Skip Ribbon Commands
Skip to main content

 Fraud Prevention

How PlainsCapital Bank Communicates
PlainsCapital Bank’s general practices do not ask for personal or financial information, including account numbers or passwords, through unsolicited e-mail or pop-up windows. Report any unsolicited request for PlainsCapital Bank account information by calling 866.762.8392 or e-mailing
Online Fraud
Online fraud occurs when someone poses as a legitimate company to obtain personal and financial information over the Internet and illegally conducts transactions using that information. Commonly called "phishing," the most common forms of online fraud are fake e-mails, websites, and pop-up windows. However, recent acts of corporate account takeover have crept up against businesses of all sizes.
How to Identify Online Fraud
Fake e-mails and websites often appear to be legitimate. They typically prompt you to provide your personal or account information. Fake e-mails and websites are becoming more difficult to spot, but there are some common identifiers.
  • Urgent requests. Fraudulent e-mails and websites often urge you to confirm or verify your account information by replying to an e-mail or clicking on a link.
  • Requests for security updates. Fraudulent e-mails often claim that important security information needs to be updated by clicking on a link or responding to the message.
  • Misspellings or errors. Fraudulent e-mails and websites often contain misspellings and grammatical errors. The text is often awkward or inappropriate, and the design or layout may be of poor quality.
  • Unsolicited pop-up windows. Fraudulent pop-up windows are typically unsolicited, meaning they appear without the user clicking on a link. PlainsCapital does not use pop-up windows to request customer information on our website
How You Can Protect Yourself from Online Fraud
  • Make sure your computer software and Web browser are up-to-date.
  • Install and regularly update a virus protection program.
  • Scan your computer for spyware regularly.
  • Use one computer for business purposes only. Do not use this computer for visiting social websites (e.g., Facebook, Twitter) or other sites as these websites are often flooded with viruses.
  • Avoid downloading programs from unknown sources.
  • Do not share your user ID or password with anyone—even your coworkers
  • Choose passwords with both letters and numbers, and change your passwords often.
  • Always sign out of secure areas of websites, such as Internet Banking, where a user ID and password are required.
  • Be cautious before sharing your e-mail address with questionable websites, as this increases your risk of receiving fraudulent e-mails.
  • Delete suspicious e-mails without opening them. Never open attachments in suspicious e-mails.
  • When your computer is not in use, shut it down or disconnect from the Internet.
  • Never provide sensitive account information in response to an unsolicited e-mail, website, or pop-up window. If you are unsure of the validity of a request for account information, call PlainsCapital Bank for confirmation before providing any information.
  • Always review your monthly account statements carefully and investigate any unauthorized activity on your account.
Corporate Account Takeover
Corporate account takeover occurs when someone steals a business’ Internet Banking credentials. Once the perpetrator has the online credentials, he or she has online access to the business’ accounts and can transfer money and perform other transactions that those credentials allow.
Thieves use various methods to steal credentials, including:
  • Mirror the look of a legitimate financial institution’s website. Businesses provide their online credentials to sites that appear to be legitimate without realizing that a perpetrator is behind the website.
  • Deploy malware to infect computer workstations and laptops via infected links or document attachments. Malware can be downloaded to users' workstations and laptops when they click on infected links or attachments in e-mails. In addition, malware can often be downloaded from legitimate websites—especially social networking sites—when users click on infected documents, videos or photos posted there. The malware installs software on the computer, allowing the perpetrator to capture the user’s ID and password when they are entered at the financial institution’s website.
How to Protect against Corporate Account Takeover
Corporate customers can follow these steps to protect themselves against account takeover.
  • Always initiate ACH and wire transfer payments under dual control. For example, one individual initiates the creation of the payment file, and another approves the transaction.
  • Restrict functions for computer workstations and laptops that are used for Internet Banking and payments. This will help to prevent the inadvertent downloading of malware or other viruses by users.
  • Ensure that your business’ operating system and its components are up-to-date with current software patches.
  • Reconcile your business bank accounts daily, which may help you recognize fraudulent activity quickly so immediate action can be taken.
If You Suspect You Are A Victim Of Online Fraud or Corporate Account Takeover
If you believe that you are a victim of online fraud or corporate account takeover, report the incident to PlainsCapital Bank immediately by calling 866.762.8392 or e-mailing
Additional Resources
For additional information on protecting your company from fraud, visit these trusted resources:
  • For tips from the federal government on how to protect your business ‘information, go to
  • For information from the Federal Trade Commission to help you online fraud and corporate account takeover, go to
  • For tips from the FDIC about how to protect your business from online fraud and corporate account takeover, go to