Here's how to protect your account and identity.
Secure your BancFirst account
Take precautions online
Financial education resources
Let's work together to secure your BancFirst accounts.
When bank employees are working with a customer over the phone, several steps must be taken to validate or authenticate the identity of the customer. To expedite the process, ask your local bank representative to set up an authentication code and register your cell phone number.
BancFirst's Debit Card Controls allow you to help safeguard your debit card from fraud by blocking authorizations, setting alerts, establishing spending limits, and controlling transaction types.
Set up mobile banking alerts and notifications on our online banking page. Alerts can notify you on low balance, large withdrawal, loan payment date and more.
Business Email Compromise
Business E-mail Compromise (BEC) is a sophisticated scam commonly targeting businesses through spoofed email accounts in order to modify or generate fund transfers, such as wires or ACH, so that the funds arrive at the scammer’s bank account or money mule account!
In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request, like in these examples:
• A vendor your company regularly deals with sends an invoice with an updated mailing address.
• A company CEO asks her assistant to purchase dozens of gift cards to send out as employee rewards. She asks for the serial numbers so she can email them out right away.
• A homebuyer receives a message from his title company with instructions on how to wire his down payment.
Versions of these scenarios happened to real victims. All the messages were fake. And in each case, thousands—or even hundreds of thousands—of dollars were sent to criminals instead.
Spoof an email account or website. Slight variations on legitimate addresses (email@example.com vs. firstname.lastname@example.org) fool victims into thinking fake accounts are authentic.
Send spearphishing emails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. That information lets criminals access company accounts, calendars, and data that gives them the details they need to carry out the BEC schemes.
Use malware. Malicious software can infiltrate company networks and gain access to legitimate email threads about billing and invoices. That information is used to time requests or send messages so accountants or financial officers don’t question payment requests. Malware also lets criminals gain undetected access to a victim’s data, including passwords and financial account information.
- Be wary of e-mail-only wire transfer requests and requests involving urgency
- Establish a reliable phone number of the entity you are doing business with and call them confirming your wiring or transaction information.
- Don’t click on anything in an unsolicited email or text asking you to update or verify account information. Use a known good phone number to verify with the company if the request is legitimate.
- Inspect the email for a mimicked e-mail addresses
- Use multi-level authentication
We go online for everything from shopping and communicating to banking and bill paying. While the benefits of more convenient services are clear, the strategies for preventing online fraud and theft may not be as well-known. We want you to be aware of fraudulent situations so you can make informed online decisions.
Please view the FDIC's Consumer Assistance Topics page on CyberSecurity: https://www.fdic.gov/resources/consumers/consumer-assistance-topics/cybersecurity.html
The FDIC's Consumer Assistance Topics page provides tips on how to best protect your identity:
Mastercard's provides ID Theft protection services to its debit card holders. The service alerts when personal information, such as your Social Security number, debit card number or and email address, is known to be compromised.
Your Guide to Preventing and Managing Overdraft Fees explains options to help you prevent overdrafts.