Security Center

How to Safely Bank and Shop Online E-newsletter

How to Safely Bank and Shop Online

You can't be too protective of your financial information online. While banks and businesses work to make sure their customers' information is secure, you can play a part in safeguarding your money, too. Here's how.

Beef up online security at home. Secure your home online access with some simple steps: Install antivirus software on your computer. Also, protect your Wi-Fi with a seriously complicated password and be selective about giving it out. When you complete financial transactions, log out and close the browser.

Pick complex passwords and change them quarterly. If your passwords are your dog's name and your birthdate, change them immediately -- information easily found on social media can be used as clues by hackers. Follow website password guidelines that recommend combinations of numbers, symbols, and upper- and lower-case letters.

A creative way to craft a memorable password is to coin a phrase that guides you. For example, "I'm saving for my future!" might translate to "1mSving4mF!" (But don't use this one, of course.).

Say no to free Wi-Fi. Free Wi-Fi in coffee shops, hotels, and other public places is often unsecured and can expose your information and passwords to cyber criminals. When you do use public Wi-Fi, be sure to only use secured sites that encrypt information sent over the Internet. To make sure a site is secure, look for a web address beginning with the letters "https" and a closed padlock symbol in the address bar.

If you must shop or bank from public areas, consider downloading a virtual private network, or VPN. That will mask your Internet address and encrypt your information.

Protect mobile devices. Only download software and apps from financial institutions you do business with, like Charles River Bank, or from authorized online stores. Logoff of banking and credit card apps when you finish using them. Keep software current because updates often enhance security features, and protect your screen from prying eyes in public places.

Make sure your Smartphone and tablet are password protected, and don't leave them unattended and unlocked.

Be skeptical of unsolicited emails. Criminals distribute scams via email, a tactic called phishing, to trick consumers into giving out information such as bank account, credit card and Social Security numbers. If you receive an email from someone you don't know, don't reply -- even it looks official. Banks, credit card companies and the U.S. government will never ask for sensitive information by email.

Don't click on links, as they can be set up to spread viruses or other sorts of malware, and don't call numbers provided. Instead, search online for the business to see if it's legitimate.

By taking these few simple steps, you can greatly increase your online security and thwart hackers' efforts to steal your personal information.

Terri Kaufman, NerdWallet

© Copyright 2015 NerdWallet, Inc. All Rights Reserved

Lost or Stolen Card

To report a lost or stolen Charles River Bank ATM or Debit MasterCard call 508-533-8661 during business hours. After hours, call 800-264-5578 (or 701-461-0621 if outside the US).

Deactive or Reactivate your CRB ATM or Debit Mastercard

If you ever misplace or lose your card, you can Deactivate, then Reactivate, it ANYTIME using your CRB online or mobile banking.

Click24 Online Banking Users

1. Sign on and click the Profile Icon in the upper right of your navigation bar.

2. On the Service Center tab, go to the Electronic Services box

3. Click on Deactivate/Reactivate My Card.

4. Select the card you've lost and click the orange Deactivate button.

If you later find your card, follow instructions 1-3 above, then select the card to and click the Reactivate button. You can begin using the card again immediately.

CRB Mobile Banking App Users

1. Sign on and click the Menu icon in the upper right of your green navigation bar.

2. Select Mobile Services.

3. Select Deactivate/Reactivate My Card.

4. Select the card you've lost and click the blue Deactivate button.

If you later find your card, follow instructions 1-3 above, then select the card to and click the Reactivate button. You can begin using the card again immediately.

If you need a new ATM or Debit Card ordered, or believe there are unauthorized transactions posted to your account, please contact Customer Support at 508-533-8661.

Corporate Account Takeover (CATO)

Important Fraud Alert

Protect Your Business from a Corporate Account Takeover (CATO)

It has become a growing and serious threat for businesses, schools, and municipalities of all sizes. It's a sophisticated form of electronic fraud known as a Corporate Account Takeover or CATO. And it has allowed cyber thieves to steal millions of dollars from unsuspecting organizations of all sizes.

With CATO, cyber thieves are able to take control of company computers and confidential banking information to infiltrate accounts and transfer funds to their own accounts.

How do they do it?

In many cases, they target employees who utilize online banking and use sophisticated phishing scams and other tactics that allows them to plant dangerous malware that hijacks computer systems. Cyber thieves have been known to pose as credible organizations, such as the Better Business Bureau, IRS, or even banks, and may make phone calls or use social networks, such as Facebook to lure unsuspecting employees into providing private information.

Know the warning signs.

How do you know if your company's computer systems may have been comprised? Here are some warning signs:

  • Dramatic loss of computer speed
  • Differences in the way things appear on the screen
  • Freezing or locking up of computer screens
  • Unexpected rebooting or restarting
  • Unexpected request for a token pass-code in the middle of an online session
  • Unusual pop-up messages, especially a message in the middle of an online banking session that says the connection to the bank system is not working (system unavailable, down for maintenance, etc.)
  • New or unexpected toolbars and/or icons
  • Inability to shut down or restart the computer

What you can do to protect your organization.

While any business can become a victim of a CATO, organizations that do not have strong Internet security policies are most vulnerable. There are, however, some steps you can take to reduce your company's chances of being victimized:

  • Educate employees. Tell them about CATO and instruct them not to open unsolicited emails.
  • Review bank account activity carefully and regularly.
  • Separate banking responsibilities. For example, have one employee initiate ACH and wire transfers from one computer and another employee approve transactions on another computer.
  • Install a firewall and anti-virus software.
  • Create strong passwords. Do not use the same online banking password for everything.
  • Never leave a computer unattended while using any online banking service. Always lock computers when unattended.
  • Never access bank, brokerage or other financial services information at Internet cafes, public libraries, airports, etc.

Immediately report suspicious activity to Charles River Bank.

After notification of an incident, Charles River Bank will assist with:

  • Disabling online access to accounts
  • Changing online banking passwords
  • Opening new account(s) as appropriate
  • Assisting with review of all recent transactions and electronic authorizations on the account(s)
  • Confirming no one has requested an address change, check reorder, debit card order or other information be send to a different address

Be assured, at Charles River Bank, we use the highest level of security to protect your account and personal information while banking online. To learn more about other ways you can protect your business, visit http://www.mass.gov/ocabr/banking-and-finance/laws-and-regulations/dob-faqs/cato08212013.html

The Bank will reverse fraudulent transactions and will attempt to identify and notify any receiving financial institution of the fraudulent transactions.

Avoid Fraudulent e-mail Schemes

Charles River Bank customers should be aware of the continuing threat posed by multiple e-mail-based scams known as "phishing". These e-mail-based scams attempt to collect private account information from customers through deceptive and misleading methods.

For example, these phishing e-mails fraudulently request personal information including user ids, passwords, Social Security numbers, credit or ATM card numbers. The unsuspecting customer's personal information is generally gathered through a link provided in the e-mail that directs the recipient to web sites that look very much like a legitimate Charles River Bank site.

Please note that Charles River Bank does not solicit sensitive, private information from customers through unsecure e-mail. Also, Charles River Bank recommends accessing our website by typing the website address into your browser or by using a "bookmark" that directs the browser to our site.

Customers who receive these e-mails should not follow any of the instructions in the e-mail, and should not click on the links contained in the e-mail. If customers follow these steps, their accounts are not in jeopardy of being compromised. Charles River Bank will NOT send e-mail messages requesting your confidential information, including account numbers, passwords, or PINs. If you receive an e-mail requesting such information, please contact us immediately at 508-533-8661.

If you have any concerns about the legitimacy of an e-mail message that appears to be from Charles River Bank, please forward it immediately to customerservice@charlesriverbank.com. As stated above, do not respond to the e-mail message or click any of the links contained in the e-mail. Please do not remove the original subject line or change the e-mail in any way when you forward it to us.

Customers who may have clicked on the links and entered information in response to one or more of these e-mails should:

  • Contact Charles River Bank immediately at (508) ­­­­533-8661.
  • Contact the following three credit bureaus to have a fraud alert placed on your credit report:
  • Equifax Fraud Line: (800) 525-6285
  • Experian Fraud Line: (800) 397-3742
  • Trans Union Fraud Line: (800) 680-7289
  • File a complaint with the Federal Trade Commission* or (877) IDTHEFT -- (877) 438-4338.
  • Additionally, to ensure that your computer was not infected with any malicious software that the phishing e-mail may have contained, we highly recommend that you immediately run a scan* to check for viruses or adware/spyware. Please contact a computer security professional if you need assistance with determining whether or not your computer has been infected.

*Please note that Charles River Bank is not affiliated with any provider of software packages that scan your computer, and we cannot endorse or recommend any particular one.

Learn How to Protect Yourself from Fraud on the Internet

Your security is extremely important to us. Charles River Bank is committed to educating its customers about identity theft and fraud. We will constantly work to provide you with updates on the latest fraudulent scams, as well as ways to avoid them.

Please remember:

  • You should never access the Charles River Bank Web page from a link provided by a third party. You should always type the URL address, www.charlesriverbank.com, into your Web browser or use a bookmark.
  • Charles River Bank will NOT send e-mail messages requesting your confidential information, including account numbers, passwords, or PINs. If you receive an e-mail requesting such information, please contact us immediately at 508-533-8661.

Learn More

Federal Trade Commission

FDIC