Security Center - Secure Banking WesBanco

NOTICE: Internet Explorer was retired by Microsoft on June 15th, 2022 and is no longer supported. This could change how you access Online Banking.

Skip Navigation
Family sitting on living room couch with laptop, tablet and smart phones reviewing safe online practices

Banking Security Center

WesBanco, Inc. is committed to ensuring the security of our customer’s personal and financial information.  We recognize the best line of defense against banking fraud is providing you with the technology, educational tools, and information aimed at protecting you, your information, and your money.

Learn More

icon of a person and a hand

If you suspect fraudulent activity on your WesBanco Account call:

800-905-9043

 

Important to Know

WesBanco Bank will never contact you via unsolicited phone calls, emails, text messages, or over any other mediums to request your online banking credentials or personal information.  As your bank, we already have that information on file and will therefore never request such information.

 

Identifying WesBanco Text Messages

WesBanco will send text messages occasionally, from Account Alerts to Customer Feeds.  These messages are sent from secured short codes – abbreviated phone numbers that are five or six digits-long and are unique to the sender. Scammers are sending text messages from 10-digit phone numbers that could look like they come from WesBanco. If a message looks questionable, always verify by calling WesBanco at 800-905-9043 before clicking any link.  Click here for a list of WesBanco’s short codes.

 

Report Suspicious Activity: 800-905-9043

If you ever question the legitimacy of a request for your information or received a suspicious text message that says it’s from WesBanco, do not respond or click any links.  Report it immediately.

 

Explore our library of educational content which features more in-depth articles centered on fraud and cybersecurity.

Learn More

Fraud Prevention Tools

In today’s digital age, ensuring financial security is more important than ever, as incidents of banking fraud continue to rise. These fraud prevention tools play a crucial role in ensuring your financial security by monitoring transactions and detecting suspicious activity in real time.

Recognizing Scams

  • Phishing is a type of social engineering scam that involves tricking people into giving away sensitive information or installing malware.  Phishing attacks can come in many forms, including emails, text messages, or phone calls.

    Here are some examples of phishing:

    • Spoofing: A phishing email may appear to be from a legitimate business, such as a bank or credit card company, and ask for personal information. The email may include a link to a website that looks similar to the real thing, but is actually a fake website designed to steal information. 
    • Spear phishing: A targeted phishing attack that uses information about a specific person or company to make the message more convincing. For example, a spear phishing email might appear to be from someone’s employer or bank. 
    • Whaling: Also known as business email compromise (BEC), is a type of cyber attack that targets high-ranking individuals within an organization to steal sensitive information or money.
    • Mass campaigns: A phishing campaign that sends emails to millions of inboxes without targeting specific people or companies. 
    Some risks of phishing include:
    • Theft of money from a bank account.
    • Fraudulent charges on a credit card.
    • Loss of access to photos, videos, and files.
    • Fake social media posts made in a person’s accounts.
    • Cybercriminals impersonating a person, putting friends or family members at risk. 

       

  • Social engineering is the tactic of manipulating, influencing, or deceiving a victim in order to gain control over a computer system, or to steal personal and financial information.  It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.

    Social engineering attacks can involve a variety of techniques, including:
    • Impersonation: Fraudsters may impersonate an important client or a representative of a government agency to gain the victim’s trust.
    • Quid pro quo: Attackers may offer a service or benefit in exchange for sensitive information, such as tech support or free software.
    • Tailgating: Attackers may trick users into using their own access cards to gain physical access to a building.
    • Watering hole attacks: Attackers may compromise a website that is likely to be visited by a specific group of people.
    • Altered communications: Attackers may alter sensitive communications and forward them to others to create distrust or embarrassment.
    Social engineering attacks often involve multiple steps, including researching the victim and gaining their trust before manipulating them.

  • Spoofing is a cybercrime where someone or something pretends to be a trusted source to gain access to personal information, money, or data.

    Spoofing can take many forms, including:
    • Email spoofing: A common type of spoofing that involves sending a fake email that appears to be from a legitimate source.
    • Text message spoofing: Also known as “smishing“, this involves sending a fake text message that appears to be from a legitimate source.
    • Caller ID spoofing:  A phone scammer changes their phone number and caller ID name to conceal their true identity.
    • GPS spoofing: A fake GPS signal is sent to a GPS receiver, causing all GPS devices in the area to show an incorrect location.
    • ARP spoofing: A malicious actor links their MAC address to a legitimate network IP address to receive data intended for the owner of that IP address.
    Spoofing attacks can lead to data breaches, financial loss, malware infections, and damage to an organization’s reputation. To protect against spoofing, individuals and organizations can implement security measures such as: email authentication protocols, network monitoring, encryption, and security awareness training.

  • Some of the top scams to watch out for in 2024 include: 

    • Gift Card Scams: Only scammers will tell you to buy a gift card, like a Google Play or Apple Card, and give them the numbers off the back of the card. No matter what they say, that’s a scam. No real business or government agency will ever tell you to buy a gift card to pay them. Always keep a copy of your gift card and store receipt. Use them to report gift card scams to the gift card company and ask for your money back.
    • Latest Gift Card Scam – Gift Card Draining: Someone steals a gift card and then copies the card number and security code before resealing it, making it difficult to notice it’s been compromised. When another person later purchases the card and puts money on it, the scammer then takes the money, or “drains” the card of its funds. Buying gift cards that are next to cashier or directly from the retail store the gift card is for.
    • Government impersonation: In 2023, consumers reported losing nearly $76 million to government impersonation scams, and in the first quarter of 2024, consumers reported losing $20 million. Scammers often target consumers for cash payments. 
    • Imposter scams: Scammers may pretend to be a loved one and ask for money or sensitive personal information. This is known as the “grandparent scam” or the “sweetheart scam”. 
    • Health insurance scams: Scammers may target seniors by claiming to be a Medicare representative and asking for personal information or fees.
    • Synthetic identity fraud: This is the most common form of identity theft, and criminals are expected to continue exploiting weak IT protocols. 
    • Fake charity schemes: This includes fake GoFundMe campaigns, social media giveaways, and charity fundraising. 
    • Cryptocurrency investment fraud: This is also known as “pig butchering” and is one of the most prevalent and damaging fraud schemes. 
    • AI-powered scams: Fraudsters can use AI to create fake identities online and through social media. 
    • Business email compromise (BEC): Scammers pose as legitimate business contacts to deceive victims.
    • Employment scam: Fraudsters pretend to be potential employers.
    • Lottery and sweepstakes scams: Scammers use fake lotteries and sweepstakes to exploit victims.
    • Online and payday loan scams: Deceptive schemes related to online loans.
    • Romance scam: Scammers build fake romantic relationships to defraud victims.

    Remember: Securing your passwords, Locking your credit accounts, and Being wary of offers that seem too good to be true.

     

  • See if you think each situation is legit or a scam.  Click the tab below:

    Remember, these conversations can happen anywhere — on the phone, by text, or online.

     

How to Protect Yourself

  • Strong passwords are long, unique, and hard to guess.

    Here are some tips for creating strong passwords:

    • Length: Make your password at least 12 characters long, but 14 or more is better.
    • Complexity: Use a combination of uppercase letters, lowercase letters, numbers, and symbols.
    • Uniqueness: Use a different strong password for each account.
    • Avoid common words: Don’t use words that are easy to guess, like “password”,
    • Avoid personal information: Don’t use your name, address, phone number, or other personal information. 
    • Use a passphrase: Use a memorable phrase, like a quote or lyric, and include numbers and symbols.
    • Change it periodically: Change your password regularly.

    You can also use a password generator to create a strong password, and then use a password manager to keep track of it.

     

  • Multi-factor authentication (MFA) is a security method that requires users to provide more than just a password to access an account or website. MFA is a layered approach that uses multiple factors to verify a user’s identity.

    MFA is important because it can help prevent unauthorized access to accounts, even if a password is compromised.

     

    Some examples of MFA include:
    • Something you know: A password or memorized PIN.
    • Something you have: A smartphone or secure USB key.
    • Something you are: A fingerprint or facial recognition.

     

    Some ways MFA can be implemented include:

    • Sending a code to your phone: An authentication code or one-time passcode is sent to your phone via SMS text message or voice message.
    • Push notifications: An authentication code or one-time passcode is delivered to your mobile device via a push notification that appears on your lock screen.
    • Software authenticators: A one-time login PIN is generated by a software authenticator, or “app-based token” .

  • Keeping your software up to date is important for security because it helps protect your devices and data from cyber threats.

    • Fixes security flaws: Software updates often include security patches that fix known vulnerabilities that attackers can exploit. 
    • Prevents data breaches: Outdated software can increase the risk of data breaches, where criminals can steal, sell, or use your data against you. 
    • Prevents file corruption: Updates can correct problems that could corrupt your files. 
    • Prevents device compromise: New security features make it harder for attackers to compromise your devices.

     

    Here are some tips for keeping your software up to date: 

    • Enable automatic updates: Many devices and apps can install updates automatically. 
    • Check for updates regularly: If your device doesn’t have automatic updates, check for them manually at a set time. 
    • Install updates from official sources: Install updates from your device’s standard OS update feature or a trusted app store. 
    • Be wary of suspicious pop-ups: Don’t click on buttons in suspicious pop-ups that ask you to download a software update. These are often phishing attempts. 
    • Follow the developer’s instructions: Different applications may have different ways of updating, so follow the instructions provided by the developer. 

  • 1. Recognize

    Look for these common signs:

    • Urgent or emotionally appealing language, especially messages that claim dire consequences for not responding immediately
    • Requests to send personal and financial information
    • Untrusted shortened URLs
    • Incorrect email addresses or links, like amazan.com

    A common sign used to be poor grammar or misspellings although in the era of artificial intelligence (AI) some emails will now have perfect grammar and spelling, so look out for the other signs.

    2. Resist

    If you suspect phishing, resist the temptation to click on links or attachments that seem too good to be true and may be trying to access your personal information. Instead, report the phish to protect yourself and others. Typically, you’ll find options to report near the person’s email address or username. You can also report via the “report spam” button in the toolbar or settings.

    3. Delete

    Delete the message. Don’t reply or click on any attachment or link, including any “unsubscribe” link.

    Just delete.

Important Numbers and Links

  • The Internet Crime Complaint Center, or IC3, is the Nation’s central hub for reporting cyber crime. It is run by the FBI, the lead federal agency for investigating cyber crime. Here on our website, you can take two vital steps to protecting cyberspace and your own online security.

    File a Complaint

  • The Federal Trade Commission (FTC) is a federal agency that protects consumers and promotes competition by enforcing laws that prevent unfair and deceptive business practices.

    Report Fraud

     

  • The Better Business Bureau (BBB) is a private organization that provides the public with information on businesses and charities. It also handles consumer complaints about firms.

    File a Complaint

     

  • 800-905-9043

Find a Location Near You!

WesBanco operates branches and offices in 8 states. Over the past decade, we have built a national reputation as a safe, sound and profitable bank holding company that always strives to do better by its customers.

Locations
Wesbanco bank building