWB will never ask you to respond in this way.
- Verify the phone numbers that appear in a text message. Store GWB phone numbers in your mobile contacts for a quick cross-check, or, you can go to the Contact Us page.
- Mobile phones and tablets offer convenience, but they’re also easy to lose or steal, which can put your information at risk.
- Password-protect your device so it can’t be accessed unless the password is entered
- Enable an automatic screen-locking mechanism to lock the device when it’s not actively being used
- Consider using a remote wipe program, this will give you the ability to send a command to your device that will delete any data
- Keep a record of the device's make, model and serial number in case it's stolen
- The GWB Mobile Banking Apps still require you to enter your Online User ID and Password along with your SiteKey before accessing your financial information.
Traditional online threats
Viruses, malware and other programs that steal your personal information or financial details are also able to infect some mobile devices.
- Some tablets may support traditional anti-virus products. Consider installing AV if supported on your device
- Back-up the device's data. This will allow you to restore the data if you need to wipe the memory to remove a harmful software threat
- Stay vigilant about security when taking advantage of the convenience these devices offer.
Great Western Bank strives to provide sound financial education to our customers. If you have questions regarding the information detailed below (or any other scam), please contact your banker.