Alcatraz Island
Alcatraz Island

Security and Fraud Center

Your security is our top priority. Our privacy standards apply both online and offline, and we use multiple layers of digital safeguards to protect your information whenever you bank with us online.

Online fraud schemes evolve constantly. Stay alert to suspicious emails, texts, or offers that pressure you to act quickly or share personal data.

Simple ways to protect yourself:

  • Don’t click unexpected links or open unknown attachments.
  • Never respond to requests to “verify” personal or financial details.
  • Confirm messages directly with the sender using contact info you find yourself.
  • Be skeptical of offers that seem too good to be true.
  • Research apps before downloading; fake banking apps are common.

Learn more from official sources:

Cyber-criminals often target small and mid-size organizations. Strong security practices can reduce risk.

Top business protection tips:

  • Conduct regular risk assessments and keep antivirus tools current.
  • Require dual approval for sensitive transactions.
  • Require secondary verification for vendor requests to change payment information.
  • Encrypt financial communications and back up data off-site.
  • Educate employees about phishing and ransomware.
  • Develop and test an incident-response plan.

If you suspect fraud on your business accounts, contact your Relationship Manager immediately.

We use multi-layered authentication, secure cookies, and automatic time-outs to safeguard online sessions.

You can help by:

  • Creating strong, unique passwords and updating them regularly.
  • Keeping login credentials private.
  • Logging off or closing the app when finished.
  • Downloading the Bank of San Francisco mobile app only from verified app stores.
  • Reporting suspicious emails to mainoffice@bankbsf.com.

Remember, we will never ask for your password or account information by email or text.

Social engineering scams manipulate victims into revealing confidential information. Be aware of these common tactics:

Phishing: Fraudulent emails or texts that appear to come from trusted sources.

Spear Phishing / Whaling: Highly targeted messages aimed at executives or specific employees.

Baiting: Leaving malware-infected devices (like USB drives) in public places, hoping someone will plug them in.

Pretexting: Pretending to be a colleague, vendor, or authority figure to obtain sensitive data.

Scareware: Alarming pop-ups that claim your device is infected to trick you into downloading malicious software.

Always verify unexpected requests. If you’re unsure, contact us immediately.

Learn more about social engineering in this video.

If you believe you’ve been a victim:

  1. Contact the three credit bureaus (Experian, Equifax, TransUnion) and request a fraud alert.
  2. File a police or FBI report.
  3. Review your credit reports and bank accounts for unauthorized activity.
  4. Notify Bank of San Francisco (415-744-6700) and any other financial institutions immediately.
  5. Change PINs and passwords.
  6. If business accounts are affected, report to the California Attorney General and Better Business Bureau.