Together we create the best defense against Fraud.

Every day, fraudsters, scammers and thieves get more creative in their attempts to access your personal information, gain access to your accounts, or convince you to send money.  Banks across the country are seeing even more fraud attempts during the Holiday Season.  There is nothing more important than keeping your banking secure and your information safe.  Charles River Bank has multiple layers of protection for any banking transactions, including online, mobile, debit MasterCard®, ACH, Wire and others.  But the ability of our systems to offer the highest level of protection relies on you to also take proactive steps.  As always, please be alert and never give out your personal information unless you know it’s a trusted and verified source, and please do not click on any links if you are unsure if they are from a legitimate source.  Some of the most important things you can do to protect yourself are outlined below.

Steps to Protect Yourself from Fraud

1. Review your account activity regularly. You can do this anytime, day or night, by using CRB’s online banking or the CRB mobile app. If you don’t use digital banking, check your account statements as soon as they arrive. Notify CRB, by phone or via online/mobile banking, if you see any account activity that you did not authorize so we can take steps to protect your account.
2. Set up Alerts & Notifications. This is an easy way to get regular notification by text or email of any transactions you choose (e.g. withdrawals over a specified amount, low balance warnings, debit card transactions, transfer notices, etc.) They can be easily set up in your CRB online or mobile banking.  Just click on My Profile, then select Additional Services and Manage My Alerts.
3. Keep tabs on your debit card. If you lose a card or think it might be lost or stolen, you can contact us, or deactivate your debit card anytime using your CRB online/mobile banking. Our processing systems are always on the lookout for unusual debit card activity and may reach out to you via text message or phone to verify. If you ever have a question regarding communication you have received, you can always call CRB’s main phone number 508-533-8661 during business hours or (833) 337-6075 after hours for assistance.
4. Password Safety. Create long, strong passwords, utilizing upper and lower case letters, numbers and special characters. Do not reuse passwords for multiple websites, apps, or online banking. Reused passwords make it easier for fraudsters to access multiple sites to access your credit card, debit card, or bank account information associated with shopping apps or other websites.
5. Update your Software & Apps Regularly. The majority of people do not know if their antiviral software on their laptop or PC is up to date, while others are not automatically updating apps on mobile devices. If these are not regularly updated, malware and other viruses can be easily transmitted to your software that allow fraudsters to record your keystrokes or allow tracking of your online activity. It’s like giving your UserID and passwords to strangers. Software and app companies are constantly monitoring and advancing their products to stay well ahead of hackers. They push updates to you that fix general software problems and provide new security patches and tools, protecting your data from being exposed to criminals. Be safe and perform the update as soon as you are notified.
6. Check theft and fraud still occurs. Thieves still target checks, stolen or copied, as a way to access your account.  In our local area, many people have mail boxes at the end of their driveway.  Never place your outgoing mail – like bills with checks enclosed – in your mail box since those envelopes can be easily stolen, which gives a thief your name, address, bank account number, signature, and potentially the account number of other accounts you are paying.  With digital technology, they can easily replicate your checks and signature to transfer money from your account. Always use official USPS drop boxes inside the post office, hand your mail directly to your mail carrier, or use online bill pay for more secure payments.

We hope you find this information helpful.  Your CRB Customer Care Team is here to help answer questions about your accounts or any security related matters. If you notice any unusual account or debit card activity, call us immediately at 508-533-8661.  To report fraud or a lost or stolen CRB Debit MasterCard® after business hours, call (833) 337-6075. These numbers can also be found on our website www.charlesriverbank.com and are printed on the back of your debit card.

Yesterday, credit reporting agency Equifax announced that between May and August there had been a data breach affecting 143 million of their customers. Personal information potentially compromised include social security numbers, credit card numbers, driver’s license numbers, addresses and birthdates. To find out if you may have been affected by this breach, please visit https://www.equifaxsecurity2017.com/ and follow the online instructions. Equifax is offering one year of free credit monitoring, whether or not you were affected by this breach.

As a reminder, you are always entitled to receive a FREE copy of your credit report every 12 months from each of the three major credit reporting companies, Equifax, TransUnion, and Experian to ensure that the information on all of your credit reports is correct and up to date. Visit www.AnnualCreditReport.com for more information.

The security of your personal information is a top priority at Charles River Bank and it is important to note that your Charles River Bank accounts have NOT been accessed and continue to remain secure. If you have any questions about your accounts with us, please call your Personal Banker at 508-533-8661.

IMPORTANT INFORMATION REGARDING THE EQUIFAX DATA BREACH

Yesterday, credit reporting agency Equifax announced that between May and August there had been a data breach affecting 143 million of their customers. Personal information potentially compromised include social security numbers, credit card numbers, driver’s license numbers, addresses and birthdates. To find out if you may have been affected by this breach, please visit https://www.equifaxsecurity2017.com/ and follow the online instructions. Equifax is offering one year of free credit monitoring, whether or not you were affected by this breach.

As a reminder, you are always entitled to receive a FREE copy of your credit report every 12 months from each of the three major credit reporting companies, Equifax, TransUnion, and Experian to ensure that the information on all of your credit reports is correct and up to date. Visit www.AnnualCreditReport.com for more information.

The security of your personal information is a top priority at Charles River Bank and it is important to note that your Charles River Bank accounts have NOT been accessed and continue to remain secure. If you have any questions about your accounts with us, please call your Personal Banker at 508-533-8661.

How to Safely Bank and Shop Online

You can’t be too protective of your financial information online. While banks and businesses work to make sure their customers’ information is secure, you can play a part in safeguarding your money, too. Here’s how.

Beef up online security at home. Secure your home online access with some simple steps: Install antivirus software on your computer. Also, protect your Wi-Fi with a seriously complicated password and be selective about giving it out. When you complete financial transactions, log out and close the browser.

Pick complex passwords and change them quarterly. If your passwords are your dog’s name and your birthdate, change them immediately — information easily found on social media can be used as clues by hackers. Follow website password guidelines that recommend combinations of numbers, symbols, and upper- and lower-case letters.

A creative way to craft a memorable password is to coin a phrase that guides you. For example, “I’m saving for my future!” might translate to “1mSving4mF!” (But don’t use this one, of course.).

Say no to free Wi-Fi. Free Wi-Fi in coffee shops, hotels, and other public places is often unsecured and can expose your information and passwords to cyber criminals. When you do use public Wi-Fi, be sure to only use secured sites that encrypt information sent over the Internet. To make sure a site is secure, look for a web address beginning with the letters “https” and a closed padlock symbol in the address bar.

If you must shop or bank from public areas, consider downloading a virtual private network, or VPN. That will mask your Internet address and encrypt your information.

Protect mobile devices. Only download software and apps from financial institutions you do business with, like Charles River Bank, or from authorized online stores. Logoff of banking and credit card apps when you finish using them. Keep software current because updates often enhance security features, and protect your screen from prying eyes in public places.

Make sure your Smartphone and tablet are password protected, and don’t leave them unattended and unlocked.

Be skeptical of unsolicited emails. Criminals distribute scams via email, a tactic called phishing, to trick consumers into giving out information such as bank account, credit card and Social Security numbers. If you receive an email from someone you don’t know, don’t reply — even it looks official. Banks, credit card companies and the U.S. government will never ask for sensitive information by email.

Don’t click on links, as they can be set up to spread viruses or other sorts of malware, and don’t call numbers provided. Instead, search online for the business to see if it’s legitimate.

By taking these few simple steps, you can greatly increase your online security and thwart hackers’ efforts to steal your personal information.

Terri Kaufman, NerdWallet

© Copyright 2015 NerdWallet, Inc. All Rights Reserved

Important Fraud Alert

Protect Your Business from a Corporate Account Takeover (CATO)

It has become a growing and serious threat for businesses, schools, and municipalities of all sizes. It’s a sophisticated form of electronic fraud known as a Corporate Account Takeover or CATO. And it has allowed cyber thieves to steal millions of dollars from unsuspecting organizations of all sizes.

With CATO, cyber thieves are able to take control of company computers and confidential banking information to infiltrate accounts and transfer funds to their own accounts.

How do they do it?

In many cases, they target employees who utilize online banking and use sophisticated phishing scams and other tactics that allows them to plant dangerous malware that hijacks computer systems. Cyber thieves have been known to pose as credible organizations, such as the Better Business Bureau, IRS, or even banks, and may make phone calls or use social networks, such as Facebook to lure unsuspecting employees into providing private information.

Know the warning signs.

How do you know if your company’s computer systems may have been comprised? Here are some warning signs:

• Dramatic loss of computer speed
• Differences in the way things appear on the screen
• Freezing or locking up of computer screens
• Unexpected rebooting or restarting
• Unexpected request for a token pass-code in the middle of an online session
• Unusual pop-up messages, especially a message in the middle of an online banking session that says the connection to the bank system is not working (system unavailable, down for maintenance, etc.)
• New or unexpected toolbars and/or icons
• Inability to shut down or restart the computer

What you can do to protect your organization.

While any business can become a victim of a CATO, organizations that do not have strong Internet security policies are most vulnerable. There are, however, some steps you can take to reduce your company’s chances of being victimized:

• Educate employees. Tell them about CATO and instruct them not to open unsolicited emails.
• Review bank account activity carefully and regularly.
• Separate banking responsibilities. For example, have one employee initiate ACH and wire transfers from one computer and another employee approve transactions on another computer.
• Install a firewall and anti-virus software.
• Create strong passwords. Do not use the same online banking password for everything.
• Never leave a computer unattended while using any online banking service. Always lock computers when unattended.
• Never access bank, brokerage or other financial services information at Internet cafes, public libraries, airports, etc.

Immediately report suspicious activity to Charles River Bank.

After notification of an incident, Charles River Bank will assist with:

• Disabling online access to accounts
• Changing online banking passwords
• Opening new account(s) as appropriate
• Assisting with review of all recent transactions and electronic authorizations on the account(s)
• Confirming no one has requested an address change, check reorder, debit card order or other information be send to a different address

Be assured, at Charles River Bank, we use the highest level of security to protect your account and personal information while banking online. To learn more about other ways you can protect your business, visit https://www.mass.gov/service-details/frequently-asked-questions-about-corporate-account-takeovers.

The Bank will reverse fraudulent transactions and will attempt to identify and notify any receiving financial institution of the fraudulent transactions.

Charles River Bank customers should be aware of the continuing threat posed by multiple e-mail-based scams known as “phishing”. These e-mail-based scams attempt to collect private account information from customers through deceptive and misleading methods.

For example, these phishing e-mails fraudulently request personal information including user ids, passwords, Social Security numbers, credit or ATM card numbers. The unsuspecting customer’s personal information is generally gathered through a link provided in the e-mail that directs the recipient to web sites that look very much like a legitimate Charles River Bank site.

Please note that Charles River Bank does not solicit sensitive, private information from customers through unsecure e-mail. Also, Charles River Bank recommends accessing our website by typing the website address into your browser or by using a “bookmark” that directs the browser to our site.

Customers who receive these e-mails should not follow any of the instructions in the e-mail, and should not click on the links contained in the e-mail. If customers follow these steps, their accounts are not in jeopardy of being compromised. Charles River Bank will NOT send e-mail messages requesting your confidential information, including account numbers, passwords, or PINs. If you receive an e-mail requesting such information, please contact us immediately at 508-533-8661.

If you have any concerns about the legitimacy of an e-mail message that appears to be from Charles River Bank, please forward it immediately to customerservice@charlesriverbank.com. As stated above, do not respond to the e-mail message or click any of the links contained in the e-mail. Please do not remove the original subject line or change the e-mail in any way when you forward it to us.

Customers who may have clicked on the links and entered information in response to one or more of these e-mails should:

• Contact Charles River Bank immediately at (508) ­­­­533-8661.
• Contact the following three credit bureaus to have a fraud alert placed on your credit report:
• Equifax Fraud Line: (800) 525-6285
• Experian Fraud Line: (800) 397-3742
• Trans Union Fraud Line: (800) 680-7289
• File a complaint with the Federal Trade Commission* or (877) IDTHEFT — (877) 438-4338.
• Additionally, to ensure that your computer was not infected with any malicious software that the phishing e-mail may have contained, we highly recommend that you immediately run a scan* to check for viruses or adware/spyware. Please contact a computer security professional if you need assistance with determining whether or not your computer has been infected.

*Please note that Charles River Bank is not affiliated with any provider of software packages that scan your computer, and we cannot endorse or recommend any particular one.

Your security is extremely important to us. Charles River Bank is committed to educating its customers about identity theft and fraud. We will constantly work to provide you with updates on the latest fraudulent scams, as well as ways to avoid them.

Please remember:

• You should never access the Charles River Bank Web page from a link provided by a third party. You should always type the URL address, www.charlesriverbank.com, into your Web browser or use a bookmark.
• Charles River Bank will NOT send e-mail messages requesting your confidential information, including account numbers, passwords, or PINs. If you receive an e-mail requesting such information, please contact us immediately at 508-533-8661.

Your security is extremely important to us. Charles River Bank is committed to educating its customers about identity theft and fraud. We will constantly work to provide you with updates on the latest fraudulent scams, as well as ways to avoid them.

Please remember:

• You should never access the Charles River Bank Web page from a link provided by a third party. You should always type the URL address, www.charlesriverbank.com, into your Web browser or use a bookmark.
• Charles River Bank will NOT send e-mail messages requesting your confidential information, including account numbers, passwords, or PINs. If you receive an e-mail requesting such information, please contact us immediately at 508-533-8661.

If you believe there has been fraudulent transactions on your Charles River Bank debit card, please call the FiServ Fraud Department 24/7 at 833-337-6075.

Charles River Bank customers should be aware of the continuing threat posed by multiple e-mail-based scams known as “phishing”. These e-mail-based scams attempt to collect private account information from customers through deceptive and misleading methods.

For example, these phishing e-mails fraudulently request personal information including user ids, passwords, Social Security numbers, credit or ATM card numbers. The unsuspecting customer’s personal information is generally gathered through a link provided in the e-mail that directs the recipient to web sites that look very much like a legitimate Charles River Bank site.

Please note that Charles River Bank does not solicit sensitive, private information from customers through unsecure e-mail. Also, Charles River Bank recommends accessing our website by typing the website address into your browser or by using a “bookmark” that directs the browser to our site.

Customers who receive these e-mails should not follow any of the instructions in the e-mail, and should not click on the links contained in the e-mail. If customers follow these steps, their accounts are not in jeopardy of being compromised.

If you have any concerns about the legitimacy of an e-mail message that appears to be from Charles River Bank, please forward it immediately to customerservice@charlesriverbank.com. As stated above, do not respond to the e-mail message or click any of the links contained in the e-mail. Please do not remove the original subject line or change the e-mail in any way when you forward it to us.

Customers who may have clicked on the links and entered information in response to one or more of these e-mails should:

• Contact Charles River Bank immediately at (508) 533-8661.
• Contact the following three credit bureaus to have a fraud alert placed on your credit report:
• Equifax Fraud Line: (800) 525-6285
• Experian Fraud Line: (800) 397-3742
• Trans Union Fraud Line: (800) 680-7289
• File a complaint with the Federal Trade Commission* or (877) IDTHEFT — (877) 438-4338.

Additionally, to ensure that your computer was not infected with any malicious software that the phishing e-mail may have contained, we highly recommend that you immediately run a scan* to check for viruses or adware/spyware. Please contact a computer security professional if you need assistance with determining whether or not your computer has been infected.

At Charles River Bank protecting your privacy and the security of your information is very important to us. Read more about how we protect your privacy and security.

*Please note that Charles River Bank is not affiliated with any provider of software packages that scan your computer, and we cannot endorse or recommend any particular one.