Your privacy and security are at the forefront of what we do at CCB

At Citizens community Bank we are committed to your privacy and security. Our Fraud Prevention, Anti-Fraud, Cybersecurity technology and Security personnel work together daily to protect our customers and employees from the myriad of ongoing global threats to our security. We also provide tips and tools to help you stay informed of what you can do to protect yourself and your family against identity theft and scams.

If your debit card is lost or stolen promptly call 888-263-3370 to report the incident.

---

How we protect you

At Citizens Community Bank we consider the security of your financial information a top priority. We employ extensive security measures to ensure a safe and reliable banking experience for all of our customers.

Password Protection – to gain access to an account or account information, a user must verify his or her identity with a password.

Firewall Protection – all systems are protected with firewalls that limit access to only those services that we needed. In addition, all activity passing through the firewall is documented.

128 bit with TLS Encryption – before data is exchanged between the customer and the bank, it is encoded or scrambled with 128-bit key TLS encryption. TLS encryption locks the data so that regardless of the path the data takes as it passes across the internet, it only can be opened by the end user with the proper key or 128-character-long combination to the lock on the data. Upon arriving at the computer that requested the information, the packets are reassembled into the original message.

Fraud Detection – we use cutting-edge technology and trained employees to aid in fraud detection. Additionally, we collaborate with industry specific security and fraud experts made up of some of the largest financial institutions and government agencies in the United States, which allows us to address emerging issues in Internet and email fraud.

Transaction Alerts –  We request that customers enter at least one mobile phone number or email address (two are suggested) upon setting up a Banking Online account. These email addresses and/or mobile phone numbers can be used to send verification emails, transaction alerts or texts when various types of transactions are made on your account.

Privacy Notice – a copy of our privacy notice can be found here.

Federal Laws and Regulations – Federal laws and regulations protect you from fraudulent credit and debit card usage as well as from unauthorized online banking activity.

---

Online Fraud

If you suspect you are a victim of an attack (phishing, vishing, malware, etc.), take the following actions immediately.

If you clicked on a link within a suspicious email contact CCB and we will assist you with:

Changing your online password
Changing your security questions
Closing accounts if any account information was communicated
Be sure to report the suspected fraud to the bank and the proper authorities immediately.

If you receive a suspicious email that says it’s from Citizens Community Bank, you may contact the bank to report the incident. Do not click any links or act on any instructions in the email.

If you suspect your personal information has been compromised, or you may have inadvertently compromised your CCB account, contact us immediately at 931-967-3342.

In addition, if it is confirmed fraud, you may also contact the following three major credit bureaus to place a fraud alert on your credit file:

Equifax at www.equifax.com
800-525-6285
Experian at www.experian.com
888-397-3742
TransUnion at www.transunion.com
800-680-7289
You can get three (3) credit reports free each year from the nationwide reporting agencies: one each from Equifax, Experian and TransUnion.

Any suspicious phishing email can also be forwarded to:

Federal Trade Commission at uce@ftc.gov or spam@uce.gov
reportphishing@antiphishing.org

---

Types of Online Fraud

Below are some of the most well-known types of online fraud. The more you know, the better you can keep yourself and your private information secure.

Phishing
Phishing is the most common online fraud. Consumers are randomly targeted by criminals sending out mass emails usually containing an urgent message regarding account status, with instructions to click a link within the email directing them to a fraudulent website. Once the consumer clicks the link, he/she is exposed to the threat of having personal information stolen, including bank account information, user IDs and passwords, and social security numbers.

Remember, Citizens Community Bank will never send out an email requesting personal information from customers! Regardless of how legitimate an email or website may appear, NEVER respond to any email that instructs you to provide ANY personal information.

Vishing
Vishing is a variation of the phishing scam. Vishing (a combination of the words "voice" and "phishing") often involves an automated recording made to a victim, alerting them that their credit or debit card, or bank account has had fraudulent or unusual activity, followed by instructions to call a phone number immediately. When the victim calls this phone number, it is typically answered by automated instructions to enter debit card information, bank account information or other private information such as PIN, date of birth, social security number, etc. Once the consumer enters this information, the criminal (visher) has the information necessary to make fraudulent use of the credit or debit card, or access to bank accounts.

Vishing is very difficult to monitor or trace. The vishing phone number can show up on caller ID with the name of the financial institution they are pretending to be. Be highly suspicious of ANY message directing you to call and provide credit, debit or bank account information.

Citizens Community Bank will not request your personal account information over the phone.
Contact Citizens Community Bank directly 931-967-3342 to verify the validity of any message.

Malware
Malware (a combination of the words "malicious" and "software") is software that criminals use to access your computer without your consent or knowledge. Malware includes computer viruses, worms, trojan horses and spyware. Once malware is on your computer, criminals can use it to steal information, send spam, and commit fraud, as well as inflict damage to your computer system and software.

Foreign Country Email Scam
This email scam supposedly originated from Nigerian "officials" who needed your help getting their money which was tied up due to strife in their country. This scam is no longer limited to emails from Nigeria, but are commonly received from people in countries around the world sending you offers to transfer potentially thousands of dollars into your bank account if you will simply pay a fee to help them access their money. Typically these emails are followed by additional emails requesting you send more money to cover transactions and transfer costs, attorney's fees, blank letterhead, and most seriously, your bank account numbers.

If you receive an email from someone in a foreign country claiming to need your help getting money out of another country DO NOT RESPOND!

Cross-Border Scams
This type of criminal activity uses the Internet to steal through foreign lottery offers, money offers and check over payment schemes. These solicitations are phony and illegal. Be aware that foreign solicitations such as these are from crooks trying to steal your money, or commit identity theft, and you should NOT respond to them.

---

On-line Security Tips

At Citizens Community Bank, keeping your sensitive information both private and accessible is our priority. Here are a few tips on how you can protect yourself from online fraud and keep your data safe and secure.

• If you receive an email that warns you that an account of yours will be shut down or suspended unless you confirm your account information, DO NOT REPLY OR CLICK ON A LINK IN THE EMAIL. Instead, contact the company cited in the email using a telephone number or web site address you know to be genuine.
• Avoid sending personal and/or financial information in an email. Before submitting financial information through a Web site, look for the padlock icon in the browser's address bar. The padlock signals that your information is being transmitted over a secure encrypted connection. Double-click the padlock icon for verification of the Web site you are using.
• Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a week, call your credit card company or bank to confirm your billing address and account balances.
• If using online banking services, keep your login credentials confidential. NEVER share your online banking credential with anyone, including businesses that may request this info for transactional purposes. User names, passwords or security questions/answers should not be given out nor written down. It is a good idea to change your password every 60 days or so and never use the same password for different websites.
• Install virus protection and malware detection software on your computers and run full system scans often. Be sure you have the most up-to-date version of your virus protection software installed and always update the definitions before scanning Regularly check for and install computer operating system updates when available.

REMEMBER - Citizens Community Bank does not send out unsolicited emails that require you to provide or divulge any account information. If you are in question about any email you receive from CCB, please contact your local branch. You may also contact us here.

Visit one of the following sites for more information on ways to avoid email scams, and how to deal with deceptive spam.

http://www.ftc.gov/spam
http://www.antiphishing.org
http://www.staysafeonline.com

---

Email Fraud

Criminals are getting more sophisticated in creating phishing emails and fraudulent or imposter websites (spoof websites). Do not be fooled by what appears to be real logos or other marketing info included in scam e-mails. If an email urges you to click a link to provide information, activate a profile, or verify information, DO NOT RESPOND. You have likely received a phishing email.

These are fraudulent emails and should NOT be responded to. NEVER click on an embedded link as requested in these emails as it can lead you to a malicious website and possibly infect your device.

Citizens Community Bank will NEVER contact you and ask you to provide personal account or login information by email, phone or text message. This includes account numbers, user IDs, passwords, and debit or credit card information.

If you feel you have received a fraudulent or malicious e-mail you may contact the bank, verify the validity and report the incident.

---