How to protect your Citizens account

There are a number of ways to help guard against unauthorized use of your account and protect your identity. We also provide you information on when and how the bank would contact you in the Contact Information section.

Phishing involves fraudsters who send messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims. Phishing may occur through fraudulent emails, fake websites, text messages or direct phone calls claiming to be a financial institution, or another company you have a customer relationship with, asking you for your personal information. These types of attacks may also be referred to as SMishing or SMS phishing, or Vishing (Voice Phishing).

At no time will you ever receive a call or email from the bank asking you for your login credentials. If you receive a suspicious phone call or email asking you to provide your authentication credentials, you should decline to do so and call us at 1-800-922-9999.

For more information about phishing visit the Consumer Financial Protection Bureau (CFPB) website.

Malware, short for "malicious software," includes viruses and spyware installed on your computer, phone, or mobile device without your consent. Malware can be used to steal personal information, send spam, and commit fraud.

For more information about malware visit the Federal Trade Commission website.

Identity theft occurs when someone uses your personally identifying information, such as your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes. The Federal Trade Commission has online guidance about the steps consumers can take to protect themselves against identity theft.

For more information about identity theft visit the Consumer Financial Protection Bureau (CFPB) website.

Step 1: Protect Your Computer

• Install and update your anti-virus and anti-spyware software frequently.
• Consider anti-malware for your devices, use your preferred virus protection or visit your app store.
• Keep your computer’s operating system up to date.
• Make sure to keep your web browser software up to date by installing the most recent version.
• If your computer’s operating system has a firewall, enable it.

Step 2: Keep Your Information Secure

• If you do not recognize the sender of an email or have any doubts about the authenticity of an email, do not respond and delete it immediately.
• Do not open the email or click on links or attachments, especially if they tell you the problem is urgent or the attached file ends in “.exe”.
• Don't give out personal information. Check a website's privacy policy before you give them your email address.
• Always use secure passwords. A secure password consists of upper- and lowercase letters and numbers.
• Never share your password with anyone.
• Do not include personal or sensitive data in, or in response to, an email.
• Monitor your account activity closely and watch for unusual activity. You can use Citizens Online Banking to monitor account balances, 24/7.
• When you finish your online and/or mobile banking sessions, be sure to log out.
• Do not store financial or personal information on your laptop, phone, or mobile device.

Step 3: Practice Safe Web Browsing

• Only allow popups from sites that you authorize.
• Do not give out personal information to blogs, forums, and other social networking sites.
• Only make online purchases using secure sites that encrypt your information. To determine if a site encrypts your information, look for the locked padlock icon in the browser and "https:" in the address line.
• Never access a website from a link in a suspicious email.
• Access online banking sites by typing the address directly into the browser’s address bar.

Step 4: Protect Your Laptop, Phone, and/or other Mobile Devices

• Be suspicious when installing applications/programs that require you to provide information that has nothing to do with the application’s purpose.
• If you use your laptop, phone, or other mobile devices to conduct mobile banking, and your device becomes lost or stolen, contact your financial institution and cell phone provider immediately.
• Never leave your laptop, phone, or other mobile devices logged on and/or unattended in public.
• Password protect and lock your laptop, phone, or other mobile devices when not in use.
• Do not store financial or personal information on your laptop, phone, or mobile device.

• Be cautious and always pay attention to your surroundings when using your credit, debit, or ATM card at an ATM or Point of Sale device.
• When entering in your PIN, hide it from view so others nearby cannot see it.
• Do not use an ATM or Point of Sale device if you notice suspicious individuals or possible tampering of the machine or device, including scratches, marks, adhesive, or tape residues.
• Report any suspicious or fraudulent activity immediately to the owner of the ATM or Point of Sale device or local law enforcement.
• Be suspicious if a store employee takes your card out of your sight in order to process your transaction, or asks you to swipe your card through more than one machine.
• Monitor your account or credit card statements for unusual or unauthorized transactions.

Card skimming is the illegal copying of information from the magnetic strip of a credit, debit, or ATM card. Skimming devices can be placed on or near an ATM or any device in which you swipe your card to make a payment (commonly referred to as Point of Sale device) and can be difficult to spot.

Following are some pointers on recognizing if skimming is taking place:

• The devices used are smaller than a deck of cards and are often fastened in close proximity to or over the top of an ATM's factory-installed card reader or POS device.
• Inspect the front of the ATM or POS device for unusual or non-standard appearance. Scratches, marks, and adhesive or tape residues could be indicators of tampering. Pay particular attention to all of the touch and action points. (e.g. keypad, customer card entry slot, lighting diffusers)
• Inspect all customer-facing areas of the ATM or POS device. Look at the card reader entry point, the regions immediately above the consumer display, and the keyboard area for anything unusual.
• If applicable, inspect the vestibule door reader as well and report any signs of tampering or abnormality.

Identity Theft

Identity theft occurs when someone uses your personally identifying information, such as your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes. The Federal Trade Commission has online guidance about the steps consumers can take to protect themselves against identity theft.

 For more information about identity theft visit the FTC website.

Personal and Account Protection Tips

• Do not use your Social Security number (SSN), in full or in part, for a password or PIN.
• Review your credit reports frequently to ensure the information is up to date and accurate. Work with the credit reporting agencies to have any inaccurate information removed.
• Store your Social Security card, other identification cards, checks, and accounts statements in a safe and secure location.
• Carry your Social Security card, passport, or birth certificate with you only when absolutely needed.
• Do not share your personal or financial information over the phone or in person unless the information is absolutely necessary and you can confirm that the individual and company are legitimate.
• Frequently monitor your financial accounts and report any suspected fraudulent transaction immediately.
• Retrieve and review your mail promptly.
• Shred financial documents no longer needed, pre-approved credit offers, receipts, and other documents that may contain financial and personal information.

Criminals are using new schemes that incorporate old techniques to try to trick people to provide personal information or account details. These social engineering attempts include use of sophisticated email and text messages appearing to be from legitimate sources and phone calls appearing to be from authentic individuals or service providers, etc. Carefully scrutinize any requests to divulge personal or account details. Understand your surroundings and be wary of those watching and listening. If you can't verify a request or confirm it as authentic, take the utmost caution in releasing any information.

Notify us immediately if you believe your Card or Personal Identification Number (PIN), or both, has been lost, stolen, or used to complete an Electronic Fund Transfer (EFT) without your permission. Examples of EFT transactions are ATM withdrawals and transfers, POS purchases made with your debit or ATM card, online banking payments, and online transfers. These claims will be investigated and handled in accordance with our internal guidelines regarding reimbursement of fraudulent transactions. If you report the transaction in a timely manner, you will not be liable for any unauthorized transactions using your Debit Card, when used for Point of Sale transactions, if (i) you can demonstrate that you have exercised reasonable care in safeguarding your Card from the risk of loss or theft; (ii) you have not reported to us two or more incidents of unauthorized use within the prior 12-month period; and (iii) your account is in good standing. Business customers should refer to Business section for Unauthorized Transaction Instructions.

Contact Us

Citizens encourages you to help us protect your information and to keep your information accurate. If you suspect someone has made unauthorized transactions on your Citizens accounts, or if you believe that any information about you is not accurate, please call us anytime at 1-800-922-9999.

If you send us email, we may retain the content of the email and your email address in order to respond to questions or concerns that you may have. Since we cannot ensure our response back to you is secure, we will not include personal or account information such as account numbers in the response.

When We Will Contact You

From time to time, the bank may contact you unsolicited via phone call or email to inform you of a system issue, inform you about new products and services, to verify account activity, or in an effort to continue to build the relationship. At no time will you ever receive a call or email from the bank asking you for your login credentials. If you receive a suspicious phone call or email asking for your authentication credentials, you should decline to do so and call us at 1-800-922-9999.