Thursday, March 27, 2014
On March 10, Roma Bank's transition into the Investors family was completed. And that's good news for GCF customers. Our conversion is scheduled to take place 2nd Quarter 2014. When it does, we'll be able to use their former branches in Burlington, Mercer, and Camden Counties. That will give us access to over 125 full-service branches and ATMs across New Jersey and New York. Click here to find one wherever you're traveling.
Our Current Rates:
For a listing of our current deposit and loan rates, click here.
XP and ATMs
The media frenzy has begun. Apparently media pundits don't read GCFlash. If they did, they would have known last October that Windows XP was nearing the end of its life cycle. We told you it was coming April 8, 2014. And what that means for your home computer.
Well... Maybe they did. They're not so concerned about your personal security. Their hype surrounds ATM and banking safety.
Most importantly, know that GCF's ATMs are protected. Windows XP includes a suite of various products. The one we use in our ATMs, Windows XP Embedded, will continue to be supported by Microsoft until January 12, 2016.
It's the products designed for home use that are being laid to rest. No more security updates. No more patches. Your computer will continue to run. But if you connect to the Internet, do so at your own risk. The GCFlash article referenced above explains what home users need to know to bring their PC up to speed.
While our ATMs are secure, we can't assure the safety of a foreign ATM.
It's a safe assumption that ATMs located on bank properties are secure. Financial institutions have an obligation to make their customer's banking experience as safe as possible. It's our job to protect your money. Even if we miss something, we have regulators watching for this kind of thing.
Be wary of an ATM located in a convenience store, night club, or another remote location. Those off the beaten path are independently owned. Their owners may not be as savvy about how the machine works. They may not understand the risk.
But you avoid those anyway, don't you? They're the same ones that are easy to attach a skimming device to since they're not under the watchful eye of security cameras.
The greater concern is whether banking institutions will be exposed to a higher threat risk if they use XP on workstations to service customer accounts.
Again, media hype. Banking institutions employ layered security controls that block threats on detection. They can't get past our firewall to even reach a workstation. We don't expect Microsoft to provide the security our customers deserve. We take care of it ourselves. Their lack of support has no bearing on us.
So why all the hype?
Hackers have reportedly been stockpiling XP exploits. Computer code that infiltrates a system through a hole in its programming. They sell the code on the black market to anyone willing to pay the price.
The most valuable are zero-day exploits. These net between $30,000 and $150,000 on the black market today. Experts estimate the price could easily double after April 8th. With Microsoft no longer writing new security patches, the operating system is at risks for vulnerabilities that are unknown today.
It's not your bank or ATM you need to worry about. If you're still using Windows XP at home, time is running out.
Enhanced Security In Wake of Target Breach
When we covered this story last in the January 7, 2014 edition of GCFlash, much was yet unknown about the massive breach aimed at Target stores. We've since learned Target was not alone.
Neiman Marcus, Sally Beauty, and at least six other stores were also victims. Word spreading through security circles indicates a major restaurant chain and hotel chain are among those who were breached. While specific names are not yet being released due to confidentially in a case still unfolding, Michaels craft stores and Sears are rumored to be among them.
Recent attacks targeting Chicago taxicabs and the California Department of Motor Vehicles do not appear to be related.
Retailers that have gone public about their breach assure their customers that they are PCI compliant. The Payment Card Industry (PCI) sets standards for credit/debit card usage in the U.S. Their Securities Standards Council, founded by American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc., incorporates their technical requirements into each of their data security compliance programs.
Merchants who accept credit/debit cards are audited annually to confirm their POS systems comply with industry standards. There are substantial penalties for non-compliance.
Yet it's impossible to protect against threats you don't yet know exist.
The malware used is being called Kaptoxa, a Russian word that appears in the code several times. It began circulating on underground websites last June and customized by hackers to hit specific victims.
The software infects POS terminals, transmits the stolen info, and automatically deletes the file to avoid detection. The longer the malware goes undetected, the more time cybercrooks have to harvest information.
Security experts and businesses are scrambling to find ways to protect against this new wave of attacks. Merchants are encouraged to enhance customer safety by adding additional security to their websites, keeping their customer data stored on a different server than their public-facing website, restricting sensitive data to only those employees who need access, and keeping security software updated.
In other words, adhere to the same standards required by the PCI Securities Council. None of this is earth-shattering advice. It's common sense.
Consumers are advised to watch their bank and credit card activity closely. Login to your accounts so suspicious activity is reported promptly, before significant damage occurs. Same common sense advice we've been offering for years.
Those of us in the banking industry are well aware of the dangers that lurk with every keystroke. We safeguard your online banking activity more diligently than brick and mortar branches can protect physical assets left in their care.
This doesn't mean money you leave at a teller station isn't safe. You've likely had opportunity to see the vault used to hold such valuables. What I'm saying is that our online banking platform is even more secure than that.
Someone trying to pull off a bank heist can be seen. They walk through a door and must be physically present to attempt a robbery. Many are foiled. Those that succeed don't get away with much money, and are quickly apprehended. It would take a Bonnie and Clyde type operation to do much harm.
Someone pulling a cyber heist is harder to detect. We don't see them hacking away. Most are still foiled. And diligent consumers have learned to detect fraud in its earliest stages, limiting the cost. But a scheme on the level of a Bonnie and Clyde heist could still cause substantial damage.
That's where we excel. GCF uses a program that runs in the background of our online banking platform. It not only validates your login information, it also compares it to your normal routine. Are you logging in from the same IP address? Are you transferring a larger sum of money than usual? Are you performing a transaction out of the norm? This allows us to stop fraud before it occurs.
Investors uses a similar product called Trusteer. Learn about it here.
In addition, GCF will soon be using a new method to authenticate your online banking credentials. You'll no longer see the image you selected when setting up your account. In its place, validation will be taking place behind the scenes where neither you nor a scammer can intercede. Watch for more details in the April 24th issue of GCFlash.
GCFlash is a monthly e-mail sent only to its listed customers and associates free of charge. GCFlash informs customers of special product offerings which may be of interest, current interest rates on both deposit and loan products, selected financial news and other financial tidbits. GCFlash is intended to supplement the more comprehensive information listed on the GCF Web site at http://www.gcfbank.com.GCFLASH PRIVACY STATEMENT
GCF maintains your e-mail address in a confidential and secure database along with much of your other account information, such as mailing address and telephone number, etc. Before aggregating our e-mailing list each week, we filter out any duplicates. In most cases, this inhibits the unintended e-mailing of multiple copies of GCFlash to a single e-mail address. However, because these account records are kept by both individual and account, there is a chance members of the same household could each receive a copy of GCFlash or any other transmission at the same e- mail address - resulting in multiple copies. For example, a husband and wife that both have accounts with GCF may both receive a copy because the names are different but listed at the same e-mail address. This is similar to the manner in which each individual may share a common telephone number. To handle this situation, GCF recommends you simply delete any extra copies of GCFlash as this will ensure that ALL individuals receive any future promotional mailings, which might only be targeted or offered to specific accountholders meeting certain criteria. GCF has the capability to suppress customer e-mail addresses so they are omitted from our transmission list. If you would rather have a specific household member's e-mail address suppressed in our electronic database, simply send us a reply, as stated below, and indicate the accountholder for which you would like to have e-mail suppressed. Please keep in mind that this suppression will mean that NO future e-mails are sent, including special promotional offers. If you have any questions about this process or need additional information, please contact us at firstname.lastname@example.org.
If you would like to be removed from this electronic mailing list, click this link to send us an email to unsubscribe. Please note, removing your name from our electronic mailing list means GCF will send NO FUTURE NEWS or SPECIAL OFFERS.
Banking With Us