Security Awareness and customer education

Awareness and Education Program

The Gratz Bank is committed to protecting your personal information that you have entrusted in our care. We take this commitment very seriously and have created this informational page to assist you in keeping your information safe.


Requests for Information

The Gratz Bank will never request personal and confidential information from you by telephone, mail, email or text message. This includes request for your account number, social security number, personal identification number (PIN), debit card number, etc. Requests for this information by anyone should be considered suspicious. Please contact us immediately at (717) 365-3181 if someone claiming to be from The Gratz Bank requests personal or confidential information from you.

  • We may contact you on an unsolicited basis for the following reasons:
    • Suspicious activity on your account
    • Suspicious activity on your debit card
    • Unclaimed property or a dormant account
    •  Past due loan payments or other monies due
    • To confirm changes on your account or contact information

Credit Reports

You have the right to request one free copy of your credit report from each of the credit reporting agencies once per year. Consider rotating the request in order to check your credit report throughout the year.

  • Below are links and phone numbers to the three major agencies:

Phishing and Social Engineering

Criminals attempting to perpetrate fraud may contact you via email, phone or text in order to get you to reveal personal information or to get you to open an infected link or attachment that could compromise the security of your device.

  • Beware suspicious communications that contain:
    • Urgent appeals that claim something bad will happen if you fail to confirm personal information
    • Urgent appeals that someone you know is traveling and is in need of funds
    • Offers that sound too good to be true such as providing confidential information in exchange for money, lottery winnings and inheritances from unknown relatives, etc.
    • Typos and other errors, these often mark fraudulent communications

Online and Mobile Banking Security Tips

Protecting your personal and financial information is more important than ever. Safeguarding your information can be as simple as consistently reviewing your bank accounts and reporting any suspicious activity.

  • There are a number of other things you can do to stay safer online:
    • Never share your Access ID, User Name, Passwords or Security Challenge Information
    • Do not use personal information as your Access ID, User Name or Password
    • Create difficult passwords that include letters (both upper and lower case) and numbers
    • Change your password frequently
    • Avoid using public computers to access your Internet Banking
    • Do not provide personal information to web sites that do not use encryption and secure connections
    • Ensure that your computer is equipped with firewalls and up-to-date anti-virus software protection
    • Stay current on all software updates on your device
    • Disable Bluetooth and Wi-Fi when not in use
    • Always sign out and log off when finished with your online banking applications
    • Never click on suspicious links in emails, posts or online advertising
    • Do not trust sites with certificate warnings or errors.
    • Only download files from trusted sources on the Internet
    • Balance your accounts frequently and report any irregularities immediately
    • Use a paper shredder to destroy all paper documents containing confidential information before placing in the garbage

Regulation E: Electronic Funds Transfer

Regulation E protects individual consumers engaging in electronic fund transfers (EFT). Non-consumer (or business) accounts are not protected by Regulation E. The term “electronic funds transfers” or “EFT,” generally refers to the electronic exchange or transfer of money from one account to another, either within a single financial institution or across multiple institutions initiated through electronic-based systems.

  • EFT transactions include, but are not limited to:
    • Point-of-sale transfers
    • Automated Teller Machine transfers (ATM)
    • Direct deposits or withdrawal of funds
    • Transfers initiated by telephone
    • Transfers resulting from debit card transactions, whether or not initiated through an electronic terminal
    • Transfers initiated through internet banking/bill pay
    • Electronic check conversion, where you authorize a merchant to make a one-time electronic payment from your account using information from your check
    • Electronic returned check charge, whey you authorize a merchant to initiate an EFT to collect a charge in the event a check is returned for insufficient funds
  • The term EFT does not include:
    • Checks – any transfer of funds originated by check, draft or similar paper instrument or any payment made by check, draft or similar paper instrument at an electronic terminal
    • Check Guarantee or Authorization – Any transfer of funds that guarantees payment or authorizes acceptance of a check, draft or similar paper instrument but does not directly result in a debit or credit to a consumer’s account
    • Wire or other similar transfers – Any transfer of funds through a wire transfer system that is used primarily for transfers between financial institutions or between businesses
    • Securities and Commodities Transfers – Any transfer of funds for the primary purpose of the purchase or sale of a security or commodity, if the security or commodity is:
      • Regulated by the Securities and Exchange Commission (SEC) or the Commodity Futures Trading
      • Purchased or sold through a broker-dealer regulated by the SEC or through a futures commission merchant regulated by the Commodity Futures Trading Commission
      • Held in book-entry form by a Federal Reserve Bank or federal agency
    • Automatic transfers by account-holding institution – Any transfer of funds under an agreement between a consumer and a financial institution, which provides that the institution will initiate individual transfers without a specific request from the consumer:
      • Between a consumer’s accounts within the financial institution
      • From a consumer’s account to an account of a member of the consumer’s family held in the same financial institution
      • Between a consumer’s account and an account of the financial institution, except that these transfers remain subject to Section 205.10(e) regarding compulsory use and sections 915 and 916 of the act regarding civil and criminal liability.
    • Telephone-initiated transfers – Any transfer of funds that:
      • Is initiated by a telephone communication between a consumer and financial institution making the transfer; and
        Does not take place under a telephone bill-payment or other written plan in which periodic or recurring transfers are contemplated.
      • Small institutions – Any preauthorized transfer to or from an account if the assets of the account-holding financial institution were $100 million or less on the preceding December 31. If assets of the account-holding institution subsequently exceed $100 million, the institution’s exemption for preauthorized transfers terminates one year from the end of the calendar year in which the assets exceed $100 million.

If you believe an unauthorized EFT has been made on your account, contact us immediately. If you notify us within two (2) business days after you learn of the unauthorized transaction, the most you can lose if $50. Failure to notify the bank within two (2) business days may result in additional losses.

Unlimited loss to a consumer account can occur if the periodic statement reflects an unauthorized transfer of money from your account, and you fail to report the unauthorized transfer to the bank within 60 days after we mailed your first statement in which the problem or error appeared.

Commercial (Business) Banking Internet Security

In addition to the information provided here regarding internet banking security, Commercial and Small Business account holders should institute additional measures in order to further protect their online banking information.

  • For example:
    • Perform your own annual internal risk assessment and evaluation on all online accounts
    • Establish internal policies regarding employee internet usage
    • Ensure all company computers are updated regularly and equipped with up-to-date anti-virus protection software

Compromised Cards

A compromised card is a card that is at risk of being used fraudulently. Cards may be compromised due to computer theft, unauthorized network intrusion, or any type of suspicious activity.

  • If your Gratz Bank Debit Card is lost or stolen, please call the appropriate number below as soon as possible:
    • For Lost/Stolen Debit Cards: (800) 528-2273
    • For Debit Card Fraud Department: (800) 889-5280
    • For Bill Payment Fraud Department: (844) 861-4207
    • Debit Card Chargebacks/Transaction Disputes: (800) 808-6402
    • After-hours Customer Support: (866) 664-9364
  • With our Mobile Banking and MobiMoney applications you can conveniently manage your accounts and debit cards on your smart phone, giving you more control and peace of mind.


Additional Resources for online security

Consumer Information: Identity Theft
Consumer Information: Wiring Money
Protecting Your Business: Start With Security
Consumer Action: Complaints
FDIC Consumer Protection
NACHA Fraud Resources
US Department of Homeland Security
Federal Communication Commission - Business Cyber-planner
Federal Trade Commission: Identity Theft by Mobile Phone
Federal Trade Commission: Tips for Using Public WiFi Networks