EverTrust Bank is committed to protecting your personal information. We believe our customers should stay current with potential security threats and ways to avoid these threats.
If you think your identity may have been compromised, or you believe your accounts may be in jeopardy, please call our service center 626-656-1109 or contact your account branch immediately.
Control Mechanisms For Avoid Online Security Threats
Personal Identifying Information
- Check your bank accounts regularly.
- Do not give any of your personal identifying information over the telephone, through the mail or online unless you have initiated the contact or know and trust the person or company to whom it is given.
Usernames and Passwords
- Memorize your usernames and passwords and keep them confidential.
- Create difficult passwords to include numbers, uppercase letters and special characters.
- Change your passwords periodically.
- Avoid selecting usernames and passwords that will be easy for an identity thief to figure out.
- Do not carry usernames and passwords in your wallet or purse or keep them near your online access devices such as PCs or smartphones.
Online Access Devices
- Be careful when downloading applications or programs to your Online Access Devices. If it looks like spam, if it’s free, or if it comes preloaded with advertisement, it may not worth downloading as it may collect personal information.
- Lock your computer when you walk away.
- Know who is around when you access your account.
- Dedicate one computer for online banking business.
- Encrypt all data stored on your portable devices and laptops.
- Install/update firewalls and anti-virus software. Ensure all computer software is up-to-date and contains the most recent patches.
- When setting up a wireless network, make sure the default password is changed and make sure you encrypt your wireless network.
Online Security Threats
- Clickjacking: These attacks use maliciously created pages where the true function of a button is concealed beneath an opaque layer showing something entirely different. Typical to Facebook users, often sharing or "liking" the content in question sends the attack out to contacts through news feeds and status updates, propagating the scam.
- Phishing: The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Website, however, is bogus and set up only to steal the user’s information.
- Spearphishing: This is more likely to occur via regular e-mail; but you may also be hit by a spear through a Facebook or Twitter message. Spearphishing (or spear phishing) works through an e-mail or message that seems quite personal, it may appear to be from a person or company with whom you normally communicate; however, it will lead you to a poisoned site. It is similar to "phishing" scams but rather than just getting a message from your e-mail provider saying your inbox is full or you have to verify your identity and so on it takes it a step further by adding personalized information to lull your suspicions.
- Pharming: In this latest version of online ID theft, a virus or malicious program is secretly planted in your computer and hijacks your web browser. When you type in the address of a legitimate website, you’re taken to a fake copy of the site without realizing it. Any personal information you provide at the phony site, such as your password or account number, can be stolen and fraudulently used.
Ways To Avoid These Threats
- Looks at who is sending the email. If it seems odd, delete it.
- Keep your browsers up to date; updated browsers are doing a better job screening out dangerous stuff.
- Do not click on links that ask for your personal information. If it is from a company or bank call the company or bank directly to ask about the issue stated in the email.
- Do not click on links if you do not know who the sender is.
- Make sure you know who you are accepting as a friend on social networking sites.
- Be cautious when typing in web addresses to ensure you are directed to the site intended.
What The Bank Is Doing to Help Protect Our Customers
- The Bank has added extra security layers with more layered controls to our online banking (multi-factor authentication) and cash management products (dual control).
- The Bank monitors our customer account activity for any unusual or suspicious transactions.
Ways The Bank May Contact You
- EverTrust Bank never requests a customer’s account number, Social Security number, or password through email. If you should receive an email requesting such information that appears to be EverTrust Bank, do not respond to the email and contact your account branch immediately.
- If we need to contact you we will contact you by phone, email, or mail. We will never ask for personal information if we contact you; this includes emails sent from the Bank.
Security Measures For Commercial Customers
- The Bank strongly suggests that commercial customers perform a related risk assessment and controls evaluation periodically. This is done to ensure that all risks to the company have mitigation facts lowering the risk to the company.
- Available Resources from NACHA Corporate Account Takeover Resource Center.
A Summary Of Your Rights Under Regulation E
- Regulation E is applicable to all consumer deposit accounts.
- Regulation E provides a basic framework that establishes the rights, liabilities, and responsibilities of participants in electronic fund transfer systems. “Electronic fund transfer” general refers to a transaction initiated through an electronic terminal, telephone, computer, or magnetic tape that instructs an institution to either credit or debit a consumer account.
Error Resolution Summary
In case of errors or questions about your electronic transfers, call us immediately. If you think your statement or receipt is wrong or if you need more information about a transfer on the statement or receipt. We must hear from you no later than 60 days after we sent you the FIRST statement on which the error or problem appeared.
- Tell us your name and account number (if any).
- Describe the error or the transfer you are unsure about, and explain as clearly as you can why you believe it is an error or why you need more information.
- Tell us the dollar amount of the suspected error.
We will investigate your complaint and will correct any error promptly. If we take more than 10 business days to do this, we will credit your account for the amount you think is in error, so that you will have the use of the money during the time it takes us to complete our investigation.
Here is what the Federal rules require: If you report the losses within 2 days of receiving your statement, you can be liable for the first $50. After 2 days, the amount increases to $500. After 60 days, you could be legally liable for the full amount.
Business accounts are not subject to the same protections as consumer accounts under Regulation E. However, if you have any questions or notice a fraudulent activity please contact us immediately.
See our Electronic Funds Transfer Disclosure for more information.