We will be CLOSED Monday, February 20, 2023.
Any transactions after closing Friday, February 17, 2023 will post to your account on Tuesday, February 21, 2023 due to the observance of Presidents Day. *This affects all wires & ACH transactions.
Learn about the Equifax Data Breach and to find out if your information has potentially been impacted. See update on the settlement of the Equifax Data Breach.
View a list of current data breaches.
Corporate Account Takeover (CATO) is a type of business identity theft where cyber thieves gain control of a business’ bank account by stealing employee passwords and other valid credentials. Thieves can then initiate fraudulent wire and ACH transactions to accounts controlled by the thieves. It is important for businesses to take extra precautions to safeguard their computers and login credentials to prevent fraudulent transactions. Below is list of external sources with information and best practices to help safeguard against a potential compromise.
Internet Crime Complaint Center (IC3) “Fraud Advisory for Business” is a helpful document to better understand Corporate Account Takeover and how to best prevent it and educate your employees.
The Better Business Bureau’s website provides information on their website on data security and important cyber security.
Federal Trade Commission (FTC) is a national resource to help you deter, detect and defend against identity theft.
NACHA – The Electronic Payment Association’s website provides tools, resources and sound business practices to help businesses mitigate Account Takeover risk.
1. The FDIC does not directly contact bank customers (especially related to ACH and wire transactions, account suspension, or security alerts), nor does the FDIC request bank customers to install software upgrades. Such messages should be treated as fraudulent and the account holder should permanently delete them and not click on any links.
2. Messages or inquiries from the Internal Revenue Service, Better Business Bureau, NACHA, and almost any other organization asking the customer to install software, provide account information or access credentials is probably fraudulent and should be verified before any files are opened, software installed, or information is provided.
3. Phone calls and text messages requesting sensitive information are fraudulent. If in doubt, account holders should contact the organization at the phone number the customer obtained from a different source (such as the number they have on file, that is on their most recent statement, or that is from the organization’s website). Account holders should not call phone numbers (even local prefixes) that are listed in the suspicious email or text message.
We’ve assembled a variety of excellent resources that can help you learn more about privacy and security issues. Please note that these sites are not associated with Grinnell State Bank and that by using them you are governed by their own privacy policies.
Identity theft resources
Online Fraud Resources
Credit score monitoring resources
Additional privacy and security resources
Below is a list of possible issues your computer may have if it has been compromised
Secure your computer
Here are some ways you can secure your computer to help protect your information.
Equip your computer with:
Monitor your account activity
Checking your account activity frequently can help to detect fraud earlier. You can receive information quickly about activity in your accounts when you set up Alerts. In addition to Alerts that are automatically already turned on for your protection, you can set up additional Alerts to stay on top of your balances, payments and transactions.
Create strong passwords
Be smart about social networks
Follow internet security issues in the news and discuss them with friends, family and colleagues. Explore online resources like the National Cyber Security Alliance and Microsoft Security At Home websites that provide comprehensive information about topics such as securing your computer and safe online behavior.
Phishing and spoofing
Phishing and spoofing emails ask you to go to a fake website that looks like Grinnell State Bank and provide your account information. These emails may even ask you to call a phone number and provide account information.
Ways to identify phishing and spoofing emails include:
Why criminals send fraudulent email
One of the ways criminals try to trick people into providing personal account information for identity theft purposes is to send email that appears to have been sent by Grinnell State Bank, but has been sent by the criminal.
The phone email asks you to go to a website that looks like Grinnell State Bank site, but is a site the criminal has set up asking you to provide your personal account information. Sometimes the email may ask you to call a phone number and provide account information.
Ways to protect against phishing and spoofing:
Malware, short for malicious software, includes viruses, spyware and Trojans that are designed to infiltrate or damage a computer system, steal personal information and commit fraud. There are several easy ways you can minimize malware risk:
Vishing uses Voice over Internet Protocol (VoIP) to leave an automated recording on your phone that says your account has experienced unusual activity. The message instructs you to call what appears to be a Grinnell State Bank phone number (in fact, the caller ID has been fooled into displaying “Grinnell State Bank”). Sometimes criminals also end emails and text messages containing fraudulent phone number. Rather than provide any information, you should contact us immediately to verify the validity of the message.
Fake Mobile Banking apps
Criminals may develop and publish fake mobile banking applications that look like official Grinnell State Bank apps but are in truth designed to steal your online banking credentials. Here are tips for recognizing an unofficial Grinnell State Bank app.
To help protect your accounts and information, never download or install a Grinnell State Bank Mobile Banking app if you spot any of these warning signs.
SMShing and smishing are like phishing (which typically happens via email), but take place via SMS text message. A criminal sends you a text message that tries to trick you into replying with financial or personal information or clicking on links that will sneak viruses onto your mobile device. Don’t respond to a text message that requests personal or financial information. Grinnell State Bank will never ask you to provide your information in this way.
Lost and stolen devices
Mobile phones and tablet devices offer convenience, but they’re also easy to lose or steal, which can put your information at risk. Here are some ways you can protect yourself now in the even your device is lost or stolen later:
Traditional online threats
Viruses, malware and other programs intended to steal your personal information or financial details can infect some mobile devices. If your table supports a traditional anti-virus product, consider installing that software. Backup the device’s data and keep the copy in a safe and secure location. This will allow you to restore your data in the event you need to wipe the device clean to remove a harmful software threat.
A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.
Things to know if you are a victim of a data breach:
The actions you’ll need to take will depend on the type of data compromised.
If the compromised data was…
Sometimes the letters from breached companies also contain offers for free credit report monitoring provided by the company. While these programs are not generally worth paying for—since you can monitor your own credit for free—you may as well accept it if it’s being handed out. Monitoring services will alert you to some uses of your SSN quicker than you may be able to spot through your credit report, meaning you can resolve any problems quicker.
If you believe you’ve been a victim of a social engineering scam or any type of fraudulent activity, contact us immediately to protect your account.
You can also report social engineering scams to:
The U.S. Computer Emergency Readiness Team (US CERT)
The Federal Trade Commission (FTC); forward phishing emails to email@example.com
Here are some ways to help you protect your Social Security number:
Elder abuse (also called “elder mistreatment,” “senior abuse,” “abuse in later life,” “abuse of older adults,” “abuse of older women,” and “abuse of older men”) is “a single, or repeated act, or lack of appropriate action, occurring within any relationship where there is an expectation of trust, which causes harm or distress to an older person.”
The following conditions or factors increase an older person’s risk of being victimized:
Indicators are signs or clues that abuse has occurred. Some of the indicators listed below can be explained by other causes or factors and no single indicator can be taken as conclusive proof. Rather, one should look for patterns or clusters of indicators that suggest a problem.
Sign your cards immediately
Sign the signature panel on your credit and debit cards as soon as you receive them.
Monitor your debit card transactions
Grinnell State Bank offers GSB Card Control, an app which will allow you to setup alerts on your debit card activity, so you can easily monitor your purchases. Signing up for GSB Card Control is easy, download the GSB Card Control app in the App Store or Play Store.
Check your statements
Save the receipts from your charges and keep them in a safe location. Check your statements to verify that they properly reflect the amounts you have authorized. Report any fraudulent transactions immediately. Once you have reconciled your statements, shred up all receipts and discard them.
Go paperless with Online Banking
Access your Grinnell State Bank statements through Online Banking and ask us to stop sending paper. Checking your balances and viewing your account statements online is safer than having information sent through the mail.
Keep a list of all your card account numbers
Keep the list in a safe and secure place and include the telephone numbers to call if your cards are ever lost or stolen.
Use ATMs safely
Use ATMs with surveillance cameras and be aware of people and your surroundings. When you enter, or exit an ATM in an enclosed area, be sure you close the entry door completely. Do not open locked ATM vestibule doors for others or allow any unknown persons to enter the ATM area while you are making your transaction. Shield the ATM keypad with your hand or body while entering your PIN. Secure your card and cash after completing your transaction and before exiting the ATM area. Count your cash later in the safety of your locked car or home. Your ATM/Debit card is like cash, so keep it in a safe place
Always be cautious
Never provide credit or debit account information to anyone who calls you. Grinnell State Bank will never reach out to you in this way to request sensitive account information.
As more people bank and shop online, proper internet security is more important than ever. Safeguarding your information can be as simple as consistently reviewing your bank accounts and reporting any suspicious activity. But there are a number of other things you can do to stay safer online. Here are ten tips to help protect you and your money.
By following these online and mobile security tips, you can help protect your personal information from falling into the wrong hands. If you suspect information related to your bank account has been compromised, contact us immediately for assistance addressing the issue.
Free Public Wifi is everywhere.. hotels, airports, coffee shops, restaurants and even stores; but should you use it?
Experts advise that you should never enter personal and confidential information into your phone or laptop while using public wifi and to avoid public wifi altogether when dealing with confidential information. This includes credit card information, logins, passwords, etc. Hackers can set up a bogus wifi access and name it “free public wifi” and have instant access to your phone or laptop once you connect.
A business offering wifi access that requires a password, that is a much safer bet; but you are usually much better off waiting to do anything with sensitive information until you are on your cellular service or at home.
If you notice your card is lost or stolen during normal bank hours, please contact the bank. If it is outside of normal bank hours, please call 800-383-8000, to report your card lost or stolen with Shazam, our debit card company.
With more commerce occurring online the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain vigilant. Be especially cautious of fraudulent sites spoofing reputable businesses, unsolicited emails claiming to be from charities, and unencrypted financial transactions.
CISA encourages online holiday shoppers to review the following resources:
If you believe you are a victim of a scam, consider the following actions:
Don’t like talking to a robot? No? We don’t either. Call us at 800-236-3187 to talk to a real person about your banking!
Balances, Transfers, and Account Information
PIN #: Last 4 Digits of Social Security
We want to make banking easy for you with 24/7 access to your accounts and convenient access to services. Have 24/7 access to all of the following without having to step foot in the bank:
You are accessing a printable version of our Electronic Funds Transfer.
You are accessing a printable version of Grinnell State Bank’s Online Banking Terms and Conditions. There are hyperlinks appearing within the document to access additional bank policy information referenced by the link. The links are for reference only, please contact the bank directly to request a copy of the referenced information.