Online Security

In an effort to inform you of security-related issues, we have created
this page to assist you in becoming knowledgable about recent fraudster
attempts to obtain 'sensitive' information such as usernames, passwords,
challenge questions and other information from you.

Phishing Alert from NACHA - Fraudulent Email Scam

Random individuals and/or companies may have received a falsified email with the subject title 
"Rejected ACH Transaction". This email appears to be from NACHA The Electronic Payments 
Association telling them that there is a problem with an ACH transaction they have originated. 
The email includes a link which redirects the individual to a fake web page which appears like 
the NACHA website and contains a link which is almost certainly an executable virus with malware.

The subject will read something like - 'Rejected ACH transaction, please review the transaction report. 
The message will contain the following - Dear bank account holder, The ACH transaction, recently 
initiated from your bank account, was rejected by the Electronic Payments Association. Please review 
the transaction report by clicking on the link below - with a URL/Link following. Do NOT click on the link. 
Report any suspicious activity such as this to Northland Financial at 701.4750-2301, or toll-free at 
1-877-475-2301.

New Scam - Email claiming to be from Social Security Administration

There have been several reports about an email purportedly from SSA (Social Security Administration)
 informing users that their latest Social Security statement is available but it may contain errors. 
The subject of the email is something like "Review annual Social Security statement" with the body of 
the email warning of a potential identity theft risk and then asks you to review your annual statement 
at the link provided within the email. After clicking the link a prompt to enter your social security 
number and click an option to select 'generate a statement', which instead downloads a 
malicious executable file. The malware attempts to intercept the user's online banking 
information to steal funds.

As with all emails of this sort, NEVER click on a link included in an email, to avoid compromising 
sensitive information such as login credentials for secure websites.

New Scam Email claiming to be from FDIC

Scam emails claiming to be from the FDIC have been reported. If you receive 
one of these emails, please delete. The email appears to be from the "FDIC"
with the subject being 'you need to check your Bank Deposit Insurance Coverge'.
The message will state something like the following:

'You have received this message because you are a holder of a FDIC-insuranced
bank account. Recently FDIC has officially named the bank you have opened your
account with as a failed bank, thus, taking control of its assets

You need to visit the official FDIC website and perform the following steps to check
your Deposit Insurance Coverage. A specific link to a fraudulent website is included.

Download and open your personal FDIC Insurance File to check your Deposit Insurance
Coverage.

Do NOT click on the link to a website from within an email, or download anything from a 
website such as this. To do so, could compromise sensitive information such as
passwords that you use to log into secure websites.

New Version of Malware

A new version of malware has been reported, sometimes referred to as Bankpatch.C, 
Agent-IPS Trojan or by several other names. Once the infection is present, the malware 
attempts to trick users by popping up fraudulent login screens for the purpose of aquiring 
sensitive data such as usernames, passwords, challenge questions and other information. 
Business Banking users are advised to report any strange business banking login windows, 
or anything that looks different on a login window. These could be signs that your computer 
has been affected by this malware. As a general precaution, always close all other browser 
sessions and tabs before logging into a banking session.