Security & Privacy Center
Our Commitment
Privacy Notice
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this Primary Bank Privacy Notice carefully to understand what we do.
Consumer Privacy and Information Security Policy
Primary Bank maintains its continuing commitment to the proper use and protection of customer information, and has established the Consumer Privacy and Information Security Policy. This Policy will be used to guide the Bank in serving the privacy needs of its customers, and protecting confidential information.
Seasonal Cybercrimes
Cybercriminals are targeting consumers through popular social media platforms like LinkedIn, TikTok, and Instagram, as well as via wrong number texts. Read more about protecting yourself from cybercrimes.
Is it Really the IRS?
The “IRS” is on the phone. They’re saying you owe back taxes and need to pay immediately using cryptocurrency, or you’ll be arrested. You reach for your wallet but then think — WAIT — is this really the IRS? Or is it someone impersonating the IRS? Read more about scams involving the IRS >
Banks Never Ask That!
General Security Tips
With the added threats of identity theft and fraud, this increased information gathering gives us the tools to make sure we can properly authenticate your identity, whether it be in person, on the phone, or over the Internet.
Update and Patch Your Devices
-
- Ensuring your devices are updated and patched is extremely important and is a simple step to help you stay safe online.
- Software updates not only improve how your device runs – they also fix or remove bugs, patch security vulnerabilities that are exploitable by hackers, and add new and improved features.
- By regularly updating and patching your devices, you can help keep your personal information safe and out of the wrong hands.
Protect Your Personal Identifiable Information (PII)
-
- PII refers to any information that can be used to identify, locate, or contact an individual. This includes, but is not limited to – your name, Social Security number, date of birth, address, and phone number.
- It is important to be mindful of where you might use, or share, your PII. Be careful not to include any identifying information in your passwords, PIN numbers or passcodes.
- We also recommend considering what you post online as social media is a huge source for cybercriminals to gain your private information. Look over the privacy settings of your social media accounts and enable multi-factor authentication when possible.
How To Safeguard Personally Identifiable Information
To learn more about how to protect, store, and use your PII, read the Department of Homeland Security’s factsheet.
Understanding Ransomware
Ransomware is an ever-evolving form of malware designed to take your files hostage (encryption), rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for releasing files (decryption). Here are some important tips that will help protect your files:
-
- Update software and operating systems with the latest patches. Outdated applications and operating systems are the targets of most attacks.
- Never click on links or open attachments in unsolicited emails.
- Back up data on a regular basis. Keep it on a separate device and store it offline.
- Follow safe practices when using devices that connect to the Internet.
Learn more about how to protect yourself from Ransomware.
Stay Safe While at Home and On-the-Go
- With the COVID-19 pandemic still a significant part of our daily lives, it is imperative to implement both personal and device safety measures while at home.
- Resist using public Wi-Fi to access personal accounts, make purchases, or sign into banking, credit or other applications where personal data is present.
Online and Mobile Security
Enhance Your Password Security
-
- Strong passwords are essential in practicing online security and protecting your information. Strong passwords are those that include uppercase and lowercase letters, numbers, special characters, and are at least twelve to fifteen characters in length.
- Remember to never write down, share, or store your passwords overtly. Instead, use a secure password manager to organize and keep track of your passwords.
- It is important to update your passwords frequently, setup multi-factor authentication and enable biometric login when available.
- Avoid the “Remember Me” and “Allow Autofill” options when logging into online or mobile accounts, as these settings store your credentials on the device or browser in use.
Building A Digital Defense With Passwords
The United States Federal Bureau of Investigation (FBI) recommends using lengthy passphrases as passwords.
Be Aware of Email Scams
-
- Phishing refers to a type of social engineering attack, in which a cybercriminal sends deceptive emails in an attempt to infect a user’s device with malware and/or obtain personal information, such as credit card numbers, login credentials, and other sensitive material.
- These messages often use verbiage that creates a sense of urgency, so that the user is more likely to panic and act quickly on the fraudster’s requests.
- Phishing emails are frequently centered around current events, like the COVID-19 pandemic; or sent at specific times of year, such as tax season.
- Always be cautious when opening attached files as they can potentially have malicious programs embedded in them just waiting to be run by an unsuspecting user.
- It is important to always think before you click, especially if the sender appears suspicious or if you were not expecting the email. Practice hovering your mouse over hyperlinks to see where they are really taking you.
How To Spot A Social Engineering Attack And How To Avoid Them
To learn more about how to spot a social engineering attack and how to avoid them, visit the United States Cybersecurity and Infrastructure Security Agency (CISA) website and review their tips on Avoiding Social Engineering and Phishing Attacks.
Don’t Answer That Call
-
- Voice phishing, or Vishing, is a social engineering scheme, that aims to gather personal and confidential information using verbal scams.
- Like phishing, vishing calls may evoke a sense of panic, and attackers will attempt to persuade their victims to provide sensitive, personal material over the phone.
- Cybercriminals may even leverage programs that can create bogus phone numbers using local area codes and numbers, or ones that resemble a reputable organization’s business number.
- If you suspect that you might have received (or are on) a vishing call, it is always best to hang up and verify legitimacy by calling an official, public phone number of the company in question.
Federal Trade Commission’s National Do Not Call Registry
You may also wish to register for the Federal Trade Commission’s National Do Not Call Registry which will greatly reduce the telemarketing calls your number receives, and help you spot a possible vishing attack.
Identity Theft Best Practices and Resources
Monitor Your Accounts and Credit Report
-
- Identity theft is the deliberate and intentional use of another person’s identity, usually for financial gain. Luckily there are ways to mitigate your risk of becoming a victim of this crime.
- Regularly monitoring your financial account statements, as well as keeping track of activity on your credit report, are good ways of being proactive and can help you stop identity theft before it’s too late.
- Setting up alerts on your bank account is simple and will help you spot suspicious activity like invalid logins, transactions, or fraudulent online charges.
- Credit monitoring is easy to setup and tracks activity at all three major credit bureaus – Equifax, Experian, and TransUnion. This service will alert you when it detects newly opened loans or accounts, unexpected changes to your credit limits, a change in personal information on your credit file, and more.
Visiting The United States Federal Trade Commission’s Website
Learn more about identity monitoring services and Identity Theft Protection Services by visiting the United States Federal Trade Commission’s (FTC) website.
Report Suspicious Account Activity
-
- Do you think you’ve been a victim of fraud? Don’t worry, we’re here to help.
- If you suspect fraudulent activity on your account, please contact your local branch manager or representative.
- Setting up alerts on your bank account is simple and will help you spot suspicious activity like invalid logins, transactions, or fraudulent online charges.
Federal Trade Commission (FTC)
You may wish to file a formal complaint or report a scam or consumer issue directly with the Federal Trade Commission (FTC): FTC Complaint Assistant.
FBI’s Internet Crime Complaint Center (IC3)
You can also report stolen identities and finances to the FBI’s Internet Crime Complaint Center (IC3): Complaint Referral Form.
Has your Identity been compromised?
Here are some steps you can take to minimize the impact of identity theft.
Email or Social Media Hacked? Here's what to do
Hackers target your email and social media accounts to steal your personal information. Like your username and password, bank or credit card account numbers, or Social Security number. If they get it, they use it to commit identity theft, spread malware, or scam other people. So, what are signs that someone hacked your account, and how can you recover a stolen account? The Federal Trade Commission (FTC) offers advice on what to do if your email or social media are hacked.
Online Education Center
US Federal Trade Commission (FTC) - Cyber Basics
US Federal Trade Commission (FTC) - Cybersecurity for Small Business