Through our everyday operations, NORTHSTAR BANK compiles and maintains confidential information on our customers. It is the policy of NORTHSTAR BANK to protect the privacy of this information by maintaining physical, electronic and procedural safeguards that comply with federal standards.
INFORMATION PRACTICES OF NORTHSTAR BANK
In order to constantly improve our Web Site and better serve our customers, NORTHSTAR BANK may use a software "cookie" when customers access our PC banking product. No "cookie" will contain any information that would enable anyone to contact consumers by telephone, email, or U.S. Mail. We do gather information including domain name, pages visited, length of user session, etc. This enables us to track how a visitor navigates through our site and the areas in which they show interest to evaluate the usefulness of our site, and those products and services that are of most interest to you. We only identify the site visitor if they voluntarily give us personal identifying information online. (A "cookie" is a small piece of information which a Website stores in the web browser of your PC and can later retrieve. A "cookie" cannot be read by a web site other than the one that set the "cookie". You can set your web browser to inform you when "cookies" are set or to prevent "cookies" from being set.)
CONFIDENTIALITY AND SECURITY
We restrict access to non-public personal information about you to those employees who need to know that information to provide products or services to you. Management will monitor employee access to customer information and will take appropriate disciplinary measures to ensure adherence to this policy. We use proven technology and established procedures for keeping your information secure. Whenever we ask for personal information on our Website or Internet Banking we use Secure Socket Layer (SSL) technology to keep it confidential.
MAINTENANCE OF ACCURATE INFORMATION
NORTHSTAR BANK is committed to continue to provide quality products and services with the highest level of integrity regarding personal privacy.
UNIQUE LOGIN ID AND PASSWORD
In order to access your accounts online you must enter a unique user login ID and password. We strongly recommend that you choose a password that you can remember (without writing it down) but does not use information that can be easily guessed by someone. Avoid the use of birthdays, children's names, pet names, etc. Do not reveal your user login ID or password to anyone and we encourage you to change your password every 30-60 days.
Never give out any personal or account information that is requested over the phone, through the mail or via email over the Internet unless you initiated the contact. If you believe your information has been compromised, please contact your local NORTHSTAR BANK branch immediately.
Knowledge is protection. NORTHSTAR BANK is committed to helping you prevent fraud by raising awareness and sharing best practices.
Account Takeover Fraud
Account takeover happens when a fraudster poses as a Northstar Bank representative to get your personal or account information. Once the fraudster has access to your account, they can make unauthorized transactions.
How you can best prevent account takeover fraud:
- If someone posing as Northstar Bank contacts you by phone, eMail, or text message and wants you to share your account information, consider it fraud.
- If you receive a text or eMail asking for account information, do not reply. Ignore the message and do not call any phone numbers listed.
- If you receive a phone call that seems to be a phishing attempt, simply end the call. Be aware that area codes can be misleading: a local area code does not always guarantee the caller is local.
Millions of consumers are being tricked into accepting genuine-looking checks and money orders and wiring money to fraudsters. Here are two examples:
- Sweepstake, lottery and grant fraud. Individual receives a check or money order with instructions to wire a portion to pay taxes or administrative fees.
- Overpayment. Scammer sends a check or money order for more than the amount for something the individual has for sale, with instructions to wire the extra to someone for shipping.
Identity theft occurs when someone uses your address, name, Social Security number, credit card information, bank account number or other personal information without your knowledge to commit fraud or other crimes. With your personal information in their possession, identity thieves can establish credit, purchase items or borrow money in your name.
Your best protection:
- Never give out your personal or account information that is requested over the phone, mail or Internet unless you initiated the contact.
- Do not carry your social security number with you.
- Shred confidential papers. If you don’t have a shredder, ask for dates and times of our (free) community shred days.
- Check your credit report at least once a year.
- Reduce the circulation of your information through the mail by stopping to receive prescreened credit offers by calling 1-888-5OPTOUT.
Keystroke logging / Keylogging
Keystroke logging (often called keylogging) is the action of tracking/logging the keys struck on a keyboard. Keyloggers are “Trojan” software programs that target your computer’s operating system and are installed via a virus. The fraudster can steal your user ID and password and anything else you have typed while online.
Malware (Malicious Software)
Malware (malicious software) is software that is designed to infiltrate or damage a computer system without the owner's knowledge or consent. This software is used to steal personal information and illegally obtain funds. Common forms include: Keystroke Loggers and Trojan Horses.
Pharming redirects legitimate domain name requests to fraudulent websites, where users get prompted to enter personal data, such as passwords or credit card numbers. Similar to phishing, fraudulent sites are often made to look like legitimate ones. What differentiates pharming from phishing scams is that the fraudster does not have to rely on having the user follow a link in an email. Even if the user correctly enters a website address into a browser's address bar, the fraudster can still redirect the user to a fraudulent website.
Fraudulent E-mails can often appear to come from a reputable source – this is called spoofing/phishing because the sender's true identity is concealed. Never click on a link in a suspicious e-mail message. The fraudulent e-mails request you to access a website and validate or confirm your personal information. These websites appear to be genuine and may ask you to provide personal information. The site may even direct you to call a provided phone number to verify account information.
It may not always be easy to recognize fraud emails or pop-ups but the following are some precautions to be aware of:
- Urgent Emails
Watch out for e-mails with links, attachments or pop-ups that state an urgent reply is needed.
- General Greetings
Watch out for e-mails or pop-ups that provide a general greeting and don't identify you by name.
- Typos and Errors
Fraudulent e-mails or pop-ups may have typographical or grammatical errors. Watch out for poor visual and design quality.
Caller ID spoofing occurs when a scammer deliberately falsifies the information transmitted to your caller ID display to disguise their identity and make you think the call is coming from a trusted source. For more information, best practices on how to protect yourself or if you think you have been a victim of a Caller ID spoofing scam, you can file a complaint with the Federal Communications Commission.
Social Networking Risks
Online social networking can be a great way to exchange ideas, information, photos and games. However, the more information you provide about yourself, the easier it is for people to use these details to commit fraud.
Your best protection:
Do not reveal too much information on your social networking and only share your page with people you know.
Your Best Protection to Prevent Online Fraud from Happening to you.
- Use anti-virus and anti-spyware, as well as a firewall, and keep the software updated.
- Only use a secure wireless network to conduct your banking. If you have a wireless router at home or work, ensure it is locked.
- Businesses should perform a risk assessment and controls evaluation periodically.
- Never follow a link in an email message that asks you to provide sensitive personal or financial information.
- Never share your internet banking passwords.
- Never give out your personal or account information that is requested over the phone, mail or Internet unless you initiated the contact
- Frequently monitor your account activity – we recommend daily monitoring.
- Reconcile all accounts and statements quickly.
- Never send your personal information via unsecured email.
- Only use your credit card number on Internet sites that have a secure, encrypted system (look for the "HTTPS" in the address line or lock icon).
- Choose passwords and PINs that are difficult to guess, do not write them down and change them – we recommend to change them every 30-60 days.
- When you have completed a bank transaction, be sure to properly log out instead of just closing the browser window.
- When your computer is not in use, disconnect it from the Internet.
- Stay informed.
- Use a dedicated PC for conducting financial transactions. Turn it off when you’re done using it. No e-mail, Internet surfing or other applications on this PC. Segregate the PC from the business network.
- Purchase insurance to reduce the risk of loss should fraud occur.
- Businesses should use dual control. If you use our Online Cash Management to originate ACH files, establish procedures that require one individual to input the ACH file information and a different individual to verify, authorize and send the file to NORTHSTAR BANK.
HOW NORTHSTAR BANK PROTECTS YOU OR YOUR BUSINESS
To ensure we offer the highest level of security for our internet banking customers, we have an additional layer of security to our log in process. At initial internet banking log in, you will select three challenge questions. If you log in to a computer or device that does not recognize you, you will be prompted to answer one of the questions to ensure your identity.
Take action to protect your personal and financial information and reduce your chances of identity theft with Deluxe Provent ® an integrated suite of identity theft protection services that provides identity theft protection on all fronts, including: Prevention, Detection and Restoration.
Q-Cards/eAlerts notify you of account activity by sending you an e-mail when certain criteria is met. You can be notified when your account balance goes above or below a pre-determined amount you set.
Internet Banking > Other Services tab > Q-Cards tab
The main objective of regulation E is to protect our customers who engage in electronic fund transfers (EFTs). When you opted-in, this was a way for us to identify that you approved NORTHSTAR BANK to authorize and pay overdrafts and assess fees.
Any account that enters into and EFT agreement, whether that agreement is between you and NORTHSTAR BANK or you and a third party (for pre-authorized debits or credits) is covered by regulation E. EFT transactions include:
- ATM deposits/withdrawals
- Any transfer of funds initiated through an electronic terminal, telephone or computer.
- Transfers sent via ACH (i.e. social security direct deposits, payroll direct deposits).
- Transfers from an account authorized by the use of debit card information, even if no electronic terminal is used in the transaction.
- Transfers via ACH where a consumer has provided a check to enable the merchant or payee to capture the routing number, account number and serial number to initiate the transfer.
- Payments made by a bill payer under a bill payment service available to a consumer via computer or other electronic means. (Unless the terms of the bill payer service specifically state payments are made by check, draft or similar paper instrument.)
We use proven technology and established procedures for keeping your information secure. Whenever we ask for personal information on our website or internet banking we use Secure Socket Layer (SSL) technology to keep it confidential.
User IDs and Passwords
In order to access your accounts online you must enter a unique user login ID and password. We strongly recommend that you choose a password that you can remember (without writing it down) but does not use information that can be easily guessed by someone. Avoid the use of birthdays, children's names, pet names, etc. The best password is one that is a random combination of 7-10 characters and contains numeric, alphabetic and special characters. Do not reveal your user login ID or password to anyone and change your password every 30-60 days.
WHAT IF SOMETHING IS SUSPICIOUS?
NORTHSTAR BANK may contact you to review general banking or account information, but we will never randomly contact you (via phone, text, letter or e-mail) asking for your personal account information.
Please immediately contact your local NORTHSTAR BANK office if you notice suspicious account activity.
Steps You Should Take if you are a Victim:
- Contact your local NORTHSTAR BANK branch or any of your financial institutions.
Colby Green, VP - Lenox Branch Manager / Community Engagement Officer 586.727.8842
Lori Kociba, Ubly Accounts Specialist 989.658.2180
Christine McNabb, AVP - St. Clair Branch Manager 810.329.6364
Sandy Schultz, AVP - Port Huron Branch Manager 810.488.8083
Marie Stafford, Bad Axe & Pigeon Branch Manager 989.269-3599
Chantal Tran, Ann Arbor Assistant Branch Manager 734.527.4116
Joe Turner, AVP - Akron & Caro Branch Manager 989.673.1100
Amber Voigt, AVP - Algonac Branch Manager 810.794.8230
- Cancel all credit/debit/ATM cards immediately – keep all toll-free numbers, along with account numbers, in a safe place where you can find them easily.
- File a police report immediately, in the jurisdiction in which your identification was stolen. This shows credit providers you were diligent and it is a first step toward an investigation.
- File a complaint with the Federal Trade Commission or contact the FTC's identity theft hotline at 877-ID THEFT / 877.438.4338.