Online Security for Businesses
ONLINE SECURITY AND YOU….
As part of Northwest Bank’s ongoing effort to keep consumer and commercial customers informed, we would like to provide you with information regarding online safety and security. Please know that Northwest Bank is constantly analyzing and improving our software to minimize fraudulent activity to access information and will provide updates to ensure the utmost security.
As the internet continues to become a popular avenue for business and banking transactions, attempts to gain access to your network information also continues to increase. Northwest Bank encourages you to familiarize yourself with common fraud tactics, such as phish emails and fraudulent websites, and learn ways to protect yourself online.
Use caution if you receive an email expressing an urgent need for you to update your account information, activate your online banking account or verify your identity by clicking on a link. These emails may be part of a phish scam conducted by fraudsters to capture your confidential account information and commit fraud.
How you can protect your company
Your company’s security is very important. In addition to security measures put in place by Northwest Bank, there are steps you can take to help safeguard your business.
Safeguarding Your Operations
- Security Plan – Develop a company-wide security plan for all business operations.
- Tools to help reduce Fraud – Maintain the latest fraud-fighting tools, including accounting and operating systems safeguards, and anti-virus and anti-spyware protection.
- Internal controls and procedures – Make sure employees fully understand your data operations and the security plan that protects them, so they can immediately spot fraudulent activity. Periodically review account procedures to confirm they are up-to-date.
- Administrative controls – Use online tools and controls that allow you to specify and authorize employees who can access online data and accounts.
- Regular audits – Conduct thorough, periodic audits of check-control functions.
- Examine bank statements – Keep on top of bank statements and immediately report losses and unauthorized payments due to counterfeiting or forgery.
Fighting Fraud Online
- Unsecured Websites – Never provide account numbers, access ID’s or Social Security numbers to an unfamiliar person or company or to an unsecured website.
- Phishing/Spoofing – Make sure employees guard against fraud techniques called phishing or spoofing, that facilitate access to your company’s online information. Current scams include fraudulent emails, websites, and pop-up windows with bogus offers that, once opened, can steel your personal data and compromise online security.
- Viruses and Spyware – Continually upgrade your virus protection software to protect your data.
- Attachments – Don’t open email attachments from unknown sender.
- Electronic systems – Use fraud reduction tools and secure online accounting and reporting systems to monitor transactions and increase oversight.
How fraudsters obtain email addresses
Fraudsters obtain email addresses from many places on the internet. They also purchase email lists and sometimes guess email addresses. Fraudsters generally have no idea if people to whom they send bank-related phish emails to are actually bank customers. They hope a percentage of those phish emails will be received by bank customer.
A common scenario is: the attacker sends a “phishing” email which includes either an infected file or a link to an infectious web site. The person receiving the file is usually someone who can initiate funds transfers on behalf of the corporate business. Once the receiver opens the attachment or navigates to the web site, malware is installed on the user’s computer. This malware contains a key logger, which collects the user’s online banking credentials. These credentials are used to either establish another user account or directly initiate funds transfers as the legitimate user.
Northwest Bank combats this issue by incorporating strong security practices that are stringent and utilizes a strong multi-layered security strategy, including the use of a token system to gain access and initiate external funds transfers.
Contact us immediately at 1.800.678.4105 or stop by any of our locations, if you notice suspicious account activity or experience customer information security related events.