SECURITY
SECURITY
FIRST OKLAHOMA BANK RESPECTS YOUR PRIVACY
Click here for a copy of our Privacy Policy.
We have taken the following steps outlined below to assure that any private information shared with First Oklahoma Bank remains private.
CALIFORNIA CONSUMER PRIVACY ACT
The California Consumer Privacy Act (CCPA) provides new rights and protections for natural persons who are California residents. The CCPA provides California residents with the right to:
- Know what personal data is being collected about them
- Know whether their personal data is sold or disclosed and to whom
Access their personal data - Request a business to delete any personal information about a consumer collected from that consumer that the business has no legitimate rationale to retain
- Not to be discriminated against for exercising their privacy rights
California residents can make a request for disclosure of personal information or make a request that First Oklahoma Bank delete any personal information collected and maintained by submitting an online request or by calling the Customer Contact Center at 1-833-347-7865 and a representative can assist with collecting information to complete the request. Customer Contact Center hours are Monday – Friday, 8:30 a.m. to 5 p.m. Click here for our California Consumer Privacy Notice.
To complete an online request click here.
Compliance with the Right to Financial Privacy Act
The Gramm-Leach-Bliley Act of 1999 required new privacy regulations. First Oklahoma Bank will comply with all provisions of the Act, and will also consider customer privacy when required to comply with the Bank Secrecy Act, which may require the filing of Large Currency Transaction Reports and reports of suspicious activity.
Customer Awareness
First Oklahoma Bank may from time to time contact our customers for various business reasons including verifying account activity, address, or other information for a customer’s file. A customer may be contacted by phone or mail regarding a special rate, product, or service. Our employees will never request your account access information, including sign-on and password. If you receive such a request from anyone, whether in person, by email, over the telephone, or through any other form of communication, do not respond to the request, even if the person claims to be our employee or representative. Please immediately contact First Oklahoma Bank at 918-392-2500.
Maintenance and Accuracy of Your Information
First Oklahoma Bank has established procedures to assure that records of your financial transactions are accurate, current, and complete in accordance with reasonable commercial standards. We will respond to requests to correct inaccurate information in a timely manner.
Customer Financial Information
As a normal part of conducting business with customers and prospective customers, First Oklahoma Bank gathers and utilizes various types of information. This information is often available from public records. We collect nonpublic personal information about our customers from the following sources:
- Information we receive on applications and other forms such as name, address, social security number, and income;
- Information about transactions with us, our affiliates, or others such as account balance, payment history, and credit card usage;
- Information we receive from a consumer reporting agency such as a credit history.
Limited Access to Your Information
At First Oklahoma Bank, employee access to personally identifiable customer information is limited to those with a business reason to know such information. Employees are educated on the importance of maintaining the confidentiality of customer information and on privacy issues. Because of the importance of these issues, all FOB employees are responsible for maintaining the confidentiality of customer information. Employees who violate these privacy policies will be subject to disciplinary measures.
Security Procedures to Protect Your Information
First Oklahoma Bank maintains security procedures to help prevent unauthorized access to customer information. These procedures include the physical security of the Bank’s premises; location of, restricted access to, and proper disposal of confidential customer information; and use of the most recent technologies, including firewalls to prevent unauthorized access to the bank’s computers and encryption while transmitting customer data. In an effort to ensure their integrity, we test and audit these procedures on a regular basis.
Restrictions on the Disclosure of Account Information
First Oklahoma Bank does not reveal specific information about your accounts or other information about you to unaffiliated third parties for their independent use, except for the exchange of information with reputable credit reporting agencies, clearing house services, or in the performance of bonafide corporate due diligence, unless:
- The information is provided to help complete a transaction initiated by you;
- You request us to do so;
- To comply with laws, government agency rules or orders, court orders, subpoenas, or other legal process, or in order to provide information to regulatory agencies in accordance with applicable law;
- You have been informed about the possibility of such disclosures for marketing or similar purpose.
We do not share or sell any private customer information with third party marketers offering their products and services independently from us. We may offer products and services with the help of or through third parties, but we control the information.
Maintaining Your Privacy in Third Party Business Relationships
It is sometimes necessary to provide your information to a third party, such as a vendor or service provider that we hire to provide you with additional services. First Oklahoma Bank insists that the third party adhere to strict guidelines for keeping such information confidential. Whenever we hire other organizations to provide support services, we will require them to keep customer information confidential in accordance with this Privacy Statement, and to allow us to audit them for compliance. Whenever information is shared with credit reporting agencies, it is in accordance with the Fair Credit Reporting Act.
Your Email Privacy
Our website does not require you to disclose any personal identifying information. If you choose to contact us via email, please keep in mind that your email address and any other information your email header shows about you, such as your name or organization, will be revealed to us in the email. We pledge that when you communicate with us via email, we will use your email information only for the specific purpose of responding to your comments, questions, or requests. Your email address will not be sold, nor will it be shared with others outside the bank unless we are compelled to do so by law.
Inquiries sent through our Contact Us page are not secure. Since our response back to you is also not secure, we will not include confidential account or personal information in the response unless asked to do so.
We gather and analyze statistical data regarding the usage of our website, including domain name, number of hits, pages visited, length of user session, etc., to evaluate the usefulness of our site.
Unlawful Internet Gambling Enforcement Act (UIGEA) of 2006
The UIGEA, signed into law in 2006, prohibits any person engaged in the business of betting or wagering (as defined in the Act) from knowingly accepting payments in connection with the participation of another person in unlawful internet gambling. The Department of the Treasury and the Federal Reserve Board have issued a joint final rule, Regulation GG, to implement this Act.
As defined in Regulation GG, unlawful Internet gambling means to “place, receive or otherwise knowingly transmit a bet or wager by any means which involves the use, at least in part, of the internet where such bet or wager is unlawful under any applicable Federal or State law in the State or Tribal lands in which the bet or wager is initiated, received or otherwise made.”
As a customer of First Oklahoma Bank, these restricted transactions are prohibited from being processed through your account or banking relationship with us. If you do engage in an Internet gambling business and open a new account with us, we will ask that you provide evidence of your legal capacity to do so.
Please contact one of our Relationship Managers at 918-392-2500 if you would like additional information on UIGEA or Regulation GG.
Changes to Our Privacy Statement and Policies
We reserve the right to change this policy at any time by posting a new privacy policy on our website.
Helpful Resources for Online Security
- FDIC Identity Theft Page(Opens in a new Window)
- FTC Consumer Fraud Page(Opens in a new Window)
- (US-CERT) Homeland Security Computer Emergency Readiness(Opens in a new Window)
- Avoiding Scams and Identity Theft(Opens in a new Window)
- Frauds Target Small Businesses: Don’t Be a Victim (Opens in a new Window)
- FDIC Consumer News – A Bank Customer’s Guide to Cybersecurity
Common Types of Fraud Methods
Millions of people become victims of cybercrimes each day. Cybercriminals use various techniques to attempt to steal your personal information or access your computer systems for their illegal activities. Here are some common methods thieves use and what you can do to protect yourself.
Social Engineering
Social engineering is the art of manipulating or deceiving you in order to again control over your computer system. The hacker may use phone, email, mail or direct contact to gain illegal access. Phishing, Spear Phishing and CEO Fraud(Opens in a new Window) are all examples.
Email/Website Spoofing
These are used to make people believe they are receiving an email from a legitimate company, but they aren’t. Or that the user is visiting and interacting with a trusted website but is indeed a forged site. The best way to handle spoofed emails and spoofed websites is by always exercising caution. If something seems “off” about an email, do not open attached files or click on included links. Type in a site’s URL manually to avoid landing on a spoofed version of it. By taking your time and being careful, you should be able to avoid most problems.
Phishing
Phishing is a cybercrime that targets victims by email, telephone, or text messaging. The fraudster poses as a legitimate company to lure the victim into providing sensitive data such as social security numbers, banking and card details and passwords. The information is then used to access important accounts or obtaining new accounts, resulting in identity theft and financial loss.
Common Phishing Techniques:
Email/Spam
This technique target victims via email/spam by asking them to fill in personal details. Most of the messages have a sense of urgency requiring victim to enter credentials, update account information or verify accounts.
Vishing
In phone phishing, the phisher makes phone calls to the user and asks the user to dial a number. The purpose is to get personal information of the bank account through the phone. Phone phishing is mostly done using fake caller ID.
Smishing
This form of phishing is conducted via text messaging. A smishing text, for example, attempts to entice a victim into revealing personal information via a link that leads to a phishing website.
Link Manipulation
Link manipulation is the technique in which the phisher sends the victim a link to a malicious website. When the user clicks on the deceptive link, it opens the phisher’s website instead of the website mentioned in the link.
Safety TIP! Hovering the mouse over the link to view the actual address stops users from falling for link manipulation.
Malware
Phishing scams involving malware are usually attached to the email sent to the user by the phishers. Once you click on the link, the malware will start functioning. Sometimes, the malware may also be attached to downloadable files.
Ransomware
Ransomware denies access to a device or files until a ransom has been paid. Ransomware is malware that gets installed on a user’s workstation using a social engineering attack where the user gets tricked in clicking on a link, opening an attachment, or clicking on malvertising.