At Marcus, we make it a priority to protect your privacy and safeguard your account information. That’s why we’ve implemented a variety of services, features and policies designed to help keep your account secure.
Protecting your password is one of the easiest things you can do to help secure your account. While we will ensure that your password meets minimum complexity requirements, you can make your password even stronger to further protect yourself.
Reusing the same password across multiple sites is not advisable. Note: If you use the same password across different websites or services, you are particularly susceptible to credential stuffing, the cybercrime technique where stolen account credentials are used to gain unauthorized access to a user’s other online accounts.
SSL-capable browsers will display a lock symbol that indicates you are operating in secure mode. Check your browser’s documentation for more information about what to look for. (For those wondering, SSL stands for “Secure Sockets Layer” and is used to establish an encrypted link between a browser and web server.)
Marcus utilizes EV SSL (There are three levels of SSL that differ in how much identity verification is involved– if you’re curious, the EV stands for “Extended Validation”).
Every time you log in to your Marcus account, you’ll see your account dashboard and the day and time you last logged in. If that information doesn’t look right (as in, not accurate to when you remember last logging in) call us immediately.
Browsers generally cache, meaning they store some information locally on your computer. That could include images of pages that have already been downloaded in order to provide a faster, better web experience. The point of caching is to provide a speedier experience, but it can potentially leave you more vulnerable to hackers.
By clearing your cache after visiting secure sites, you reduce the risk of exposing confidential information stored locally.
Remember to always sign out when you are finished accessing your Marcus account. If you’re going to be away from your computer for an extended period of time, be sure to sign out then as well. Signing out will end your session and you will be asked to submit your unique email address and password the next time you log in.
Closing your browser entirely can also be a good way of preventing others from accessing your information.
Not all calls are genuine. Criminals or hackers can use a wide range of tactics to try to get information from you, including posing as your bank, a relative or another organization. They may already know a few personal details about you like your full name and address, and they could use this information to appear genuine.
If you receive an unexpected call from someone who asks you to give them information about you or your bank account, this could be a scam. If it doesn’t seem right:
At Marcus, we require you to use a secure browser to access your account information. Microsoft Internet Explorer, Apple Safari, Mozilla Firefox and Google Chrome are all browsers that support encryption.
To access your account information, you must provide a unique email address and a password to log in. Your password is not displayed when entered (i.e., the password does not appear in clear text on your screen when you enter it).
Firewalls and monitoring systems are used to help protect Marcus systems and proprietary networks from any unauthorized Internet traffic.
After you have entered your information, Marcus uses an encrypted network to transport data between our systems. We use security monitoring devices 24 hours a day, 7 days a week to offer you peace of mind.
Marcus uses multi-factor authentication to help us authenticate you. It’s an additional layer of security to help protect your account from unauthorized access.
For a brief overview, check out the tips below for some convenient ways to increase your cybersecurity know-how and help you stay protected. (And if you want a deeper dive on cybersecurity, you can check out our informative guide here.)
One typical phishing scam: Phishers might call you pretending to be your bank and ask you to verify (read: give them) your account credentials or one-time PIN information. Once they have it, the phisher can call your bank’s customer center pretending to be you. Armed with your personal information, they could potentially access your accounts.
Phishers might also create fake email addresses that look like the name of your bank and send you emails requesting information or verification of your account credentials. And if you give it to them, they can then use this information to either hack your accounts or impersonate you, even to your own bank.
Before you open emails or click on any links, carefully check that the email address matches the sender’s name before you open the email. It’s also a good idea to check the email address’ spelling to ensure it matches the business name – if it’s from a phisher, the name might be off by just a letter or two in the hopes you’ll breeze right past, so pay close attention.
Common messages you might receive from a phisher include emails or texts saying there’s been suspicious activity on one of your accounts and asking you to verify your account info. These messages may also include links to make payments, say you’re eligible for a government refund or even offer promotions for free things.
A smart way to protect yourself against phishers is to not enter your personal information in any window, pop-up box or email that you have not opened or initiated yourself.
If you receive suspicious emails you don’t recognize, delete them or send them to spam. Don’t open or click to further investigate.
It could be a sign that you’re a victim of sim swapping – a type of cyberattack where fraudsters hijack your cell phone number and potentially gain access to your data and personal accounts.
Enabling transaction alerts means you’ll be notified each time a transaction occurs on any of your financial accounts, allowing you to quickly take action if the activity is fraudulent.
Checking your credit reports will also help you spot any unauthorized financial transactions or see if any new lines of credit have been opened in your name. The earlier you spot suspicious activity, the quicker you can work to resolve and (hopefully) keep any damage to a minimum.
Bonus tip: You’re entitled to one free copy of your credit report every year from the major credit reporting bureaus, including Experian, TransUnion and Equifax.
If you notice any unauthorized transactions, contact your bank/provider immediately and report the fraudulent activity.
Don’t carry your Social Security card around with you and be careful any time you share your SSN.
If you’re going on vacation or will be away from your home for an extended period for any reason, be sure to place a hold on your mail delivery. If you don’t, criminals could potentially steal mail that gets delivered, and if that stolen mail includes any kind of sensitive information (like personal data or account details) they could use that information to steal your identity and order new credit cards in your name.