Online Security

Your online security is of utmost importance to Northmark Bank. We use industry-standard security techniques to ensure that your personal and financial information remains confidential. Among the techniques used by our Online Banking and Online BillPay systems are User ID, PIN, watermark verification, multi-factor authentication, encryption, and firewalls. In addition, we require you to use a secure browser to access our online applications. 

You also play an important role in protecting yourself online. Learn more about the ways you can protect yourself:


Reporting Lost or Stolen ATM/Debit Cards

PIN Security

Reporting Identity Theft

Phishing

Corporate Account Takeovers

Security Resources


Lost or Stolen ATM/Debit Cards

If your ATM or Debit Card is lost or stolen, click here to get information on how to notify us and cancel your card.


PIN Security

Our Online Banking application will require you to change your PIN frequently. You will be required to utilize complex PINs (letters and numbers). There are other important steps that you can take to ensure that your PIN remains safe:

  • We will provide you with a temporary PIN when you sign up for Online Banking or when you forget your PIN. Change your temporary PIN as soon as possible.
  • Use a PIN that you can easily remember so you do not have to write it down.
  • Do NOT use number sequences that can be easily guessed by someone who has your personal information (numbers related to birthdays, phone numbers, social security numbers, license plate, etc.).
  • Choose a unique PIN. Do NOT use your Northmark Bank User ID and PIN for any other purpose.
  • Do NOT store your PIN in a place where someone can easily find it (such as on a sticky-note near your computer)
  • Do NOT save your User ID and PIN in your Internet browser.
  • Remember that we will NEVER contact you via phone or e-mail asking you to furnish your PIN. There are no pop-up windows on our web site that request such information. If you receive such a request it is not legitimate; please contact our Online Banking department immediately. You should never tell anyone else your PIN.
  • Do NOT provide your User ID and PIN to other programs or websites that offer to aggregate your account balances by automatically signing onto your online banking account.


Phishing

Phishing (pronounced “fishing”) is the process of attempting to acquire personal information (such as User ID, PIN, social security number, credit card number, date of birth, etc.) by pretending to be a trustworthy source. Phishing is typically initiated by electronic means such as e-mail, text message or instant message. The electronic message typically directs users to enter personal information at a fraudulent website that looks almost identical to the legitimate one.

Phishing is one of the most popular tools used by identity thieves. By convincing users to enter their personal information into fake websites, the thieves obtain crucial personal information needed to perpetrate identity theft. 

Security vendors, software vendors and law enforcement agencies around the world have come together to form The Anti-Phishing Working Group. This organization is focused on eliminating the fraud and identity theft that result from phishing and e-mail spoofing of all types. The Anti-Phishing Working Group has compiled a list of recommendations that you can use to avoid becoming a victim of phishing scams.


Reporting ID Theft

Identity theft is a term used to describe several types of crimes in which the thief wrongfully obtains and uses another person's personal information (i.e. social security number, credit card information, date of birth, User ID and PIN, etc) through fraudulent means and uses the information for economic gain. 

If you believe that you have been the victim of Identity Theft, you should act immediately to minimize the potential damage to your financial accounts and your reputation. There are several important steps you should take:

Call us immediately at (978) 686-9100 to notify us.

Contact all creditors with whom your name or identifying data have been fraudulently used. For example, you may need to contact your long-distance telephone company if your long-distance calling card has been stolen or you find fraudulent charges on your bill.

Contact any other financial institutions where you have accounts that an identity thief has taken over or that have been created in your name but without your knowledge. You may need to cancel those accounts, place stop-payment orders on any outstanding checks that may not have cleared, and change your Automated Teller Machine (ATM) card, account, and Personal Identification Number (PIN).

Contact the Federal Trade Commission (FTC) to report the situation. The FTC is responsible for receiving and processing complaints from people who believe they may be victims of identity theft, providing informational materials to those people, and referring those complaints to appropriate entities.

Contact the fraud departments of the national credit bureaus to place a fraud alert on your account and obtain a free copy of your credit report: 

  • Equifax – Call (800) 525-6285
  • Experian – Call (888) 397-3742
  • Trans Union – Call (800) 680-7289

You may also need to contact other agencies for other types of identity theft: 

  • Your local office of the Postal Inspection Service if you believe that an identity thief may have submitted a change-of-address form with the Post Office to redirect your mail, or has used the mail to commit frauds involving your identity;
  • The Social Security Administration if you suspect that your Social Security number is being fraudulently used (call 800-269-0271 to report the fraud);
  • The Internal Revenue Service if you suspect the improper use of identification information in connection with tax violations (call 800-829-0433 to report the violations).

Corporate Account Takeovers

Corporate Account Takeover (also called CATO) is a name given to a variety of schemes where criminals attempt to steal funds from a company’s bank account. Law enforcement and news media have reported a number of different techniques – some are very sophisticated, while others are very low tech. In several reported cases, criminals obtained access to company online banking credentials and initiated fraudulent transfers. Some thieves have impersonated a principal of the company in telephone conversations with the company’s bank. Other criminals have initiated fraudulent written or email correspondence with a bank. In other cases, criminals have taken over the email persona of the company’s President and sent an email to the Controller instructing the Controller to initiate fraudulent wire transfers (a scheme called “Business Email Compromise”).

Regardless of the means of attack, the criminal’s objective is to fraudulently transfer money out of the company’s bank accounts and into accounts controlled by the criminals at other financial institutions. Most often, the money is gone and is not recoverable.

There are a number of things you can do to defend against CATO attacks:

Other Security Resources

Here are a variety of resources where you can learn more about protecting yourself and your personal information: