Customer Awareness Program
Bank of Marin is committed to protecting your personal information. Fraud through identity theft is growing rapidly, and we’d like you to be aware of what’s happening in the current online banking environment.
Electronic Funds Transfer Act (Regulation E)
Regulation E establishes the basic rights, and responsibilities of consumers who use electronic fund transfer services and of financial institutions that offer these services. The primary objective of the act and this part is the protection of individual consumers engaging in electronic fund transfers.
For the regulations, please visit the following links:
Regulation E Points
- Banks follow specific rules for electronic transactions issued by the Federal Reserve Board known as Regulation E. These rules cover all kinds of situations revolving around transfers made electronically. Under the consumer protections provided under Regulation E, you may be able to recover internet banking losses according to how soon you detect and report them.
- In general, these protections are extended to consumers and consumer accounts.
- Regulation E protects individual consumers engaging in electronic fund transfers (EFT). Non-consumer (or business) accounts are not protected by Regulation E.
- Regulation E is a consumer protection law for accounts established primarily for personal, family, or household purposes. Non-consumer accounts, such as Corporations, Partnerships, Trusts, etc., are excluded from coverage. Regulation E gives consumers a way to notify their Bank that an EFT has been made on their account(s) without their permission.
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.
How it Works:
Consumers receive an email from an organization with whom they do business. The email typically includes bogus appeals such as problems with an account or billing errors and asks to confirm his/her personal information. Most emails ask recipients to follow links that take them to an exact replica of the victim company’s Web site. Despite the convincing appeals, consumers should not respond to unsolicited emails that direct them to divulge personal identifying information.
Tips to identifying a “Phishing” emails:
- Awkward greeting – A phish may address the customer with a nonsensical greeting or may not refer to the customer by name.
- Urgent call to act – Different approaches include “We’re updating our records,” “We’ve identified fraudulent activity on your account,” or “Valuable account and personal information was lost due to a computer glitch.” To encourage people to act immediately, the email usually threatens that the account could be closed or canceled.
- Source code points to a different website than the alleged sender – The link looks official, but when your mouse curser rolls over it the link’s source code points to a completely different web site. Remember that you can always type a URL into your web browser instead of clicking on a link.
- Typos & Incorrect Grammar – This is a technique used by phishers to avoid email filters. The errors are intentional.
- If you fall victim to an attack, act immediately. Alert Bank of Marin as soon as possible. Place fraud alerts on your credit files. Monitor your credit files and monthly statements very closely.
- Report suspicious emails or calls to the Federal Trade Commission, through the Internet or by calling 1-877-ID-THEFT.
Please note that Bank of Marin will never request identifying information, account information, or Online Banking password information via email. If you have any question regarding the validity of a phone call or email requesting account information, please contact your local Bank of Marin office or call Bank of Marin’s Client Services Department at 415-884-3021 prior to responding to the request for information.
Protect, Detect and Respond
- It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated virus protections on your computer. Use complex passwords and change them periodically.
- Partner with your bank to prevent unauthorized transactions. Talk to your banker about programs that safeguard you from unauthorized transactions. Positive Pay and other services offer call backs, device authentication, multi-person approval processes and batch limits help protect you from fraud.
- Pay attention to suspicious activity and react quickly. Look out for unexplained account or network activity, pop ups, and suspicious emails. If detected, immediately contact your financial institution, stop all online activity and remove any systems that may have been compromised. Keep records of what happened.
- Avoid using personal information.
- Create a unique password for online banking that you don’t use elsewhere.
- Do not use the password auto-save feature on your browser.
- Do not share your passwords or write them down.
- Change your password periodically.
ID Theft Tips:
- Shred receipts, statements, expired cards, and similar documents.
- Review statements promptly and carefully.
- Be positive of the identity of the requestor before divulging personal information. Only give personal information if you initiate the contact.
- Periodically check your credit report.
- Check your credit report.
- Pay using credit cards.
- Shred bank account, credit card, medical and other statements with personal information.
- Never click on suspicious links.
- Only give sensitive information to websites using encryption, verified though the web address
- “https://” (the “s” is for secure).
- Use social media wisely and don’t reveal too much.
- Use passcodes.
- Avoid storing sensitive information.
- Keep software up-to-date.
- Install remote wipe if the device is lost or stolen it can be cleared off.
Alternative Risk Resources:
- Federal Deposit Insurance Corporation (FDIC) Identity Theft & Fraud Web Site
- The Internet Crime Complaint Center (IC3) – a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C).
- Anti-Phishing Working Group – The Anti-Phishing Working Group (APWG) is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that result from phishing, pharming, malware and email spoofing of all types.
- STOPFRAUD.GOV – The Financial Fraud Enforcement Task Force Federal Trade Commission TC Consumer & Privacy Resources