Security Alerts


Beware of Secret Shopper Scams

If it seems too good to be probably is. For more information regarding shopper scams and other consumer fraud visit the Federal Trade Commission website or FBI website.


Beware of Skimming Devices

Area convenient stores are targets for skimming devices

ďATM skimmingĒ is basically an electronic device placed illegally on an ATM that scoops information from a bank cardís magnetic strip whenever a customer uses the machine. ATM skimming is a growing criminal activity that some experts believe costs U.S. banks hundreds of millions of dollars annually. For a graphic view ATM-skimming.


The holidays are here, so shop with care!

Criminals and online thieves are especially active during the holiday season. Hereís how to shop safer.

The holidays often bring friends and family together for celebrations and good cheer. For many, this means spending more time shopping online and at the mall for that perfect gift. Unfortunately, thieves are also busy at this time of year, looking for unsuspecting victims.


When shopping online

  • Use a secure, unique password for your email account. Online retailers often require an email address to register at their website. If a website is compromised, criminals can leverage your email account to hack your other e-commerce accounts.
  • Use a single card for all online purchases to minimize your risks to one account. Monitor your payment account regularly for unauthorized purchases or other charges. Consider using a prepaid card, such as a VISA® gift card thatís loaded with only enough balance to cover your planned purchases.
  • Beware of phishing ads or pop-ups for ďamazingĒ deals. Hackers often set these up to install malware on your computer when you click. The thieves could also be trolling for information, payment account credentials or other personally identifiable information (PII) used to steal your identity.
  • Don't shop online using public computers or networks. Libraries, food courts and coffee shops are dangerous places to do online business. Bad guys may have installed key loggers, sniffers or other malware designed to steal your information.
  • Keep your computer and browser up to date with the latest patches and software.
  • Shop at reputable sites and be sure the sites you visit are legitimate. Cybercriminals can create website URLs that look very similar to real websites to fool shoppers. For example: A scam site could be called hxxp:// and be set up to look exactly like The scam site can then steal any information you enter at the site, such as your login credientials or your payment card number. Pay close attention to the browser's address bar before entering any sensitive information, and move your mouse pointer over any link that directs you to a shopping site to make sure the link takes you to a legitimate website.

When at the shopping center

  • Avoid driving alone or at night. If you must shop at night, park in a well-lit area, park as close as you can to your destination and take notice of where you parked.
  • Donít leave packages or valuables on the seat of your car. This creates a temptation for thieves. If you must leave something in the car, lock it in the trunk or put it out of sight.
  • When approaching or leaving your vehicle, be aware of your surroundings. Donít approach your car alone if there are suspicious people in the area. Check the back seat before getting in. Consider asking mall or store security for an escort before leaving your shopping location.
  • Use ATMs only in well-lit, public places. Be aware of anything that doesnít look right ó ATM skimmer devices may have been installed by thieves to steal card numbers and PINs. If there are people loitering in the area, find another terminal.
  • Dress casually and comfortably. Avoid wearing expensive jewelry, carrying expensive handbags or flashing large amounts of cash.
  • Keep records at home of your credit and debit card numbers and customer service numbers. If your cards are lost or stolen, put a block on your cards using an app such as SHAZAM® BOLT$ô or immediately report it to your financial institution to block your cards.
  • If possible, leave children at home with a trusted babysitter. If you must shop with your kids, teach them to stay close to you at all times. Never allow them to make unaccompanied trips to the restroom or to the car. Instruct them to ask a store clerk or uniformed security guard for assistance if they become separated from you.
  • When at home, donít leave large displays of holiday gifts in plain view from outside your home. Common sense and awareness can go a long way toward helping you and your family stay safer this holiday season. If youíre unsure of your surroundings or situation, either in person or online, get away and report the suspicious behavior or scam.


For more information To learn more about your rights as a consumer or to make complaints about online consumer issues, go to


These tips brought to you by SHAZAM and Citizens First Bank.


Traveling this Holiday Season? Beware of Identity Theft

With the holiday season in full swing, the Department of Homeland Securityís Stop.Think.Connect.ô Campaign reminds travelers to be vigilant with their electronic devices. While many people rely on these devices for travel arrangements, directions, and communication, identity thieves may try to take advantage of those on the go.

Follow these simple steps from the United States Computer Emergency Readiness Team to protect yourself and your personal information while traveling:

  • Password protect your devices. This year, travelers lost 11,000 mobile devices at the busiest U.S. airports.
  • Be aware of your surroundings. Make sure that no one can see you type your passwords or see any sensitive information on your screen
  • Turn Bluetooth off if youíre not using it. Cyber criminals have the know-how to pair their Bluetooth device with yours to steal personal information.
  • Be wary of Wi-Fi networks. Only connect over secure networks.
  • Back up your files. To avoid losing valuable information, make backups of important files and store the backups in a separate location.

Cybersecurity is a shared responsibility and each of us has a role to play. For more basic tips to stay safe this holiday season, visit

Don't forget to check out our BOLT$ App for your Citizens First Bank debit card! It provides you with control, fraud alerts, card blocking, 24/7 email alerts, and account balance.


Text Message Scam Alert

Oct 11, 2016 | Security Alerts & Updates

We have received multiple reports of a text message scam throughout our area. People have reported receiving a text message claiming to be from Citizens First Bank alerting customers that their debit card is blocked or locked. A number is provided in the fraudulent message urging customers to make contact. The text message should be considered fraudulent.

The scam is representative of "smishing" scams, used by fraudsters to bait individuals into revealing personal information. Be leery of text messages that indicate a problem or question regarding your financial accounts or cards.

If you receive such a text message, do not click on the link or respond to the message and do report the message to the Federal Trade Commission.

REMINDER: Citizens First Bank never sends texts or emails to our customers requesting personal information. If you do receive one, it is a scam. If you have any questions it is best to call the bank directly at 563-243-6000 and ask to speak with a Customer Service Representative.


A Bank Customerís Guide to Cybersecurity

What Consumers Can Do... and What Banks and Regulators Are Doing ... to Help Prevent Online Fraud and Theft. For a great document on the subject Click Here>>>. For more security and fraud information from the FDIC Click Here>>>.


October is National Cyber Security Awareness Month

Cyber Quick Tips

The majority of cybercriminals do not discriminate; they target vulnerable computer systems regardless of whether they are part of a government agency, Fortune 500 company, small business, or belong to a home user. However, there are steps you can take to minimize your chances of an incident:

  • Set strong passwords, change them regularly, and donít share them with anyone.
    • Do not include your name, your kids' or pets' names, or other well-known information about yourself in your password;
    • Avoid using common words in your passwords or passphrases. Instead, break up words with numbers and punctuation marks or symbols. For example, @ can replace the letter "A" and an exclamation point (!) can replace the letters "I" and "L"; and
    • Use a combination of upper and lower case letters.
  • Keep your operating system, browser, and other critical software optimized by installing updates.
  • Maintain an open dialogue with your friends, family, colleagues and community about Internet safety.
  • Use privacy settings and limit the amount of personal information you post online.
  • Be cautious about offers online Ė if it sounds too good to be true, it probably is.

Remember Stop. Think. Connect.

STOP: Before you use the Internet, take time to understand the risks and learn to spot potential problems.

THINK: Take a moment to be certain the path ahead is clear. Watch for warning signs and consider how your actions online could impact your safety, or your family's.

CONNECT: Enjoy the Internet with greater confidence, knowing you've taken the right steps to safeguard yourself and your computer (and other devices).


For more information Click Here >>>



  • Carry as little cash as possible; use debit cards, credit cards, or travelerís checks whenever possible
  • Find out your daily withdrawal limit before you leave, or ask to have it increased
  • Inform your financial institution of your travel plans
  • Dress conservatively, wearing only a
    minimum of jewelry
  • Donít carry and expensive camera on a strap around your neck
  • Avoid walking anywhere alone whenever possible
  • Avoid high-risk areas
  • Never get into an unmarked taxi
  • Never leave money, cameras, computers, or other valuables in a hotel room

Citizens First Bank 8:30am-4:30pm 563-243-6000

After hours

Lost or Stolen Debit or ATM Card 800-383-8000

Lost or stolen CFB Credit Card 800-325-3678

Debit or ATM Card Issues or Fraud 866-508-2693

Lost or Stolen CFB Gift Cards 800-486-0292

For U.S. Foreign travel information visit or call 888-407-4747



Two Ways Tax Scammers Might Target You

Itís that time of year ó tax time. Itís also a great time to get up to speed on tax-related scams. Here are two ways tax scammers might target you:



Tax identity theft

This kind of identity theft happens when someone files a fake tax return using your personal information ó like your Social Security number ó to get a tax refund or a job. You find out about it when you get a letter from the IRS saying:

  • more than one tax return was filed in your name, or

  • IRS records show wages from an employer you donít know

If you get a letter like this, contact the IRS Identity Protection Specialized Unit at 800-908-4490. You can find more about tax identity theft at the FTC (Federal Trade Commission) website and IRS website.



IRS imposter scams

This time scammers arenít pretending to be you ó theyíre posing as the IRS. They call you up saying you owe taxes, and threaten to arrest you if you donít pay right away. They might know all or part of your Social Security number, and they can rig caller ID to make it look like the call is coming from Washington, DC Ė when it could be coming from anywhere. Leaving you no time to think, they tell you to put the money on a prepaid debit card and tell them the card number right away.

The real IRS wonít ask you to pay with prepaid debit cards or wire transfers, and wonít ask for a credit card number over the phone. When the IRS contacts people about unpaid taxes, they usually do it by mail. If you have a question about your taxes, call the IRS at 800-829-1040 or go to the IRS website. You can report IRS imposter scams to the Treasury Inspector General for Tax Administration (TIGTA) online or at 800-366-4484, and to the FTC Federal Trade Commission) website.


For more identity tips Click here>>>


Stagefright Android Text Message Vulnerability

You may be hearing about the Stagefright vulnerability in the news. Stagefright is vulnerable to a remote code execution bug, allowing hackers to potentially infiltrate devices and access private information by sending a SMS message with a video in it.

If you have questions about availability of a patch for your specific device or disabling MMS, you should contact your carrier.


Beware of Social Media Contests - Card Cracking


The scam is called card cracking and it may start off innocently enough. You see a post on a social media site announcing a contest. Or maybe a webpage that claims to have a celebrity affiliation is offering a gift card giveaway. The variations are endless, but hereís the tip-off that fraud is afoot. At some point, youíre asked for your bank account information, PIN number, or online banking credential. Thatís when you can bank on the fact that those ďinnocentĒ offers arenít what theyíre cracked up to be.


How does the scam work? Once card crackers have access to your account, they deposit multiple checks Ė usually remotely Ė and then make quick ATM or money order withdrawals. The goal is to get the cash in hand before the bank figures out the checks are phony.


That form of card cracking works like other scams involving the unauthorized use of your account data. You turn over your information for one purpose only to find out that scammers have used it for their own benefit.


But thatís not the only kind of card cracking. In other variations, people respond to a text, video, or social media post promising fast cash or even explicitly promoting card cracking as an easy way to pay the bills. The account holder Ė often a student Ė will hand over their debit card number, PIN, or password and allow checks to be run through their account. In exchange, scammers will offer them a small piece of the action. The account holder may try to rationalize it as just a shady way to game the system, but címon. No legitimate business deposits checks that way. Whatís really going on is fraud and account holders who cooperate with card crackers have stepped in the middle of it.


The scammers hope the payments are enough to keep the account holder from asking too many questions, but the question people should be asking is whether itís worth the risk of involving themselves in criminal activity. Thanks to an ongoing card cracking crackdown, suspects are facing indictments, and people who let their accounts be used may be on the hook for the losses.


Thatís not the only risk. Scammers have been known to help themselves to funds legitimately in the account Ė tuition money or a paycheck, perhaps Ė or to go on a shopping spree with the personís debit card. If the account holder was in cahoots with the card cracker, itís tougher to argue that the transactions were entirely unauthorized.


Many students heading off to school or joining the work force are opening their first bank accounts. Involvement in a scam like card cracking threatens their financial future. One tip that bears repeating: No above-board contest, social media promotion, or job opportunity requires that people hand over their bank cards, PIN numbers, or online banking credentials. Never give anyone a crack at your account.



This scam warning from the Davenport Police Department, the Federal Trade Commission and the Better Business Bureau:


The Federal Trade Commission and the Better Business Bureau are warning of a new fraudulent fraud department scam where scammers pretend to be from credit card companiesí fraud departments. This new scam is to trick individuals into revealing their cardís security code.


Here's how the scam works:

  • You answer the phone, and the caller says he/she is from your credit card's security department. This "fraud specialist" tells you that there's suspicious activity on your card. He makes up a bogus transaction and asks if you authorized it. When you reply that you never made the purchase, the "fraud specialist" offers to open an investigation into the charge. The scammer may even give you a fake case number for reference.
  • Everything seems normal until the scammer asks one last question. Under the guise of verifying that the credit card is in your possession procession, he requests the security code on the back of your card. Don't give it to him/her; it's a scam.
  • In this particular con, identity thieves already have your information. They know your name, credit card number, phone number and address. Now, all they need is the security code on the back of your card. If you share it, you give the con artist the information he needs to wrack up charges in your name.

What to do if a fraudulent fraud department calls?

  • Don't give the caller any information about your account - even if he already knows some of the details.
  • Pick up the phone. Call the customer service number on the back of your credit card. Talk to the fraud or security department and ask about the unauthorized charges the caller told you about.
  • Phone numbers can deceive. Some con artists use Internet technology to disguise their area code in Caller ID systems. Although it may look like they're calling from your credit card company, they could be calling from anywhere in the world.

For More Information read the full alert on the FTC's website. To find out more about other scams, check out Better Business Bureau's Scam Stopper (




Please be aware that we will never call you and ask for account number or debit card number information. If you receive a call such as this, please hang up and contact one of our Customer Service Representatives at 563-243-6000 or toll free 877-902-1442 to let us know about the call you received. Thank you!