Protecting your personal information and ensuring your account information is secure is a top priority at Woodforest National Bank. We are committed to helping you recognize fraud and learn how to protect yourself.
REMEMBER: Woodforest National Bank will NEVER ask you to provide or verify account or login information by email, phone or text message. This includes account numbers, user IDs, passwords, and debit or credit card information.
Familiarize yourself with the following information to find out how we protect you and how you can protect yourself by identifying, preventing and reporting fraudulent activity.
Your data and your online banking experience should be safe and secure. Woodforest National Bank uses the latest in technology to provide a secure online banking environment.
The Woodforest Online Banking Services uses industry-standard technology, including password-controlled entry, data encryption using 128-bit Secure Sockets Layer (SSL) protocol, and firewalls and filtering routers. Each security component acts as a layer of protection to safeguard sensitive data from unauthorized users.
A private user ID and password is required to log into our Online Banking Services.
You are required to change this password during your first online banking session.
You must set security questions and answers during enrollment, providing an extra layer of security.
You should keep your password and user ID absolutely private.
You are responsible for the safekeeping of your password and you agree not to disclose or otherwise make the password available to anyone who is not authorized to sign on your accounts.
If you log in to an online banking session and then leave your computer, our system will log you out automatically after 20 minutes of inactivity.
If your password is changed, an automated security alert is sent to your email address on file.
An automated security alert is sent to you anytime one of the following events occur on your Online Banking Services profile.
Changed email address
Changed physical address
Created a new payee
Once you have logged in correctly, you will enter a secure environment in which you can conduct your transactions safely.
Information you provide while logged into Online Banking is encrypted, meaning your account information is scrambled as it moves between your computer and Woodforest's computer systems. This makes information nearly impossible for anyone other than Woodforest National Bank to read it. Any information Woodforest National Bank provides to you is also encrypted.
Woodforest National Bank uses SSL, the leading security protocol, to encrypt data that travels between the bank and customer. Click here to see how SSL works.
Woodforest is protected by a series of firewalls and filtering routers which verify the source and destination of the requests traveling in information packets.
A firewall is set up to reject any unauthorized traffic. Firewalls allow legitimate data through when necessary, closing entry to Woodforest National Bank systems as soon as the transaction is complete.
A router keeps out traffic that does not come from one of the only two legitimate ends of a secured transaction: the customer or the bank.
The above security measures keep your transactions safe and secure over the Internet while using Woodforest Online Banking Services.
At Woodforest National Bank, keeping your sensitive information both private and accessible is our priority. Following are a few tips on how you can protect yourself from online fraud and keep your data safe and secure.
If you receive an email that warns you that an account of yours will be shut down unless you confirm your account information, DO NOT REPLY OR CLICK ON A LINK IN THE EMAIL.
Instead, contact the company cited in the email using a telephone number or web site address you know to be genuine.
Before submitting financial information through a Web site, look for the padlock icon on the browser's status bar.
The padlock signals that your information is being transmitted over a secure connection. Double-click the padlock icon for verification of the Web site you are using.
Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges.
If your statement is late by more than a week, call your credit card company or bank to confirm your billing address and account balances.
If using online banking services, keep your login credentials confidential.
User names, passwords or security questions/answers should not be given out nor written down. It is a good idea to change your password every 45 days or so.
If using Woodforest Online Banking Services, be sure to check your daily/weekly email notification.
This notification can alert you to suspicious activity long before your monthly statement is issued.
Install virus protection software on your computers and run full system scans often.
Be sure you have the most up-to-date version of your virus protection software installed!
REMEMBER - Woodforest National Bank does not send out unsolicited emails that require you to provide or divulge any account information. If you are in question about any email you receive from Woodforest National Bank, please contact your Personal Banker or local branch. You may also email us at: firstname.lastname@example.org. Do not send any personal information in an email (such as account numbers, etc.) as email is not a secure form of communication.
Visit one of the following sites for more information on ways to avoid email scams, and how to deal with deceptive spam.
If you suspect you are a victim of an attack (phishing, vishing, text message, etc.), take the following actions immediately.
If you clicked on a link within a suspicious email:
Be sure to report the suspected fraud to the bank and the proper authorities immediately by following the steps found at Reporting Fraud.
If you receive a suspicious email that says it’s from Woodforest, forward the entire email to email@example.com. Do not click any links or act on any instructions in the email.
If you suspect your personal information has been compromised, or you may have inadvertently compromised your Woodforest account, contact Customer Care immediately at 1-877-968-7962.
Be sure to take immediate action to protect yourself by following the steps found on If You are a Victim of Online Fraud.
In addition, contact the following three major credit bureaus to place a fraud alert on your credit file:
You can get three (3) credit reports free each year from the nationwide reporting agencies: one each from Equifax, Experian and TransUnion.
Any suspicious phishing email should be forwarded to:
The Internet gives you easy access to information, allowing you to perform many functions from the privacy of your own computer. Unfortunately it can also leave you vulnerable to online fraud. Online criminals continue to become more sophisticated in their scams to steal information from you. Learn more about the different types of online fraud in order to better protect yourself from falling victim to this type of criminal activity. Following are some of the most well-known types of online fraud. The more you know, the better you can keep your computer and your private information secure.
Phishing is the most common online fraud. Consumers are randomly targeted by criminals sending out mass emails usually containing an urgent message regarding account status, with instructions to click a link within the email directing them to a fraudulent website. Once the consumer clicks the link, he/she is exposed to the threat of having personal information stolen, including bank account information, user IDs and passwords, and social security numbers.
Remember, Woodforest will never send out an email requesting personal information from customers! Regardless of how legitimate an email or website may appear, NEVER respond to any email that instructs you to provide ANY personal information.
Vishing is the latest variation of the phishing scam. Vishing (a combination of the words "voice" and "phishing") often involves an automated recording made to a victim, alerting the consumer that their credit or debit card, or bank account has had fraudulent or unusual activity, followed by instructions to call a phone number immediately. When the victim calls this phone number, it is typically answered by automated instructions to enter credit or debit card information, bank account information or other private information such as PIN, date of birth, social security number, etc. Once the consumer enters this information, the criminal (visher) has the information necessary to make fraudulent use of the credit or debit card, or access to bank accounts.
Vishing is very difficult to monitor or trace. The vishing phone number can show up on caller ID as the name of the financial institution they are pretending to represent. Be highly suspicious of ANY message directing you to call and provide credit, debit or bank account information. Contact your bank or credit card company directly to verify the validity of the message.
Malware (a combination of the words "malicious" and "software") is software that criminals use to access your computer without your consent or knowledge. Malware includes computer viruses, worms, trojan horses and spyware. Once malware is on your computer, criminals can use it to steal information, send spam, and commit fraud, as well as inflict damage to your computer system and software.
For more information about malware, including how to identify it and steps to take if you suspect malware is on your computer, visit OnGuard Online Malware Quick Facts .
This email scam supposedly originated from Nigerian "officials" who needed your help getting their money which was tied up due to strife in their country. This scam is no longer limited to emails from Nigeria, but are commonly received from people in countries around the world sending you offers to transfer potentially thousands of dollars into your bank account if you will simply pay a fee to help them access their money. Typically these emails are followed by additional emails requesting you send more money to cover transactions and transfer costs, attorney's fees, blank letterhead, and most seriously, your bank account numbers.
If you receive an email from someone in a foreign country claiming to need your help getting money out of another country DO NOT RESPOND!
This type of criminal activity uses the Internet to steal through foreign lottery offers, money offers and check overpayment schemes. These solicitations are phony and illegal. Be aware that foreign solicitations such as these are from crooks trying to steal your money, or commit identity theft, and you should NOT respond to them.
For more information regarding cross-border scams, including how to identify them and steps to take if you suspect you have received or responded to one, visit OnGuard Online Avoiding Online Scams .
Suspicious Telephone Calls Claiming to Be From the FDIC
Suspicious telephone calls claiming to be from FDIC employees are being reported. These calls appear to be illegal schemes to steal money or collect sensitive personal information, such as bank account numbers.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of suspicious telephone calls where the caller claims to represent the FDIC and is calling regarding the collection of an outstanding debt.
To date, the callers have alleged that the call recipient is delinquent in payment of a loan that was applied for over the Internet or made through a payday lender. The loan may or may not actually exist. The caller attempts to authenticate the claim by providing sensitive personal information, such as name, Social Security number, and date of birth, supposedly taken from the loan application. The recipient is then strongly urged to make a payment over the phone to "avoid a lawsuit and possible arrest." In some instances, the caller is said to sound aggressive and threatening.
These suspicious telephone calls are fraudulent. Recipients should consider them as an attempt to steal money or collect personal identifying information. The FDIC generally does not initiate unsolicited telephone calls to consumers and is not involved with the collection of debts on behalf of operating lenders and financial institutions.
If a caller demonstrates that he or she has the recipient's sensitive personal information, such as Social Security number, date of birth, and bank account numbers, the recipient may be the victim of identity theft and should review his or her credit reports for signs of possible fraud. The individual should also consider placing a "fraud alert" on his or her credit reports. This can be done by contacting one of the three consumer reporting companies listed below. Only one of the three companies needs to be contacted. That company is required to contact the other two, which will place an alert on their versions of the report.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-3054, Washington, D.C. 20429, or transmitted electronically to firstname.lastname@example.org . Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp .
For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2010/index.html . To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html .
Sandra L. Thompson
Division of Supervision and Consumer Protection
Distribution: All FDIC-Insured Institutions
The following are examples of phishing emails received by customers. Keep the following in mind while reviewing these emails:
Software that protects computers from viruses and other malicious software/code, including those that can destroy data, steal private information, and affect computer performance.
The program that serves as your front end to the World Wide Web on the Internet. Microsoft Internet Explorer, Netscape Navigator and Mozilla Firefox are three popular browsers. When a site says, "best viewed by Netscape Navigator", "best viewed by Internet Explorer," or "best viewed by Mozilla Firefox," it means that the pages were programmed for that particular browser. Using other browsers may ignore some of the page's fancy features until a subsequent release supports them.
In computing, a cookie is a small text file stored on a user's computer by a web browser. Cookies can consist of information such as user preferences, shopping cart contents, identifiers for server-based sessions, or other data used by websites.
The scrambling of data into a secret code that can be read only by software set to decode the information.
A method to prevent unauthorized Internet users from accessing private computers or networks, utliizing software and/or hardware to examine messages and blocking those that do not meet a specified set of security criteria.
It can be implemented in a single router that filters out unwanted packets, or it may use a combination of technologies in routers and hosts. Firewalls are widely used to give users access to the Internet in a secure fashion as well as to separate a company's public Web server from its internal network. They are also used to keep internal network segments secure.
Following are the types of techniques used individually or in combination to provide firewall protection:
Fraud that involves a criminal stealing another's personal information in order to steal money, open new credit or debit cards, and commit other crimes using the stolen identity.
Keystroke logging, or Keylogging, is a special type of virus that can capture keystrokes such as login IDs, passwords and security answers. Keylogging viruses are typically downloaded via a fraudulent email containing an attachment.
A fraudulent process of attempting to acquire private information such as usernames, passwords and account numbers by impersonating a trustworthy entity and sending out mass email communications. Emails typically contain an urgent message requesting recipients to click a link within the email which directs them to a fake website to enter personal information in order to verify credentials, activate an account or respond to a possible breach in the recipient's security.
A device that forwards data packets from one local area network (LAN) or wide area network (WAN) to another. Based on routing tables and routing protocols, routers read the network address in each transmitted frame and make a decision on how to send it based on the most expedient route (traffic load, line costs, speed, bad lines, etc.).
The leading security protocol on the Internet.
When an SSL session is started, the browser sends its public key to the server so that the server can securely send a secret key to the browser. The browser and server exchange data via secret key encryption during that session. Developed by Netscape, SSL has been merged with other protocols and authentication methods by the IETF into a new protocol known as Transport Layer Security (TLS).
© 2017 Woodforest National Bank
Member FDIC | Equal Housing Lender
Messages go here
Please enter your zip code below so we can give you product information for your location.Go
Please enter a valid zip code