Virginia Commonwealth Bank

Online Banking with Virginia Commonwealth Bank

Virginia Commonwealth Bank's Commitment to Security

Each year more and more Americans have their identity stolen and the staff and management of Virginia Commonwealth Bank (hereafter referred to as VCB) wants to give you the information you need to help protect yourself against identity theft. One of VCB’s top priorities is to safeguard YOUR confidential information and we work diligently to do so. We always work with the local regulatory and law enforcement agencies to be certain any type of illegal activity is stopped as soon as possible. The VCB will contact and update you, our customers, with information concerning identity theft and malware issues.

VCB has multi-layer security to protect your confidential information and will continue to be vigilant in protecting it. Consumer and business customers should immediately report any suspicious emails or websites to VCB by forwarding the message to If you suspect identity theft or have any questions regarding this notice, please contact VCB by calling 804-732-2350 or by email to

While we cannot guarantee that your identity will never be stolen, we will NEVER request personal information by email or text messaging including account numbers, passwords, personal identification information or any other confidential customer information. Fraudulent emails may be designed to appear as though they are originated by VCB. Do not respond to any email communications which request any type of personal or confidential information and do not go to any links listed on that email. These communications are not originated by VCB.

When you contact us, we may verify the last 4 digits of your social security number to confirm your identity. We will never contact you and ask for your debit or credit card number or your full social security number. If we need to contact you, it will always be done in a manner that protects your personal and confidential information, and we will clearly identify ourselves.

FDIC’s "A Bank Customer's Guide to Cybersecurity”

Consumers increasingly rely on computers and the Internet for everything from shopping and communicating to banking and bill paying. While the benefits of faster and more convenient "cyber" services are clear, the strategies for preventing online fraud and theft may not be as well-known by many bank customers. That is why the FDIC has produced a special edition of the agency's quarterly FDIC Consumer News (Winter 2016) entitled "A Bank Customer's Guide to Cybersecurity." Click here to go to the FDIC Consumer News.

What is Identity Theft?

Identity theft involves the unlawful acquisition and use of someone's identifying information, such as:

1. Name
2. Address
3. Date of Birth
4. Social Security Number
5. Mother's Maiden Name
6. Drivers License
7. Bank or Credit Card Account Number
8. Personal Identifiable Number (PIN)

Thieves then use the information to repeatedly commit fraud in an attempt to duplicate your identity which may include opening new accounts, purchasing automobiles, applying for loans, credit cards, or social security benefits, renting apartments, or establishing services with utility and telephone companies. It may have a negative effect on your credit and create a serious financial hassle for you.

How do You protect Yourself?

1. Report lost or stolen checks or credit cards immediately
2. Never give out any personal information including birth date, social security numbers or passwords
3. Shred all documents containing personal information, like bank statements, unused checks,
deposit slips, credit card statements, pay stubs, medical billings, and invoices.
4. Review statements promptly and carefully, and periodically check your credit report.
5. Don't give any of your personal information to any web sites that do not use encryption or other secure methods to protect it.

Online Banking Security

Virginia Commonwealth Bank is committed to protecting your personal information. Our Online Banking uses several different methods to protect your information. All information within our Online Banking uses the Secure Socket Layer (SSL) protocol for transferring data. SSL is a cryptosystem that creates a secure environment for the information being transferred between your browser and Virginia Commonwealth Bank. All information transferred through Online Banking has a 128-bit encryption which one is the highest level of encryption. In addition to the security features put in place by Virginia Commonwealth Bank, here are some tips on keeping your information secure.

1. Never give out any personal information including user names, passwords, social security number, and date of birth.
2. Create difficult passwords which include letters, numbers, & symbols when possible.
3. Create password of at least 8 characters or more in length.
4. Don't use personal information for your user names or passwords like your date of birth, pets’ names, parents’ names, where you attended school, or social security number
5. Avoid using public computers to access your Online Banking
6. Don't give any of your personal information to any web sites that do not use encryption or other secure methods to protect it
7. Do not use the password auto-save feature on your browser
8. Use the passcode feature on your phones and tablets.
9. Use the “Find Your Phone” application or method available on your phone or tablet.
10. Do not use Wi-Fi in public places, such as restaurants, to transfer data to Online Banking.

Debit Card and Credit Card Protection

Debit and credit card usage has increased dramatically in recent years as has the fraudulent use of these cards. Virginia Commonwealth Bank has some suggestions for you for the care and usage of debit and credit cards.

1. NEVER give your debit or credit card information when requested by phone, email, or texting. Neither Virginia Commonwealth Bank, nor any other bank, will ever request information from you in this manner. Please contact us if you receive any such request.
2. It is a good idea to pay by credit card if your card leaves your sight. An example might be when a waiter takes your card from your table in a restaurant or when ordering online. Debit cards are easier to process illegally than credit cards.
3. Make sure when using your debit card that no one can see your PIN.
4. If you lose your debit or credit card, report it immediately to the appropriate financial institution.

Self-Assessment for Online Banking and Other Financial Institution Products

Are you keeping your information secure? Are you taking steps to protect sensitive information? Safeguarding sensitive data in your files, on your computers, phones, and tablets is just plain good business. After all, if that information falls into the wrong hands, it can lead to fraud or identity theft.

Consumer, Business, and Commercial Online Banking customers are strongly encouraged to perform an annual self-assessment focusing on their online banking practices and network security. A Self- Assessment will help evaluate whether you have implemented sound security practices to address the five key security practices and principles. The Federal Trade Commission, Bureau of Consumer Protection defines the five key principals as follows:

1. Take stock. Know the nature and scope of the sensitive information contained in your files and on your equipment.
2. Scale down. Keep only what you need for your records.
3. Lock it. Protect the information in your care.
4. Pitch it. Properly dispose of what you no longer need.
5. Plan ahead. Create a plan to respond to security incidents.

Take Stock - Know the nature and scope of the sensitive information contained in your files, computers, phones, and tablets.

1. Take inventory of all file storage and electronic equipment and where you store sensitive data.
2. For business and commercial customers, talk with your employees and outside service providers to determine who sends sensitive information to your business, and how it is sent.
3. Consider all of the methods with which you collect sensitive information and what kind of information you collect.
4. Review where you keep the information you collect, and who has access to it.

Scale Down - Keep only what you need. Some of the items listed below are valid for business or commercial customers

1. Use Social Security numbers only for required and lawful purposes. Don’t use them as employee identifiers or customer locators.
2. Keep customer credit card information only if you have a business need for it.
3. Review the forms you use to gather data — like credit applications and fill-in-the-blank web screens for potential customers — and revise them to eliminate requests for information you don’t need.
4. Change the default settings on your software that reads customers’ credit cards. Don’t keep information you don’t need.
5. Truncate the account information on any electronically printed credit and debit card receipts that you give your customers. You may include no more than the last five digits of the card number, and you must delete the card’s expiration date.
6. Develop a written records retention policy, especially if you must keep information for business reasons or to comply with the law.
7. Destroy receipts after they have been checked with bank records
8. Do not use social security number unless necessary such as driver’s license or on checks.

Lock It - Protect the information that you keep.

1. Put documents and other materials containing sensitive information in a safe, locked room or file cabinet.
2. Remind employees and family members to put files away, log off their computers, and lock their file cabinets, safe and office doors at the end of the day.
3. For business, implement appropriate access controls for your building.
4. Encrypt sensitive information if you must send it over public networks.
5. Regularly run up-to-date anti-virus and anti-spyware programs on individual computers.
6. Require all users to use strong passwords.
7. Caution users against transmitting personal information via e-mail.
8. Create security policies for laptops used at all times including within your office or home, and while traveling.
9. Use a firewall to protect your computers and your network.
10. Set “access controls” to allow only trusted employees with a legitimate business need to access the network.
11. Monitor incoming Internet traffic for signs of security breaches.
12. Create procedures to ensure workers who leave your organization no longer have access to sensitive information.
13. Educate employees and family members about how to avoid phishing and phone pretexting scams.
14. For business, check references and do background checks before hiring employees who will have access to sensitive data.

Pitch It - Properly dispose of what you no longer need.

1. Create and implement information disposal practices.
2. Dispose of paper records by shredding, burning, or pulverizing them.
3. Defeat “dumpster divers” by encouraging your staff and family members to separate the information that is safe to trash from sensitive data that needs to be discarded with care.
4. For businesses, make shredders available throughout the workplace, including next to the photocopier.
5. Use a “wipe” utility programs when disposing of old computers and portable storage devices.
6. Give business travelers and employees who work from home a list of procedures for disposing of sensitive documents, old computers, and portable devices.

Plan Ahead - Create a plan for responding to security incidents.

For business customers:

1. Create a plan to respond to security incidents, and designate a response team led by a senior staff person(s).
2. Draft contingency plans for how your business will respond to different kinds of security incidents. Some threats may come out of left field; others — a lost laptop or a hack attack, to name just two — are unfortunate, but foreseeable.
3. Investigate security incidents immediately.
4. Create a list of who to notify — inside or outside your organization — in the event of a security breach.
5. Immediately disconnect a compromised computer from the Internet.

For Consumers:

1. Keep list of all credit cards and financial institutions accounts.
2. Keep list of phones number, addresses, websites, and email addresses for all financial institutions.
3. Make sure family members know where the information is stored.
4. Contact financial institutions immediately if a fraud has occurred.
5. Immediately disconnect a compromised computer from the Internet

Unsolicited Customer Contact

Virginia Commonwealth Bank will never contact its consumer, business, or commercial customers on an unsolicited basis to request their security login credentials such as the combination of the customer’s username and password. If you receive a request of this type, do not respond to it. Please call us immediately at (804) 732-2350 or e-mail us at to report any activity of this nature. Virginia Commonwealth Bank will only contact its customers regarding online banking activity on an unsolicited basis for the following reasons:

1. To confirm suspected fraudulent activity on your account;
2. To notify you of activity on an inactive or dormant account;
3. To confirm an address change;
4. To notify you of a change or disruption in service; or
5. To confirm changes submitted to your online banking profile.

If you receive any unsolicited contact from a Virginia Commonwealth Bank team member for any reason not cited above, your identity will be confirmed through a series of security questions and you will always have the option of hanging up and calling Virginia Commonwealth Bank to confirm that validity of our request. Remember, Virginia Commonwealth Bank will NEVER ask for your login security credentials.

Virginia Commonwealth Bank Contacts

You are protected in a variety of ways when you use Internet Banking, debit and credit cards and funds transfer; however it is important to contact Virginia Commonwealth Bank in the event you or your company’s access has been compromised. Also, report any unauthorized or unexpected transactions immediately.

Monitor your account balances and transactions frequently to help protect against fraudulent transactions. If you need to report suspicious activity on your account(s), or if you have questions about the security of your account(s), you can call us at: (804) 732-2350 or e-mail us at

Your security is as important to us as it is to you. Let’s work together to protect it.

For more information about identity theft and other tips on how to protect yourself and your information please visit the following websites.
*Caution - By clicking on the links listed below on the Virginia Commonwealth Bank website you will be leaving Virginia Commonwealth Bank's secure website.

Identity Thefts Phone Numbers
FDIC Consumer Alerts  
United States Department of Justice  
P O Box 105069
Atlanta, GA 30349-5069
To order a report: (800) 685-1111
To report fraud: (800) 525-6285
P O Box 2002
Allen, TX 75013-0949
To order a report: (888) 397-3742
To report fraud: (888) 397-3742
Trans Union
P O Box 1000
Chester, PA 19022
To order a report: (800) 916-8800
To report fraud: (800) 680-7289
Virginia Commonwealth Bank (VCB products)
Email us:
(804) 732-2530 or (800) 297-4040