Main Navigation

• 
• 
• 
• 
• 
• 
• 
• 

PROTECT YOUR PRIVACY

You can take several steps to protect yourself against online fraud. Learn about the various types of fraud, how to report fraudulent sites, how to be protect yourself online, and about Enhanced Login Security for Online Banking.

GENERAL ONLINE BANKING FRAUD PREVENTION GUIDELINES

• Use and maintain up-to-date versions of your computer's operating system and anti-virus programs and virus definitions.
• Avoid the use of having websites save your login information. Do not share your User ID/Password information with third-parties.
• Change your password on a regular basis.
• Minimize the use of public computers (at airports, libraries, etc.) for logging into your Online Banking.
• When you log on to Online Banking, verify the date of your most recent login.
• Review your account balance, transfer and other account activity at least weekly to verify the transactions on your accounts. Report any suspect transactions to your bank.
• Configure Online Banking's notification alerts to notify you of customizable balance limits.
• Never leave a computer signed on to Online Banking unattended.
• Using Online Bill Pay is convenient, and also helps limit exposure of your personal information on third-party websites.
• When possible and practical, register your computer for Online Banking Login Security to avoid having to enter additional authentication information at each login.
• If you are using Online Banking/Online Bill Pay and a new screen, which appears out of context, asks you to provide sensitive information, do not provide this information. Please call the Online Banking Center at 617-629-4351 or 617-629-4383 (weekdays between 8:00 AM and 4:30 PM) if you have any questions.
• If your business accounts are set up in Online Banking, having a dedicated computer for Online Banking access only will help prevent dissemination of any account details.
• Within Business Web Banking, utilize the advanced access features to limit secondary users' access to include only needed accounts and functions. Delete User ID's for people who no longer require online access.
• Business customers should periodically perform risk assessments to review and assess their internal controls regarding online account access.
• Practice safe online security habits.

PASSWORD SECURITY

When choosing a password for a website, such as Online Banking, it is important to choose a strong password - one that you will remember, but can not be easily guessed by someone else.

Password tips:

1. Whenever possible, choose a strong password that contains at least 8 characters and includes a combination of both uppercase and lowercase letters, numbers, and special characters such as # ! ? @ * & %.
2. Choose a longer password. A 12-character password is significantly more difficult to guess than a 4-character one.
3. Do not use your name, phone number, or date of birth as your password.
4. Change your password regularly (at least every six months).
5. Never share your password - even with friends or family.
6. If you must use a shared computer, such as a computer in a school or library, whenever you log in to a website, make sure there is not a checkmark next to "Remember me on this computer" or "Remember my password".
7. Always remember to log off when leaving sites to which you are logged on. For example, you should always sign out of Online Banking by clicking the "Sign Off" link at the top right-hand corner of the Online Banking window.

PHISHING

Don't get hooked by scammers out phishing.

Internet scammers casting about for people's financial information have a new way to lure unsuspecting victims: They go "phishing."

Phishing, also called "carding," is a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive information.

If you receive an e-mail which appears to be from Central Bank, which you believe may be suspect, please contact the Online Banking Center before responding.

Central Bank will never ask you to send personal or financial information by, in response to, or via a link in an email. Please do not disclose your social security number, your account numbers, your access codes, or personal identification number (PIN) to your accounts to anyone with whom you are not familiar. If you suspect someone had made an unauthorized transaction on your Central Bank accounts or if you believe that any information about you is not accurate, please call us at 877-628-4440.

How "Phishing" Works

According to the Federal Trade Commission (FTC), the e-mails pretend to be from businesses the potential victims deal with - for example, their Internet service provider (ISP), online payment service or bank - or even from government agencies (including the FDIC). The perpetrators tell recipients that they need to "update" or "validate" their billing information to keep their accounts active, and direct them to a "look-alike" website of the legitimate business, further tricking consumers into thinking they are responding to a bona fide request. Unknowingly, consumers submit their financial information - not to the businesses - but the scammers, who use it to order goods and services and obtain credit.

Be alert

• Do not open e-mail messages from unknown sources. If the message is from someone you know, you may wish to contact the sender directly to verify that s/he sent you the message. Be wary of e-mails that suggest they are from the government, a financial institution, or other agency requesting any account information from you. Your financial institution should have this information already. Be especially wary if an e-mail contains unfamiliar logos, asks you for access credentials, or asks you to open attachments. Contact your financial institution directly if you are unsure.
• Ensure all your computers are maintained with current versions and updates of anti-virus and anti-spyware software. Schedule regular scans to help keep your computer free from infection.
• If you have a wireless network at home, be sure that you secure your network with adequte encryption and password protection.

To avoid getting caught by one of these scams, the Federal Trade Commission offers this guidance:

• The American Banking Association has released tips to avoid being a phishing victim. Visit the American Banking Association's website at http://www.aba.com/Press+Room/102611ABATipsToAvoidPhishingScams.htm for their latest information and tips to avoid becoming the victim of a phishing scam.
• If you get an e-mail that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the e-mail. Instead, contact the company cited in the e-mail using a telephone number or website address you know to be genuine.
• Avoid e-mailing personal and financial information. Before submitting financial information through a website, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission.
• Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
• Report suspicious activity to the FTC. Send the actual spam to spam@uce.gov. If you believe you've been scammed, file your complaint at www.ftc.gov, and then visit the FTC's Identity Theft website (www.ftc.gov/idtheft/) to learn how to minimize your risk of damage from identity theft.
• Visit the FDIC's consumer alerts website at www.fdic.gov/consumers/consumer/alerts/index.html.
• For additional information about phishing, and how to avoid phishing scams, you may check the Anti-Phishing Working Group's website at www.apwg.org/resources.htm#consumer
• What to do if you've already given out your personal financial information.

Visit The United States Computer Emergency Readiness Team's (US-CERT) Security Tips on Avoiding Social Engineering and Phishing Attacks and Staying Safe on Social Network Sites.

Visit the National Cyber Security Alliance's StaySafeOnline.org to learn more about how to use the Internet safely and securely.

Visit the US Department of Justice website to learn more about identity theft and identity fraud, how to avoid becoming a victim, and steps to take if you have become an identity theft or identity fraud victim.

Visit fakechecks.org to learn about different types of fake check scams and how you can avoid becoming a victim.

Visit www.ftc.gov/spam to learn other ways to avoid e-mail scams and deal with deceptive spam.

Visit the FTC's Identity Theft site to learn more about identity theft and how you may help protect yourself.

Visit http://www.fdic.gov/consumers/consumer/guard/ to view a presentation produced by the Federal Deposit Insurance Corporation (FDIC) to help protect yourself from electronic scams and identity theft.
The Adobe® Flash® Player is required to view this presentation. The latest version of Adobe Flash Player can be downloaded at http://get.adobe.com/flashplayer/. Installation questions or troubleshooting help for the Adobe Flash Player can be found at www.adobe.com/support/flash/.

Visit OnGuardOnline.gov - this site provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.

Central Bank's Electronic Funds Transfer Customer Agreement is available on our website here, and at each of our branches.

Central Bank may contact you by the phone number or email address we have on file for you if we believe any irregular account or online activity may have occurred. For that reason, we ask that you maintain current contact information with us. While we may ask questions to verify your identity, we will not ask you for passwords or PIN numbers. If you receive a call from anyone who identifies her/himself as being a representative of Central Bank, and you are unfamiliar with the person, or want to be sure the call is actually from us, you may contact the bank directly at 617-628-4000 or 877-628-4440 and ask to speak with that person or department directly.

Equal Housing Lender - Member FDIC - Member SIF This is a private computer system which is restricted to authorized individuals. Actual or attempted unauthorized use of this computer system will result in criminal and/or civil prosecution. We reserve the rights to view, monitor and record activity on the system without notice or permission. Any information obtained by monitoring, reviewing or recording is subject to review by law enforcement organizations in connection with the investigation or prosecution of possible criminal activity on the system. Please exit the system immediately if you are not an authorized user of this system or do not consent to continued monitoring. ©2004 Central Bank. All rights reserved.

Central Bank   ·   399 Highland Avenue, Somerville, Massachusetts 02144   ·   617-628-4000   ·   www.centralbk.com