Prevent ID Theft & Fraud - Cogent Bank

Lost or Stolen Debit Card

To report a lost or stolen debit card please call 407.545.2662 during normal operating hours. After hours, please call 1.800.500.1044 immediately or access www.visa.com

Routing Number

Our Bank Routing and Transit Number is: 063114661

You will be linking to another website not owned or operated by Cogent Bank. Cogent Bank is not responsible for the availability or content of this website and does not represent either the linked website or you, should you enter into a transaction. The inclusion of any hyperlink does not imply any endorsement, investigation, verification or monitoring by Cogent Bank of any information in any hyperlinked site. We encourage you to review their privacy and security policies which may differ from Cogent Bank.

If you "Proceed", the link will open in a new window.

Proceed

You are leaving Cogent Bank and going to Cogent Private Wealth, a boutique advisory firm offering comprehensive financial planning and investment management services. Some of their products are NOT INSURED BY ANY FEDERAL GOVERNMENT AGENCY; NOT GUARANTEED BY THE BANK; and MAY LOSE VALUE.

If you "Proceed", the link will open in a new window.

Proceed

Please note that by clicking on this email address, you are leaving the Cogent Bank website and accessing an external email platform. Cogent Bank has no control over the content of any communications contained within this platform and cannot be held responsible for any information exchanged. We caution users to be careful when sharing any personal or sensitive information via email, as it may be intercepted or misused by third parties. By using this email platform, you accept full responsibility for any risks that may arise from its use.

If you "Proceed", the link will open in a new window.

Proceed

Menu

Support      Resources      Prevent ID Theft & Fraud

Prevent ID Theft
& Fraud

Identity Theft, Fraud and Other Protection Measures

Mortgage Postcard Scam

What are these postcards, and who is sending them?

We have been made aware of a postcard scam asking clients to call a number about a time-sensitive matter on their mortgage. These postcards (which come in a variety of colors) are being sent to clients all around the country.

Please be aware that this is a scam and did not come from Cogent Bank, or any financial institution. There is a small disclaimer in the bottom right corner indicating the sender is “not affiliated with, sponsored by, and loan information not provided by Cogent Bank.” It does further state that the information was provided by “LeadPros.”

How did the postcard senders get my information?

We’re committed to protecting your personal information. We would never send you a postcard requesting that you call us regarding your mortgage. Likewise, we do not sell or otherwise distribute it to non-affiliate third parties.

However, some information about mortgages, regardless what lender the consumer works with, is public record. That’s how someone like this may obtain your contact information. Do note that the account number listed does not match yours; this should immediately alert you to the likelihood of this being a scam.

What if I call the number on the postcard?

We advise you NOT call the number listed. Calling the number may connect you with a real person, or it may connect you to automated recording prompts. Regardless, do not offer them your personal information.

What should I do if I get this postcard?

The best thing to do is disregard the postcard. Dispose of it however you would any other junk mail you receive. Please contact us at 1-888-577-0404 should you have additional questions.

If you would like to take further action, consider filing a complaint with the Florida State’s Attorney General’s Consumer Protection Division.

Automated Teller Machine (ATM) and debit cards

  • Use ATMs that are familiar or that are in well-lit locations where you feel safe and comfortable. If the machine is poorly lit or is in a hidden area, use another ATM.
  • Have your card ready before approaching the ATM. Avoid having to go through your wallet or purse to find the card.
  • Do not use ATMs that appear to have been tampered with or otherwise altered. Report such condition to the bank or ATM provider.
  • Memorize ATM personal identification number (PIN) and never disclose it to anyone. Do not keep your numbers or passwords in your wallet or purse. Never write them on the cards themselves and avoid using easily available personal information like a birthday, nickname, mother’s maiden name or consecutive numbers.
  • Be mindful of “shoulder surfers” when using ATMs or POS terminals. Stand close to the ATM/POS  terminal and shield the keypad with hand when keying in the PIN and transaction amount.
  • If the ATM is not working correctly, cancel the transaction and use a different ATM. If possible, report the problem to the bank.
  • Carefully secure your card and cash in your wallet, purse, or pocket before leaving the ATM or POS terminal.
  • Do not leave the receipt behind. Compare ATM receipts to a monthly statement. It is the best way to guard against fraud and it makes record-keeping easier.
  • Do not let other people use your card. If your card is lost or stolen, report the incident immediately to the bank.

Corporate Account Takeover

What is a corporate account takeover?

“Corporate account takeover” is when cyber criminals gain control of a business’ bank account by stealing the business’ valid online banking credentials. Although there are several methods being employed to steal credentials, the most prevalent involves malware that infects a business’ computer workstations and laptops.


A business can become infected with malware via infected documents attached to an email or a link contained within an email that connects to an infected website. In addition, malware can be downloaded to users’ workstations and laptops by visiting legitimate websites – especially social networking sites – and clicking on the documents, videos, or photos posted there. This malware can also spread across a business’ internal network.


The malware installs key logging software on the computer, which allows the perpetrator to capture a user’s credentials as they are entered at the financial institution’s website. Sophisticated versions of this malware can even capture token-generated passwords, alter the display of the financial institution’s website to the user, and/or display a fake Web page indicating that the financial institution’s website is down. In this last case, the perpetrator can access the business’ account online without the possibility that the real user will log in to the website.


Once installed, the malware provides the information that enables the cyber criminals to impersonate the business in online banking sessions. To the financial institution, the credentials look just like the legitimate user. The perpetrator has access to and can review the account details of the business, including account activity and patterns and electronic (ACH) and wire transfer origination parameters (such as file size, frequency limits, and Standard Entry Class (SEC) Codes).


Cyber criminals use the sessions to initiate funds transfers, by ACH or wire transfer, to the bank accounts of associates within the U.S. These accounts may be newly opened by accomplices or unwitting “money mules” for the express purpose of receiving and laundering these funds. A “money mule” is a person who transfers stolen money or merchandise from one country to another, either in person, through a courier service, or electronically. The term is commonly used to describe online scams that prey on victims who are unaware that the money or merchandise they are transferring is stolen. In these scams, the stolen money or merchandise is transferred from the victim’s country to the scam operator’s country. The accomplices or mules withdraw the entire balance shortly after receiving the money, and then send the funds overseas via over-the-counter wire transfer or other common money transfer services.

Why are businesses and organizations targeted?

Cyber criminals appear to be targeting businesses, as well as government agencies and nonprofits, for several reasons:

  • Many businesses and organizations have the capability to initiate funds transfers – ACH credits and wire transfers – via online banking (individual consumers generally do not have this capability except for payees set up in online bill payment systems).
  • This funds transfer capability is often related to a business’ origination of payroll payments.
  • In corporate account takeover, cyber criminals may add fictitious names to a payroll file (directed to the accounts of money mules) and/or initiate payroll payments off-cycle to avoid daily origination limits.
  • Some businesses do not have the level of resources to defend their information technology systems.
  • Many businesses do not monitor and reconcile their accounts on a frequent or daily basis.
  • Some businesses bank with a wide variety of financial institutions with varying degrees of IT resources and sophistication.

Prevention, detection, & reporting for business customers account control

  • Reconcile all banking transactions daily.
  • Initiate ACH and wire transfer payments under dual control, with a transaction originator and a separate transaction authorizer.
  • Utilize routine reporting on transactions.
  • Perform periodic risk assessment of the banking products/services you use, including regular reviews of user access levels, dollar limits, and activity.
  • Immediately report any suspicious transactions to the financial institution.
  • Stay in touch with other businesses and industry sources to share information regarding suspected fraud activity.
  • Government entities (i.e. FDIC, IRS, etc.) will not contact business customers to request software installation or the customer’s access credentials.

Computer security tools & best practices

  • Install a dedicated, actively managed firewall. A firewall limits the potential for unauthorized access to a network and computers.
  • Install commercial anti-virus software on all computer systems.
  • Ensure virus protections and security software are updated regularly.
  • Ensure computers are patched regularly, particularly operating systems and key applications, with security patches.
  • Consider installing spyware detection programs.
  • Be suspicious of emails purporting to be from a financial institution, government department, or other agency requesting account information, account verification, or banking access credentials such as usernames, passwords, PIN codes, or similar information. If you are not certain of the source, do not click any links.
  • Create strong passwords.
  • Prohibit use of “shared” usernames and passwords for online banking systems.
  • Use a different password for each website that is accessed and change the password several times each year.
  • Never share username and password information with third-party providers.
  • Limit administrative rights on users’ workstations.
  • Carry out all online banking activities from a stand-alone computer system from which email and Web browsing are not possible.
  • Verify use of a secure session (“https”) in the browser for all online banking.
  • Avoid using an automatic login feature that saves usernames and passwords for online banking.
  • Never leave a computer unattended while using any online banking or investing service.
  • Never access bank, brokerage, or other financial services information at Internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account numbers and sign on information leaving the customer vulnerable to possible fraud.

Recommendations if you are a victim of a corporate account takeover

  • Immediately cease all activity from computer systems that may be compromised. Disconnect the Ethernet or other network connections to isolate the system from remote access.
  • Immediately contact your financial institution and request assistance with the following actions:
    • Disable online access to accounts.
    • Change online banking passwords.
    • Open new account(s) as appropriate.
    • Request the financial institution’s agent review all recent transactions and electronic authorizations on the account.
    • Ensure that no one has requested an address change, title change, PIN change, or ordered new cards, checks, or other account documents be sent to another address.
  • Maintain a written chronology of what happened, what was lost, and the steps taken to report the incident to the various agencies, banks, and firms impacted. Be sure to record the date, time, contact telephone number, person spoken to, and any relevant report or reference number and instructions.
  • File a police report and provide the facts and circumstances surrounding the loss. Obtain a police report number with the date, time, department, location, and officer’s name taking the report or involved in the subsequent investigation. Having a police report on file will often facilitate dealing with insurance companies, banks, and other establishments that may be the recipient of fraudulent activity. The police report may initiate a law enforcement investigation into the loss with the goal of identifying, arresting, and prosecuting the offender and possibly recovering losses.
  • This document is for information purposes only and is not intended to provide legal advice. The guidance included is not an exhaustive list of actions and security threats change constantly.

Identity Theft Resources

Federal Trade Commission

The Federal Trade Commission has provided important information on identity theft. Visit the Federal Trade Commission site now to read about identity theft and how you can protect your sensitive information.(Opens in a new window)

The Credit Reporting Agencies

Contact the fraud units of the three credit reporting agencies: Equifax, Experian and Trans Union. Ask them to place a fraud alert on your credit report to help prevent new fraudulent accounts from being opened. Keep track of when it expires so you can ask for another one, if necessary. However, not all creditors check your credit report before issuing a new account.
As an ID fraud victim, you are entitled to a free copy of your credit report. Also, ask the agencies for a copy of your credit report every three months once you have become a victim. This can help determine how many and which accounts listed are fraudulent. You can also identify the existing accounts that have been stolen.
Equifax 1-800-525-6285 | www.equifax.com (Opens in a new window)
Experian 1-888-397-3742 | www.experian.com (Opens in a new window)
Trans Union 1-800-680-7289 | www.transunion.com (Opens in a new window)

United States Secret Services (USSS)

The USSS is a federal agency that investigates financial crimes. Generally, the USSS will intervene only when the dollar amount of the crime is high. However, they should still be notified in case it is part of a larger fraud ring.


U.S. Secret Service

Contact your local field office. (Opens in a new window)

www.secretservice.gov/contact/field-offices (Opens in a new window)

Social Security Administrations (SSA)

If you detect fraudulent use of your social security number, report it to the SSA. The SSA does not generally act unless there is a high dollar amount, workplace impersonation or crimes committed in your name. They will only change your SSN if you fit their fraud victim criteria.
Social Security Administration6401 Security BoulevardBaltimore, MD 21235

1-800-269-0271 (Social Security Administration fraud hotline)

www.ssa.gov (Opens in a new window)