Security and Fraud Prevention

mobile image

Protecting your money, your identity, and your business depends on being smart, safe, proactive. Let Esquire Bank help.

According to an IBM study, 95% of data breaches happen as a result of human error. Whether it’s malware downloads, social engineering, or poor security practice, the root cause of electronic theft and fraud usually points to one source: people. Let Esquire Bank show you how to get better shield yourself and your business from cybersecurity, identify theft, and fraud.

I think a scammer is targeting me or my business...
I lost my credit or debit card...
I got a suspicious email, text message, or call from someone claiming to represent Esquire Bank...
  1. If the scammer is using Esquire Bank’s name, branding or any other information, please contact us directly at 1-800-996-0213.
  2. If the scammer is using another means to try and target you, reach out to your local law enforcement agency or to the FTC.
  3. Prepare as many records of fraudulent transactions, phishing emails, and correspondences as possible.
  4. Get information on how to spot and recover from scams – use the FTC “Report a Scam” tool to figure out the best way to report fraud or abuse.
  1. If your Esquire Bank ATM card, MasterCard® debit card, and/or PIN is lost, stolen, or misused, immediately notify Esquire Bank.
  2. Call 1-800-996-0213 during normal business hours. During non-business hours you may call 1-800 554-8969. Or write us at 100 Jericho Quadrangle, Suite 105, Jericho, NY 11753 immediately to limit your liability.
  3. Also, be sure to contact Esquire Bank immediately if you believe a transfer has been made using the information from your checking account without your permission.
  1. Contact us immediately at 1-800-996-0213
  2. Please keep a copy of the message so that we can see/reference that material against our own and against future complaints from other customers and clients.
  3. Remember, we will never contact you and ask for your personal or business account information.

How Esquire keep you safe?

Product Image

Fraud Alerts

Our online banking partners have a variety of alerts and tools that help keep you informed and safe. You can create alerts based on dollar amounts or transaction types on any of your OLB accounts. Receive alerts via secure message, email, phone or SMS/text.

Multi-Factor Authentication / Login Security

Use multi-factor authentication (MFA) to prevent unauthorized users from accessing your accounts and private information. Additionally, If you have a business account with Esquire Bank, you will not be able to save your login information in the browser, as you may be able to do with other forms of online banking. This is by design – stored logins for business accounts mean bad actors would be able to quickly access your accounts – and your clients’ accounts.

product header
Product Image

Positive Pay / Payee Match

for Business Accounts

Positive Pay and Payee Match are modules developed by our digital banking provider. Each check written by your company is evaluated to ensure that the payee and dollar amount have not been altered via check-washing or other forms of alteration.

 

Committed to your security

Esquire Bank will never ask our customers for account numbers, PINs, or social security information. If you receive a message asking for sensitive information from Esquire Bank, do not reply or continue corresponding – call the bank immediately at 1-800-996-0213. We will only contact you in the event of transaction-related issues (e.g., insufficient funds, unpaid balances, or suspicious activity notices). Esquire Bank employees will only contact you via an @esqbank.com email address.

Phishing

Phishing occurs when someone presents themself as a familiar entity or an authority (government agency, your bank, a familiar company) in an effort to get people to reveal sensitive information, including account numbers, passwords, and credit card information. Phishing attempts can be conducted through phone calls, email or text.

Malware and Ransomware

Malware is a malicious form of software that hackers will attach to an email or will present in a pop-up or threatening message on a website. Malware can track your keyboard and report keystrokes back to the hacker, allowing them to discern your passwords and sensitive information. It can also modify or delete your files, slow your machine, and even install other programs. In corporate settings, malware can spread to other devices, creating what is known as a botnet.

Positive Pay / Payee Match (for Business Accounts)

A Corporate Account Takeover (or CATO attack) happens when cyber thieves obtain employee credentials and information and use it to gain access to your company's accounts and private information...and the accounts and private information of your clients. CATO attacks often happen when an employee unwittingly downloads malware or leaves sensitive details unguarded.
Cyber Security Resources from FDIC.gov Cyber Security Resources from FDIC.gov

Best Practices for Businesses

No matter your line of work, if you run a business, you know the value of dependability, trust, and consistency. Data breaches and fraud can slow your business to a crawl…or put a stop to it completely. Here are some ways to help avoid these pitfalls and to create firm boundaries for employees:

  • Encourage employees to use work machines only for work, not for personal business. More communication methods introduced on your network and your corporate machines mean more ways hackers may infiltrate.
  • Create and enforce strong policies for email use, social media use, and password creation and maintenance. Talk to HR and IT about the best ways to establish these parameters and train employees regularly on their use and understanding of said policies.
  • Empower your IT department to test your employee’s readiness and your system’s security regularly. For example: IT can send fake phishing messages to employees to test employees’ ability to identify and report these messages internally.
  • Make certain that employees who use public Wi-Fi hotspots use a VPN or that the computer they are using is not accessible to other machines on the network.
  • Have employees confirm with the person who may be requesting things like sensitive data, funds transfers, or major purchases in a separate channel (e.g., if someone claiming to be the CEO texts about purchasing gift cards for a conference, reach out to the CEO via phone, email or even face-to-face to confirm the request is legitimate).

For more information, visit the FTC’s guide to business scams.

Personal Security

Some of the simplest steps can keep your personal, private data from falling into the wrong hands. Follow these guidelines to help shield your personal information against hackers and fraudsters.

  • Use strong passwords and keep them safe – Don’t try and make a jumbled, hard-to-remember password; instead, try and make a password that is longer but easier to recall. Longer passwords are safer passwords. Try not to use the same password across multiple services; if you do, and a service is hacked, your password information could be used to access your other accounts. Always change passwords if you are notified of a security breach from a service you use. Never write your password down and leave it where someone can see it (e.g., a sticky note near your computer). Read more tips on good password hygiene.
  • Use your email address wisely – If your current email inbox is full of coupons, newsletters, marketing messages, and other “junk mail,” consider opening a second email address that is solely for one-on-one communication and turn your current inbox into your “catch-all.” Set up two-factor authentication for your email address, if your provider allows it, to help keep hackers from easily getting in via your address and a password.
  • Learn to spot phishing attempts – Phishing attempts usually come from incorrect “from” addresses and typically try and entice you to click a link that goes to an unfamiliar site or set of sites. If you are answering messages using a mouse or trackpad, hover over the link; if the link seems unfamiliar or suspicious, don’t click it.

Additional Resources