We are keeping a close eye on the "Heartbleed" bug you may have heard about. The vendor we use for Online Banking has completed a preliminary assessment and has not discovered any vulnerability. We will be sure to keep you updated should anything to the contrary be discovered. Rest assured that we are doing everything we can to help ensure that your information is safe.

It is always a good practice to use unique passwords for all of the online services you access. If your GCF Online Banking password has also been used with a different service, we do recommend that you change your Online Banking password at this time.

If you currently utilize GCF’s online banking EXPRESS TRANSFER function to make your loan payments, this service will be temporarily unavailable from April 25, 2014 through June 9, 2014. As an alternative to this temporary inconvenience, you can do one of the following:

  • Contact 1-877-589-6600 ext. 320 or 368 between the hours of 9:00 a.m. and 5:00 p.m., Monday through Friday, to manually complete the transaction.
  • Mail a check to Investors Bank, 101 Wood Avenue South, Iselin, NJ 08830.
  • Sign up for GCF’s online bill payment system and set up a monthly payment to be sent to Investors Bank.

Fast Access

GCF Bank is now part of the Investors Bank family!

Thursday, March 27, 2014

Edition #746

Today's Highlights:

For version of GCFlash with larger text, click here.

Past issues of GCFlash:

February 27, 2013 Edition #745

January 7, 2013 Edition #744

December 17, 2013 Edition #743

December 10, 2013 Edition #742

Weekly Spotlight:

On March 10, Roma Bank's transition into the Investors family was completed. And that's good news for GCF customers. Our conversion is scheduled to take place 2nd Quarter 2014. When it does, we'll be able to use their former branches in Burlington, Mercer, and Camden Counties. That will give us access to over 125 full-service branches and ATMs across New Jersey and New York. Click here to find one wherever you're traveling.

Our Current Rates:

For a listing of our current deposit and loan rates, click here.

Today's National Market Rates
March 27, 2014 6 Mo Ago
1 Yr Ago
5 Yrs Ago
ISBC 27.55 (-0.28%) 21.99 18.75 8.78
Dow Jones Industrial Average
(Down 312.43 or 1.88% since 12/31/13)
16,264.23 (-0.03%) 15,258.20 14,526.20 7,776.20
S&P 500
(Up 0.68 or 0.04% since 12/31/12)
1,849.04 (-0.19%) 1,691.75 1,562.85 815.94
(Down 25.36 or 0.61% since 12/31/12)
4,151.23 (-0.54%) 3,781.59 3,256.52 1,545.20
10 Year Treasury Bond Yield 2.68% 2.62% 1.85% 2.76%
British Sterling 1.6615 1.6053 1.5169 1.4551
Euro 1.3747 1.3504 1.2862 1.3572

Back to top

1st Flash

XP and ATMs

The media frenzy has begun. Apparently media pundits don't read GCFlash. If they did, they would have known last October that Windows XP was nearing the end of its life cycle. We told you it was coming April 8, 2014. And what that means for your home computer.

Well... Maybe they did. They're not so concerned about your personal security. Their hype surrounds ATM and banking safety.

Most importantly, know that GCF's ATMs are protected. Windows XP includes a suite of various products. The one we use in our ATMs, Windows XP Embedded, will continue to be supported by Microsoft until January 12, 2016.

It's the products designed for home use that are being laid to rest. No more security updates. No more patches. Your computer will continue to run. But if you connect to the Internet, do so at your own risk. The GCFlash article referenced above explains what home users need to know to bring their PC up to speed.

While our ATMs are secure, we can't assure the safety of a foreign ATM.

It's a safe assumption that ATMs located on bank properties are secure. Financial institutions have an obligation to make their customer's banking experience as safe as possible. It's our job to protect your money. Even if we miss something, we have regulators watching for this kind of thing.

Be wary of an ATM located in a convenience store, night club, or another remote location. Those off the beaten path are independently owned. Their owners may not be as savvy about how the machine works. They may not understand the risk.

But you avoid those anyway, don't you? They're the same ones that are easy to attach a skimming device to since they're not under the watchful eye of security cameras.

The greater concern is whether banking institutions will be exposed to a higher threat risk if they use XP on workstations to service customer accounts.

Again, media hype. Banking institutions employ layered security controls that block threats on detection. They can't get past our firewall to even reach a workstation. We don't expect Microsoft to provide the security our customers deserve. We take care of it ourselves. Their lack of support has no bearing on us.

So why all the hype?

Hackers have reportedly been stockpiling XP exploits. Computer code that infiltrates a system through a hole in its programming. They sell the code on the black market to anyone willing to pay the price.

The most valuable are zero-day exploits. These net between $30,000 and $150,000 on the black market today. Experts estimate the price could easily double after April 8th. With Microsoft no longer writing new security patches, the operating system is at risks for vulnerabilities that are unknown today.

It's not your bank or ATM you need to worry about. If you're still using Windows XP at home, time is running out.

Tip of the Day

Windows XP isn't fading away alone. Office 2003 is going with it. Read our article in the October 29, 2013 issue of GCFlash to learn more.

Back to top

2nd Flash

Enhanced Security In Wake of Target Breach

When we covered this story last in the January 7, 2014 edition of GCFlash, much was yet unknown about the massive breach aimed at Target stores. We've since learned Target was not alone.

Neiman Marcus, Sally Beauty, and at least six other stores were also victims. Word spreading through security circles indicates a major restaurant chain and hotel chain are among those who were breached. While specific names are not yet being released due to confidentially in a case still unfolding, Michaels craft stores and Sears are rumored to be among them.

Recent attacks targeting Chicago taxicabs and the California Department of Motor Vehicles do not appear to be related.

Retailers that have gone public about their breach assure their customers that they are PCI compliant. The Payment Card Industry (PCI) sets standards for credit/debit card usage in the U.S. Their Securities Standards Council, founded by American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc., incorporates their technical requirements into each of their data security compliance programs.

Merchants who accept credit/debit cards are audited annually to confirm their POS systems comply with industry standards. There are substantial penalties for non-compliance.

Yet it's impossible to protect against threats you don't yet know exist.

The malware used is being called Kaptoxa, a Russian word that appears in the code several times. It began circulating on underground websites last June and customized by hackers to hit specific victims.

The software infects POS terminals, transmits the stolen info, and automatically deletes the file to avoid detection. The longer the malware goes undetected, the more time cybercrooks have to harvest information.

Security experts and businesses are scrambling to find ways to protect against this new wave of attacks. Merchants are encouraged to enhance customer safety by adding additional security to their websites, keeping their customer data stored on a different server than their public-facing website, restricting sensitive data to only those employees who need access, and keeping security software updated.

In other words, adhere to the same standards required by the PCI Securities Council. None of this is earth-shattering advice. It's common sense.

Consumers are advised to watch their bank and credit card activity closely. Login to your accounts so suspicious activity is reported promptly, before significant damage occurs. Same common sense advice we've been offering for years.

Those of us in the banking industry are well aware of the dangers that lurk with every keystroke. We safeguard your online banking activity more diligently than brick and mortar branches can protect physical assets left in their care.

This doesn't mean money you leave at a teller station isn't safe. You've likely had opportunity to see the vault used to hold such valuables. What I'm saying is that our online banking platform is even more secure than that.

Someone trying to pull off a bank heist can be seen. They walk through a door and must be physically present to attempt a robbery. Many are foiled. Those that succeed don't get away with much money, and are quickly apprehended. It would take a Bonnie and Clyde type operation to do much harm.

Someone pulling a cyber heist is harder to detect. We don't see them hacking away. Most are still foiled. And diligent consumers have learned to detect fraud in its earliest stages, limiting the cost. But a scheme on the level of a Bonnie and Clyde heist could still cause substantial damage.

That's where we excel. GCF uses a program that runs in the background of our online banking platform. It not only validates your login information, it also compares it to your normal routine. Are you logging in from the same IP address? Are you transferring a larger sum of money than usual? Are you performing a transaction out of the norm? This allows us to stop fraud before it occurs.

Investors uses a similar product called Trusteer. Learn about it here.

In addition, GCF will soon be using a new method to authenticate your online banking credentials. You'll no longer see the image you selected when setting up your account. In its place, validation will be taking place behind the scenes where neither you nor a scammer can intercede. Watch for more details in the April 24th issue of GCFlash.

Back to top


"Not only can you not plan the impact you're going to have, you often won't recognize it even while you're having it." - Twitter CEO Richard Costolo

Today in History

1884 - The first long-distance telephone call is made from Boston to New York.

Flash Fact

The first long-distance telephone call was made possible by using copper rather than galvanized iron as was common in 1884. The cost of the connection was $2 in the daytime, $1 at night.

Have a comment about something you read in GCFlash? Suggestions for future articles? Drop us an email!

Back to top


GCFlash is a monthly e-mail sent only to its listed customers and associates free of charge. GCFlash informs customers of special product offerings which may be of interest, current interest rates on both deposit and loan products, selected financial news and other financial tidbits. GCFlash is intended to supplement the more comprehensive information listed on the GCF Web site at


For a copy of our Privacy Policy, visit

GCF maintains your e-mail address in a confidential and secure database along with much of your other account information, such as mailing address and telephone number, etc. Before aggregating our e-mailing list each week, we filter out any duplicates. In most cases, this inhibits the unintended e-mailing of multiple copies of GCFlash to a single e-mail address. However, because these account records are kept by both individual and account, there is a chance members of the same household could each receive a copy of GCFlash or any other transmission at the same e- mail address - resulting in multiple copies. For example, a husband and wife that both have accounts with GCF may both receive a copy because the names are different but listed at the same e-mail address. This is similar to the manner in which each individual may share a common telephone number. To handle this situation, GCF recommends you simply delete any extra copies of GCFlash as this will ensure that ALL individuals receive any future promotional mailings, which might only be targeted or offered to specific accountholders meeting certain criteria. GCF has the capability to suppress customer e-mail addresses so they are omitted from our transmission list. If you would rather have a specific household member's e-mail address suppressed in our electronic database, simply send us a reply, as stated below, and indicate the accountholder for which you would like to have e-mail suppressed. Please keep in mind that this suppression will mean that NO future e-mails are sent, including special promotional offers. If you have any questions about this process or need additional information, please contact us at

If you would like to be removed from this electronic mailing list, click this link to send us an email to unsubscribe. Please note, removing your name from our electronic mailing list means GCF will send NO FUTURE NEWS or SPECIAL OFFERS.

GCF Bank
381 Egg Harbor Road
Sewell, NJ 08080
(856) 589-6600