Identity Theft

Online Banking

We use personal computers for almost everything. We share details about our lives, bank accounts and credit/debit cards over the same Internet that we play games and connect with friends on Facebook. When we engage the Internet our information (public and private) is traveling through cyberspace in amazing volumes. Online banking is only as safe and secure as your computer is. The resources listed below inform you of ways to protect your computer and yourself.

Spam & Phishing

Cybercriminals have become quite savvy in their attempts to lure people in and get you to click on a link or open an attachment. The email Cybercriminals send can look just like it comes from a financial institution, e-commerce site, government agency or any other service or business. The e-mail often urges you to act quickly, because your account has been compromised,your order cannot be fulfilled or another matter.

If you're unsure whether an email request is legitimate, try to verify it with these steps: Contact the person(s) directly;

•      Contact the person(s) using information provided on an account statement or back of a credit card; or,

•      Search for the person(s) online.

Please note that Citizens Bank will NEVER ask you to submit personal or account information via email or text. For your protection, any response to an email sent to you should be submitted through our secure website or by phone at 870-793-4441. If you receive an email or text appearing to be from Citizens Bank that asks for personal information such as account numbers or Social Security number, DO NOT REPLY. Please notify us immediately.

The resources listed below can help inform you of ways to protect your computer and yourself:


Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk- and often unwanted- email.


Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.

How Do You Avoid Being a Victim?

Don't reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.

Pay attention to the website's URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g.,.com versus .net).

Keep a clean machine. Install and maintain anti-virus software, firewalls, and email filters to reduce spam.

Protect Yourself with these STOP. THINK. CONNECT.

When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer.

If it looks suspicious, even if you know the source, it's best to delete or if appropriate, mark as junk email. Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true, or asks for personal information.

Secure your accounts: Ask for protection beyond passwords. Many account providers now offer additional ways for you verify who you are before you conduct business on that site.

Please be sure to contact us regarding any questions you have in regard to how these security awareness notes pertain to you. You may contact us by calling e-Banking, 870 793 4441; or, by e-mailing us at


Business Best Practices

  • Download and install the Secure Browser required by us to perform your Cash Management functions.
  • Request an IP address restriction on your account so that only the computer(s) you authorize can perform transactions on your account.
  • Enable alerts to advise you when ACH batches are initiated, ACH batches are processed and Wires are transmitted.
  • Perform transactions on a committed computer that is not used for email or Internet searches.
  • Follow recommendations from your network administrator and/or IT specialist.
  • How Does Regulation E Apply to Accounts with Internet Access


What is Regulation E? 
This regulation protects individual consumers engaging in electronic fund transfers (EFT). Non-consumer accounts are not protected by Regulation E.

What is an EFT?
Any transfer of funds initiated through an electronic terminal, telephone, computer, or magnetic tape for the purpose of ordering, instructing, or authorizing a financial institution to debit or credit a consumer's account. The term includes, but is not limited to:

  • Point-of-sale transfers
  • Automated Teller Machine transfers (ATM)
  • Direct deposits or withdrawal of funds
  • Transfers initiated by telephone
  • Transfers resulting from debit card transactions, whether or not initiated through an electronic terminal
  • Transfers initiated through internet banking/bill pay

How does Regulation E apply to a consumer using internet banking and/or bill pay?
Regulation E is a consumer protection law for accounts established primarily for personal, family, or household purposes. Excluded from coverage are non-consumer accounts, such as Trust, Corporations, Partnership, etc. Regulation E gives consumers a way to notify their financial institution that an EFT has been made on their account without their permission. If you are unsure if your account is protected by Regulation E, contact us.

What are the applicable protections provided to consumers under the Act for consumers who use internet banking and/or bill pay?
If you believe an unauthorized EFT has been made on your account, contact us immediately. If you notify us within four business days after you learn of the unauthorized transaction, the most you can lose is $50. Failure to notify the bank within four business days may result in losses up to $300.

No Liability Limit: 
Unlimited loss to a consumer account can occur if:

  • The periodic statement that you receive reflects an unauthorized transfer of money from your account, and
  • You don’t report the unauthorized transfer to the bank within 60 days after it has mailed your statement, and
  • The loss could have been avoided if you had given timely notice

How does Regulation E apply to a non-consumer using internet banking and/or bill pay?
A non-consumer customer using internet banking and/or bill pay is not protected under Regulation E. Because the customer is not protected by Regulation E special consideration should be made by the customer to review the controls in place to ensure that they are commensurate with the risk level that the customer is willing to accept.

What precautions should a non-consumer take because they are not protected by Regulation E?
As a non-consumer customer you should perform a risk assessment and evaluate the controls you have in place periodically. The risk assessment should be used to determine the risk level associated with any internet activities the non-consumer customer performs and any controls in place to mitigate these risks.