In This Section

  • DEBIT CARD FRAUD INCREASING (December, 2015):

    Bank of Bolivar has noticed an increase in debit card fraud recently. As a result, until further notice signature-based debit card transactions will be blocked in those states that are experiencing a high amount of fraud at this time. PIN-based transactions, however, will still be approved even in those areas. If you are planning to travel and use your debit card for signature-based transactions, please call your local Bank of Bolivar branch and speak with a personal banking representative for states affected and further information.
     
  • SALLY BEAUTY DEBIT CARD BREACH (June, 2015):

    If you shopped at Sally Beauty from March 8 through April 14, the possibility exists that your debit card information may have been compromised. For your protection, Bank of Bolivar is enacting a temporary $600 daily limit on your debit card through August 1. If you prefer, you may instead bring your current debit card into any of our branches and order a replacement card, which would have the usual $1,200 daily limit.
     
  • TEXT SCAMS (May, 2015):

    Some people have reported receiving a text message from Wells Fargo saying that their their debit card has been compromised and they are supposed to text back their social security number.

    Please know that messages like this are a scam and reputable companies do not ask for personal information in this manner, especially in a text.
     
  • MYSTERY SHOPPER SCAMS [DON'T BE FOOLED!] (May, 2015):

    You may have heard about people who are "hired" to be mystery shoppers, and told that their first assignment is to evaluate a money transfer service, like Western Union or MoneyGram. The shopper receives a check with instructions to deposit it in a personal bank account, keep a certain fee for their trouble, but then withdraw the remainder in cash and wire it to a third party.

    Problem is, the check is a fake.

    By law, banks must make the funds from deposited checks available within days, but uncovering a fake check can take weeks. It may seem that the check has cleared and that the money has posted to the account, but when the check turns out to be a fake, the person who deposited the check and wired the money will be responsible for paying back the bank.

    It's never a good idea to deposit a check from someone you don't know and then wire or send money back.
     
  • DEBIT CARD FRAUD IN ILLINOIS, OHIO, AND MEXICO (October, 2014):

    Due to an increase in debit card fraud over the last few days, particularly in Illinois, Ohio, and the country of Mexico, for your protection, we are immediately limiting debit card transactions in these areas.

    Accordingly, until November 1, 2014, only PIN-based transactions (no signature-only transactions) will be allowed in these areas. This applies both to purchases made physically in these geographic areas (such as those made by residents of those territories or those traveling through them), as well as to electronic purchases processed from these areas.

    We apologize in advance for any inconvenience this may cause, but believe that these actions are necessary to adequately protect our customers, given the level of fraudulent activity. If you have any questions, please do not hesitate to contact your local Bank of Bolivar branch.
     
  • SQL INJECTION VULNERABILITY (August, 2014):

    What It Is:  When an attacker - such as the recently publicized Russian crime ring that stole 1.2 billion user name and password credentials - uses a "botnet" to test websites visited by infected users for vulnerability to a well-known hacking technique known as "SQL injection." If the website proves vulnerable, attackers return later to extract the full contents of the database.

    How This Affects Bank of Bolivar & You:  Bank of Bolivar's online and mobile banking host, Digital Insight, uses "stored procedures," a technique that significantly decreases the likelihood of an SQL injection. Also, DI's production site is continuously scanned and tested for SQL injection flaws, both internally and by third party partners. DI assures its customers that they continue to be diligent protecting against threats like these.
     
  • "CLICKJACKING" FRAUD VULNERABILITY (August, 2014):

    What It Is:  When an attacker tricks a user into clicking on a fake web page layered on top of the page they think they're in, such as a bank website page. The fake page can then collect confidential information such as online banking credentials.  The fix is relatively simple when OWASP (Open Web Application Security Project) best practices are followed by the website host.

    How This Affects Bank of Bolivar & You:  Bank of Bolivar would like you to know that our online and mobile banking host, Digital Insight, takes security very seriously.  DI follows the OWASP security best practices, provides clickjacking mitigation code, secure sockets layer (SSL), and transport layer security (Tls) encrypted sessions in our products.
     
  • "EMMENTAL" SECURITY THREAT (August, 2014):

    What It Is:  Emmental is a threat originating from an email to the end user containing a rich text format (.RTF) attachment with a malicious Windows Control Panel (.CPL) file. If this file is executed, it directs the end user to a legitimate-appearing site to download a "session token generator" mobile application that will infect the mobile device and capture credentials.

    How This Affects Bank of Bolivar & You:  Although there have been no reports of Emmental in the United States as of the date of this alert, here are some security best practices you can take to proactively mitigate this threat:
      - Install an antivirus app and keep it updated
      - Avoid installing Android apps from third-party websites or unreliable sources
      - Read the permissions requested by every application before installing
      - Verify the legitimacy of the publisher before installing
      - Perform regular backup of data stored in Android devices
      - Protect devices with a password
      - Do not view or share personal information over a public Wi-Fi network
      - Be aware that Bank of Bolivar does not support mobile applications for token generation
     
  • "SVPENG" SECURITY THREAT (June, 2014):

    What It Is:  Svpeng is a new malicious malware, ransomware app for Android devices. Svpeng searches for specific mobile banking apps on the device, then locks the device and demands money to unlock it. In the U.S., Svpeng breaks into a mobile device through a social engineering campaign using text messages.

    Svpeng capabilities include:
      - Spoofing legitimate banking applications
      - Stealing personal banking information
      - Capturing user input, including passwords
      - Sending SMS messages to premium numbers without user's knowledge resulting in charges
      - Stealing SMS messages
      - Stealing contact information and pictures
      - Tracking user location

    How This Affects Bank of Bolivar & You:  Currently, neither Bank of Bolivar nor its customers are known to have been targeted by Svpeng, but the security of our banking systems and our customers will remain a priority. For your benefit, here are some security best practices you can take to proactively mitigate this threat:
      - Install an antivirus app and keep it updated
      - Avoid installing Android apps from third-party websites or unreliable sources
      - Read the permissions requested by every application before installing
      - Perform regular backup of data stored in Android devices
      - Protect devices with a password
      - Do not view or share personal information over a public Wi-Fi network
     
  • "DYREZA" SECURITY THREAT (June, 2014):

    What It Is:  Dyreza or "Dyre" is a new family of banking malware that redirects the traffic to malicious servers while leading end users to think they have a secure connection with their legitimate online banking site.

    Dyreza is spread through spam e-mail messages such as "Your FED TAX payment ID [random number]" and "RE: Invoice #[random number]." These messages contain a ".zip" file often hosted on legitimate domains, to minimize suspicion.

    Opening this file infects the computer with the malware. Using a technique called "browser hooking" Dyrezea views unencrypted web traffic in the Internet Explorer, Chrome and Firefox browsers and captures an end user's credentials by sending the user to malicious servers, while the end user thinks they are securely connected to their financial institution"s legitimate website.

    Dyreza does not target mobile devices; it exploits Internet Explorer, Chrome, and Firefox browsers.

    How This Affects Bank of Bolivar & You:  Although neither Bank of Bolivar nor its customers are known to have been targeted by Dyreza to date, as always, we will continue to monitor all potential security threats closely.
     
  • "SVPENG" SECURITY THREAT (June, 2014):

    What It Is:  Svpeng is a new malicious malware, ransomware app for Android devices. Svpeng searches for specific mobile banking apps on the device, then locks the device and demands money to unlock it. In the U.S., Svpeng breaks into a mobile device through a social engineering campaign using text messages.

    Svpeng capabilities include:
      - Spoofing legitimate banking applications
      - Stealing personal banking information
      - Capturing user input, including passwords
      - Sending SMS messages to premium numbers without user's knowledge resulting in charges
      - Stealing SMS messages
      - Stealing contact information and pictures
      - Tracking user location

    How This Affects Bank of Bolivar & You:  Currently, neither Bank of Bolivar nor its customers are known to have been targeted by Svpeng, but the security of our banking systems and our customers will remain a priority. For your benefit, here are some security best practices you can take to proactively mitigate this threat:
      - Install an antivirus app and keep it updated
      - Avoid installing Android apps from third-party websites or unreliable sources
      - Read the permissions requested by every application before installing
      - Perform regular backup of data stored in Android devices
      - Protect devices with a password
      - Do not view or share personal information over a public Wi-Fi network
     
  • "HEARTBLEED" SECURITY THREAT (April, 2014):

    What It Is:  This is a major security flaw that has been detected in the technology used by many online organizations to maintain their password management. Known as the "Heartbleed" bug, this flaw only affects online technology utilizing OpenSSL.

    How This Affects Bank of Bolivar & You:  We are keeping a close eye on this and are happy to report that the vendors we use for our core processing and for Online Banking have each completed a preliminary assessment and discovered no vulnerabilities to this bug. However, there are a number of ancillary services within your online banking experience that have not yet completed their assessment. We will be sure to keep you updated. Rest assured that we are doing everything we can to help ensure that your information is safe.
     
  • TARGET DATA BREACH (November, 2013):

    Shoppers using bank cards at Target in late 2013/early 2014 are advised to review card and bank account activity for fraudulent transactions. If any of your debit or credit cards were compromised, contact the issuing company immediately. Some identity guard companies are warning consumers to look for unusual charges of small, odd amounts - $9.84 in particular - since compromised cards have been hit with unauthorized charges in this manner.
     
  • For peace of mind against identity fraud, Bank of Bolivar offers our customers IDProtect - affordable, comprehensive identity monitoring and fraud resolution.  You get so much protection for so little cost.  Click here to find out more and then visit with any of our friendly new accounts representatives to get protected today!