Online Security


ATM Safety Precautions

As with all financial transactions, please exercise discretion when using an ATM or night deposit facility. The following suggestions may be helpful.

  • Be aware of your surroundings, particularly at night.
  • Consider having someone accompany you when the automated teller machine is used after dark.
  • Refrain from displaying your cash at the ATM. As soon as your transaction is completed, place your money in your purse or wallet. Count the cash later in the safety of your car or home. Do not leave your receipt at or near the ATM.
  • It is appropriate to politely ask someone who is uncomfortably close to you to step back before you complete your transaction.
  • Consider using another automated teller machine or coming back later if you notice anything suspicious. If you are in the middle of a transaction and you notice something suspicious, cancel the transaction, pocket your ATM card and leave.
  • Go to the nearest public area where people are located if you are followed after making a transaction.
  • Do not reveal your Personal Identification Number (PIN) to others. Avoid allowing others to view your PIN entry into an ATM. Memorize your PIN and do not write your personal identification number or code on your ATM Card.
  • Report all crimes to law enforcement officials immediately.

Identity Theft and Fraud

At Community First Bank, N.A., we are committed to providing quality service to you, whether you visit us online, by telephone, or in person at one of our banking centers. We are dedicated to the responsible use and protection of your personal information. The policies below outline our commitment to protecting your privacy, regardless of how you conduct business with us.

Learn about identity theft, types of fraud and the latest scams aimed at obtaining your personal financial information and how to keep from becoming a victim.

Identity Theft

Identity theft is when fraud is attempted or committed using identifying information of another person without their authority such as name, date of birth, social security number, or mother's maiden name. Fraud is committed when these criminals:

  • Conduct unauthorized transactions on existing accounts.
  • Take over an existing account through prolonged use or by emptying an account.
  • Establish or attempt to establish new accounts (credit cards, loans, etc.) using acquired information.

How to protect yourself

  1. Protect your personal information. Only give out this information if you know how it will be used or shared and you have initiated the contact.
  2. Only provide the last four digits of your Social Security Number or Driver's License number when absolutely necessary.
  3. Do not keep unnecessary information you do not need in your wallet or purse.
  4. Check your credit report at least once a year.
  5. Review your account statements promptly and report any discrepancies or suspicious transactions to the bank immediately.
  6. Shred or tear up statements, checks, credit card solicitations, charge receipts, expired cards and documents containing personal identifying information.
  7. Promptly pick up delivered mail and deposit outgoing mail at a postal mailbox or the post office.

Reporting Identity Theft

Contact your Community First Bank Banking Center immediately - 419-273-2595.

Contact the Federal Trade Commission's Identity Theft Hotline at 1-877-ID-THEFT (1-877-438-4338).

Contact the three main credit bureaus to report fraud and request copies of your credit report. Fraud flags and statements will be added to your report saying that all potential creditors should contact you to verify credit applications.

Equifax - to report fraud, call 1-800-525-6285. To request a copy of your credit report, call 1-800-685-1111.

Experian - to report fraud or request a copy of your credit report, call 1-888-397-3742.

TransUnion - to report fraud, call 1-800-680-7289. To request a copy of your credit report, call 1-800-916-8800.

Report the theft of mail to your local post office.

Internet/Online Fraud

Community First Bank, N.A. will never ask you to provide, verify or update your personal, account or financial information via email or pop-up windows. This includes: Social Security Number, passwords, Personal Identification Numbers (PIN), or ATM, Credit or Debit Card numbers. If you receive an email requesting such information, do not respond and never click on a link contained in a suspicious email.

Fraud Advisory for Businesses: Corporate Account Take Over

Cyber criminals are targeting the financial accounts of owners and employees of small and medium sized businesses, resulting in significant business disruption and substantial monetary losses due to fraudulent transfers from these accounts.

Cyber criminals employ various technological and non-technological methods to manipulate or trick victims into divulging personal or account information. Such techniques may include performing an action such as opening an email attachment, accepting a fake friend request on a social networking site, or visiting a legitimate, yet compromised, website that installs malware on their computer(s).

The cyber criminal's goal is to get the employee to open the infected attachments or click on the link contained in the email and visit the nefarious website where hidden malware is often downloaded to the employee's computer. This malware allows the fraudster to "see" and track employee's activities across the business' internal network and on the Internet. This tracking may include visits to your financial institution and use of your online banking credentials used to access accounts (account information, log in, and passwords). Using this information, the fraudster can conduct unauthorized transactions that appear to be a legitimate transaction conducted by the company or employee. To learn more read the paper created as part of a joint effort between the United States Secret Service, the Federal Bureau of Investigation, the Internet Crime Complaint Center (IC3) and the Financial Services Information Sharing and Analysis Center (FS-ISAC).(


Phishing involves the use of fraudulent email or internet browser pop-up messages that appear to be from a legitimate source, often using a company name, logo and/or graphic. A typical scam consists of:

  • Receipt of an email message stating you need to update or validate your account information.
  • The message suggests a dire consequence, such as your online access expiring or being suspended, if you do not respond.
  • Via a link in the message, it directs you to a Website that looks legitimate, but it is not.
  • THE INTENT IS TO TRICK YOU INTO DIVULGING YOUR PERSONAL INFORMATION, such as your account number, social security number, User ID or Password so they can commit crimes of a monetary nature or identity theft. It may also be an attempt to deliver and install malicious code (malware) that can harm your computer.

Reporting a Fraudulent Email

If you receive a suspicious email that appears to be coming from Community First Bank, N.A., please forward a copy of the suspicious email to If you discover a potentially phony Community First Bank, N.A. Web site, please forward the Web address (url) to

To report unauthorized transactions on your account, contact your local Banking Center or 419-273-2595.


Occurs when you go to a Website but are redirected without your consent or knowledge, to a fraudulent Website which looks similar to a legitimate site; the intent of the fraudulent website is to capture confidential information.

Lottery/Sweepstakes/International Scams

Lottery, sweepstake scams offer recipients a percentage of the money transferred as compensation for their help. Individuals/companies who respond are asked to provide their account information in order to have the money transferred to them. International scams involve unsolicited letters and emails that individuals/companies receive offering the recipient large sums of money for assistance in transferring millions of dollars to American banks. Once these scam artists have your account information, they not only don't transfer money to the account, they use the account information to steal money from the individuals/companies. These offers are originated out of the country, often from Canada and Nigeria.

One of the newest scams is the Account Manager or Money Transfer Agent. Recipients receive an email or advertisement on the web trying to recruit them to be an account manager or transfer agent for a fictitious company. These scam artists steal money from an unsuspecting person's account, then transfer the money into the manager/agents' account. The criminals then ask that the money be sent back to them. Again, the compensation the manager/agent gets to keep is a percentage of the money, as their 'commission'. This opens the personal accounts of the manager/agent up to fraud - and if the account is used in an online scheme, the owner can be liable for lost funds.

The Secret Service, which handles complaints related to these types of schemes, believes many people have responded to these requests for assistance and sent money, but did not reported their losses due to embarrassment.

Please keep in mind, there is NO legitimate reason for someone to give you money (in any form including money order, check or wire transfer) only to ask you to send the money back. It's illegal for a company to require you to buy something or pay a fee in order to win or claim a prize. Should you receive one of these letters, please do not reply, but report the letter to the Internet Fraud Complaint Center.(

Other Internet/Online Fraud

Fraud can also occur when selling items online. If the item is being purchased by a check, the seller may request the purchaser issue a check for an amount greater than the asking price. The 'seller' is asked to wire the difference back. Frequently, the original check used is counterfeit or forged.

How to Protect Yourself

  1. Protect your personal information, account numbers, User ID & password, card numbers and PINs. Use caution when providing this information to persons/entities over the Internet or the phone.
  2. Install and update anti-virus software regularly. To learn more about computer security visit the FTC's Information Security website. (
  3. Make sure your computer is updated with the most recent patches and security updates.
  4. Never send your personal or account information using your personal email. To send this information to us, use the secure messaging feature in Online Banking or Community First Bank, N.A. Secure Email under contact us tab on the bank's website.
  5. Immediately delete any emails from an unknown source prior to opening it. If you open a suspicious email, do not click on a links or attachments provided in the email.
  6. Be cautious of emails that warn you that your account may be at risk, fraudulent activity or charges exist on your account or convey a sense of urgency. These often include details of the suspicious activity requesting you respond to the email or 'click here' to visit their site to update your information.
  7. Prior to sending confidential information or financial transactions through a Website, look for the lock icon on your status bar in the lower right corner. This signifies information is secure during transmission. By double clicking the padlock, you can view the security certificate. Also, look for the 's' in the "https" of the URL in your Web browser when engaging in financial transactions. This indicates scrambling or encryption of the communication.
  8. Keep your password confidential. Change passwords regularly using a combination of numbers, letters and special characters. Avoid using obvious passwords like mother's maiden name, children or pet names, Social Security Number or date of birth.
  9. Be careful when using a computer in a public area where someone could watch you enter your User ID and password.
  10. Review your account statements promptly and report any discrepancies or suspicious transactions immediately.
  11. Install anti-spyware on your computer to help prevent your personal and account information from being collected without your knowledge.
  12. Clean the hard drive of a computer before disposing of it.

Mobile Banking Security Tips

Mobile Banking is a useful tool that can simplify your life and make managing your money incredibly convenient. By using these simple tips, it can also be a safe and secure part of your daily life.

  • Start by using “Strong” passwords and PINS.
  • Set your screen on your mobile device to lock after a certain amount of time and use a PIN or password and/ or a biometric indicator (for example, a fingerprint or facial recognition) to unlock the mobile device. If it's lost or stolen, any personal information stored on the device will be much more difficult to access.
  • Whether you're using the Web or a mobile app, don't let it automatically log you in to your bank account. Otherwise, if your phone is lost or stolen, someone will have free access to your money.
  • Don't save your password, account number, PIN, answers to secret questions or other important information on the mobile device.
  • Don’t share your private or sensitive information. Keep your account numbers, passwords, Social Security number and date of birth private. Never share your personal or financial information in a text message, phone call or email.
  • Consider signing up for transaction alerts from your Credit Card Company, bank and mobile app provider. These alerts can help you identify unauthorized activity quickly.
  • Download and install antivirus software for your mobile device according to the manufacturer’s recommendations.
  • Notify your bank and your mobile device provider if your phone is lost or stolen. The sooner you report the loss, the better protected you are from fraudulent transactions.
  • Be careful when downloading Apps. Apps can contain viruses or malware. Beware of Apps asking for unnecessary permissions. Downloads should always be from a trusted and approved source like Google Play or the Apple Store and endorsed by your mobile device provider.
  • Avoid "free offers" and "free ringtones." An email or instant message that offers free software downloads, such as ringtones, may contain viruses or malware.
  • Be cautious of e-mails or text messages from unknown sources asking you to update, validate or confirm your personal details including password and account information. Don't reply to text messages from people or places that you do not know.
  • Be careful when clicking on links within emails, SMS or social networking sites that ask for your personal information. When in doubt --- Don’t Click!
  • Treat your mobile device as carefully you would your wallet, cash or credit cards.
  • Keep track of account transactions. Review your bank statements as regularly as possible to rule out the chances of fraudulent transactions. If you notice discrepancies, contact us immediately.
  • Turn Wi-Fi off when not in use. Avoid using unsecured Wi-Fi, often found in public places, such as coffee shops, because fraudsters might be able to access the information you are transmitting or viewing. Only use Wi-Fi on your device when connected to password protected hotspots. Turn-off any auto-connect features. They might cause your phone to log into unsecure wireless networks without your knowledge. Public Wi-Fi is NOT secure!
  • Always log off. Once you are finished with an app or website always log off. Community First Bank’s mobile banking site will automatically log you off after 10 minutes of activity This reduces the risk of other accessing your information from your mobile device.
  • Install operating system updates for your device as they become available - they often include security updates.
  • Be aware of your surroundings. Be careful when typing in your password or access code/pin for observant thieves or on-lookers
  • Before you upgrade or recycle your device, delete all personal/business details.


Card Fraud

Community First Bank, N.A. will never ask a customer to provide, verify or update your personal information, account number, card number and PIN, User ID and Password, or other financial information via email, live or automated phone call, or text message. If you are contacted by any of these methods requesting personally identifiable or account information, do not respond.

Note: Remember, we may call you to verify card activity that appears suspicious or to provide you with information about products and services we offer.

Community First Bank, N.A. Card Protection

To protect your account, your ATM and Check Card transactions are monitored for potentially fraudulent activity which may include a sudden change in locale (such as when your issued card is used unexpectedly outside of Ohio or overseas), a sudden string of costly purchases, or any pattern associated with new fraud trends around the US or the world.

If fraudulent ATM or Check Card use is suspected, you will be called to validate the legitimacy of your transactions. Your participation in responding to our call is critical to prevent potential risk and avoid restrictions we may place on the use of your card.

Community First Bank, N.A. with our card processors fraud detection center.

      • You'll be asked to verify your identity.
      • You'll be asked to verify recent transaction activity on your card.
      • Our goal is to minimize your exposure to risk and the impact of any fraud to your account. To ensure we can continue to reach you whenever potential fraud is detected, please keep us informed of your correct phone number and address at all times.
      • Before you travel, please contact us to discuss your travel plans and for tips to assist with uninterrupted card transactions.


"Skimming" is a method by which thieves capture the magnetic stripe data from your card and use it to create a new, counterfeit card. These counterfeit cards are then used to process unauthorized transactions against your account. There are two main methods of skimming card information:

      • A small device that appears to be a part of the machine is placed over the card insertion slot of an ATM, gas pump, or other self-service kiosk. As you slide your card into the ATM, this device "reads" the data on the stripe and either stores it or transmits it to a nearby location. Often times, there is also a small, hidden camera that captures your keystrokes as you input your PIN into the machine.
      • The device is carried by an employee in a merchant's store location. When the employee walks away with your card to complete your transaction, they swipe the card through the skimming device and capture the magnetic stripe data.

How to Protect Yourself

      • Look at the ATM, gas pump or self-service kiosk before using it. If it doesn't look right, don't use it.
      • If you see an attachment on an ATM that looks suspicious, don't use the ATM. Notify the institution that owns the machine as soon as possible. If it's a Community First Bank, N.A. ATM, contact the Banking Center location of the ATM or 419-273-2595.
      • Never give your PIN to anyone or write it on your card.
      • Review your monthly statements immediately and notify us of any discrepancy by calling 419-273-2595.

Card Data Compromises

Many news reports have recently surfaced surrounding banks and merchants whose systems are hacked and card data is obtained. Community First Bank, N.A. takes an active role in reviewing these instances and is taking action to protect your account. If we receive a report that includes your information, we will:

      • Review Your Account and Contact You
      • Inform You of the Risks to Personal Information
      • Cancel Your Debit Card and Reorder a New Card
      • Advise You of How You Can Monitor Your Account
      • Follow Up With Any Other Instructions

Card Security

Community First Bank, N.A. continuously trends your transaction activity and looks for suspicious transactions that might fall outside of your normal spending patterns. If we find something suspicious, we will temporarily restrict your card and make attempts to contact you. Once we're able to validate the legitimacy of your transaction, we'll reinstate your card. In addition to this, we recommend the following things to help keep your personal information and accounts safe:

If your card is lost or stolen, contact us immediately using one of the following telephone numbers:
For Community First Bank ATM/Debit Cards, call 419-273-2595.

You will never be contacted directly by companies like MasterCard® or Visa® to verify personal or card information, your PIN or to request that you transfer funds or process transactions to protect your account. If you are concerned about the legitimacy of such requests call the bank at 419-273-2595.

Make a list of ATM, debit card, credit card, and bank account numbers, as well as the customer service telephone numbers for each. Keep this list in a safe and secure place so you can easily notify the necessary companies in case you lose your wallet or purse. This will also mitigate the risk of fraud.
Whether at home or traveling; carry ATM, credit and debit cards that are necessary. If traveling, cancel unused cards or secure them in a safe place while you're away.

Memorize your Personal Identification Number (PIN). Never write it on the card or anywhere else it could be compromised.

It's not a good idea to use the last four digits of your social security number, date of birth, address or numbers that may be easily obtained by identify thieves as your PIN.

Never give out your credit or debit card numbers over the telephone or on the internet unless you have a trusted business relationship with the person or company.

Never leave ATM, credit or debit cards lying around where anyone has access to them.

Always keep your receipts for card purchases or withdrawals. Never throw them in a public trash container where they could eventually be found.

Be aware if a merchant takes your card out of your sight for an extended period of time. Most merchants will process transactions within your view. If you become suspicious, contact the bank or your credit card financial institution to warn of possible fraud on your account.

When vacationing, contact your bank regarding your plans. Most banks including Community First Bank, N.A. monitors suspicious activity, including geographic shifts in cardholder use. The Bank may choose to temporarily restrict the card until the activity can be validated. By informing us up front, you can prevent unnecessary inconveniences while traveling.

Always carefully review credit card and bank statements upon receipt. If there is suspicious activity on your account, notify the Bank or Credit Card Company immediately. 

Reporting ATM or Debit Card Fraud

To report suspicious activity on your card or account, contact us immediately at 419-273-2595 during regular business hours.

Telephone/Cell Phone Fraud

Community First Bank, N.A. will never ask a customer to provide, verify or update their personal information, account number, card number and PIN, User ID and Password, or other financial information via email, live or automated phone call, or text message. If you are contacted by any of these methods requesting personally identifiable or account information, do not respond.

Note: Remember, we may call you to verify card activity that appears suspicious or to provide you with information about products and services we offer.


"Vishing" stands for voice-phishing. Vishing involves the use of email, voice messages, automated calls, or text messages that appear to be from a legitimate source, such as a debit or credit card issuer, financial institution, police department, etc., but are, in fact, criminals that are attempting to gain information to be used for illegitimate purposes.

A scam often consists of:

      • Receiving an email, voice mail, or text message which asks the recipient to call a phone number; you are directed to an automated system or customer service representative that asks you to enter your account number, debit card and PIN, Social Security Number, or other personally identifiable or financial information.
      • Receipt of a text message asking the recipient to reply to the message in order to:
      • Activate an account or newly issued debit/credit card by entering the account number or the card number and/or PIN
      • Verify that a debit/credit card is in their possession by entering the 3 digit verification number on the back of the credit card or card number and/or PIN
      • To reactivate their account or debit/credit card, commonly used to make people think that it's recently been suspended or deactivated
      • Receipt of an automated call stating the recipients account or card has been blocked. They are directed to select a menu option and asked to enter account number, debit/credit card and PIN, Social Security Number, or other personally identifiable or financial information.

THE INTENT IS TO TRICK YOU INTO DIVULGING YOUR PERSONAL INFORMATION, such as your account number, social security number, User ID or Password so they can commit crimes of a monetary nature or identity theft. If you believe the call may be legitimate, tell them that you will call them back, call the bank or the customer service number provided by the financial institution at the time the account was opened or the number on the back of the debit/credit card.

If you do not know who is making a request for personal information, delete the text message/email/voice mail or hang up.

Never give out personal information, such as your social security numbers, bank account numbers or ATM/debit/credit card numbers, to anyone you do not know.

Smishing Scams

Criminals set up an automated system to text people in an area code. The victims receive messages like: "There's a problem with your account," or "Your ATM card needs to be reactivated," and are directed to a phone number or website asking for personal information. Armed with that information, criminals can steal from victims' bank accounts, charge purchases on their charge cards, create a phony ATM card, etc.

Sometimes, if a victim logs onto one of the phony websites with a smartphone, they could also end up downloading malicious software that could give criminals access to anything on the phone. With the growth of mobile banking and the ability to conduct financial transactions online, smishing attacks may become even more attractive and lucrative for cyber criminals.

Don't respond to text messages from unknown or blocked numbers on your mobile phone.

Treat your mobile/smart phone like you would your computer…don't download anything unless you trust the source.

Don't respond to unsolicited e-mails or texts or phone calls requesting personal information, and never click on links or attachments contained within unsolicited e-mails or texts.

"Phone-by" Download Scam

Criminals try to get users to Download Malware from a malicious website. Phone scammers try to convince you to install a piece of software that would allow them to remotely monitor and control your computer.

While you are using your PC, you receive a call from a "call center" telling you that your PC was about to crash and that they were calling to assist you. The call center representative advises you to log onto a website and provides the web address. Then the criminal tells you to click on a link on that website called 'Remote Assistance' which would enable them to have access to your PC.

Another variation of the scam consists of someone calling and saying they were "technical support" from the user's Internet Service Provider, and emphasized that it was not a sales call. The caller asked if users' computer had been running slow lately, or if you had seen "404 or 403 errors" when surfing the web, etc. The caller asks: "Can you turn on your computer, and bring up a web browser? You respond "It's already up?" Now go to this website ... and click on the 'Remote Assistance' icon." The "Remote Assistance" icon is a link to a file which contains malware to monitor and control your PC.

Be suspicious of unsolicited phone calls/messages or email from individuals asking about your computer or you, or soliciting personal or sensitive client or confidential company information.

If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.

Keep your PC up-to-date with the latest patches and security updates.

Review anti-virus signatures, anti-spyware, and firewall software for current updates.

Do not reveal personal or financial information, and do not respond to email solicitations for this information. This includes following links given by unknown individuals or sent in emails or opening attachments.

If you do not know who is making a request for personal information, delete the text message/email/voice mail or hang up.

Mail Theft

Mail theft occurs when someone illegally intercepts your mail. Their intent is to get personal information, such as account numbers, social security number, credit card numbers, etc. They then use this information to commit identity theft. If you have reason to believe your mail has been stolen, contact your local post office.

Learn More about Fraud

Back to Top