Main > Internet Security

Security Center - Security FAQ's and Links

Email Security and Phishing Scams
How does phishing work?

Phishing e-mails are often sent out as spam to numerous recipients and appear to come from legitimate businesses, sometimes even duplicating legitimate logos and text. Within the message, you may be requested to click on a link that takes you to a fraudulent site or pop up window where you are asked to submit personal and financial information. Messages may imply a sense of urgency or immediate risk to bank accounts or credit cards if you fail to answer, increasing the chances of a response. Special offers and prizes may also be promoted as incentives.

What phishers do with your personal information:

Phishers can access your accounts using your passwords and other information to withdraw money or make purchases. Personal information can also be used by phishers to open new bank or credit card accounts in your name.

FDIC Consumer Alerts:

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC. Click here to learn more about email scams. For more information, read the FDIC Phising ID theft brochure.

What should I look for in a valid message from GVB?

A valid GVB message:

  • Personalized Name
  • We will never ask for your account number, usernames, or passwords
  • You will never be asked to fill out a form with your Bank information
  • If you are asked to call a phone number, check the phone number with directory information (411) before dialing the number you were given, or check our web site at
  • Emails will not convey a sense of urgency, we will call you for any account issues
Signs that your message may be a phishing e-mail

The message below illustrates some of the e-mail components that are not acceptable in a GVB e-mail. In this example, phishers used a valid e-mail name "GVB Contact ", but the actual e-mail address itself did not belong to GVB.

  • Email address in the "From" field do not contain a valid email address from
  • GVB would never ask for you to reactivate your account through an email
  • Misspellings
  • Branding is poor
  • Poor use of grammar
  • Wrong URL:
    • Even though it looks like the URL ("link") displays, if you right click on the link with your mouse and choose "properties", it will show you the true link
    • Some scam artists will integrate the brand name into a URL such as:
      • - this makes it look like it is from GVB but is actually going to which could be a scam site.

 If it sounds too good to be true...
It probably is. Don't be conned by convincing emails offering you the chance to make some easy money. As with most things, if it looks too good to be true, it probably is. Be cautious of unsolicited emails from overseas - it is much harder to prove legitimacy of the organizations behind the emails.

How GVB Protects You

GVB is continuously working to ensure your online security against phishing schemes.

Since 2003, phishing attacks have greatly increased. One industry group, the Anti-Phishing Working Group, claims that the financial services are the most common targets of phishing.

If you receive an unsolicited e-mail that appears to be from GVB or any business with which you do business and the e-mail requests that you click a link and re-enter your personal information or password, you should contact the company directly. Type or the business' website address directly instead of clicking the link in the e-mail. If you are unsure of the authenticity of an e-mail, delete it.

At GVB we go to great lengths to protect your personal information and ensure GVB Online Banking is secure. If you ever doubt the legitimacy of any e-mail claiming to originate from GVB, please call GVB Online Banking at 1-530-894-1000.

GVB e-mail best practices

GVB sends:

  • solicited e-mails that respond to customer requests
  • welcome e-mails
  • e-mails that contain information about Bank or Community events, nothing relating to account access or account troubles

GVB does not send e-mails:

  • asking the customer to provide, confirm or update personal records
  • from a third party address or link to a third party site
  • containing no information about why a customer is receiving e-mail
  • requiring an urgent response
What You Can Do 

Report your abuse - click here for more information

GVB wants to help you stay informed. By knowing how to protect yourself, you can avoid becoming a victim of online scams.

The United States Department of Justice recommend these three steps to defend against phishing schemes: Recognize it, Report it and Stop it.