The 3 Online Banking Alerts You Should Have Set Up

Farmer examinig wheat field status with digital tablet

Security Awareness Week: June 5-9, 2017

If you’re not using the FREE alerts feature of Merchants Bank Online Banking, you’re missing out on tools that could protect you from identity theft and fraud.

To set up automatic alerts, sign in to your Online Banking account and click the Other Services tab. From here, select the type of alert you’d like to enable and follow the steps to configure. Alerts can be sent to an email address, via text message or both…it’s up to you!

Here’s the list of the top three alerts our Electronic Banking Specialists recommend all customers put in place.

My Profile Changed – Get an alert if there are any changes to your Merchants Bank Online Banking profile. For example, a change to the email address associated with your account. This alert may help you detect if someone else has accessed your account and is trying to make changes to your profile.

Internet Banking Login Error – Get an alert if your password is entered incorrectly when attempting to log in to Online Banking. This alert may help you detect if someone else is trying to access your Online Banking account.

Balance Alerts – Get an alert based on balances above or below a certain dollar amount. Simply select the account you’d like an alert for, then choose an option from the drop down and type in an amount. This alert may help you detect large withdrawals or purchases you did not initiate.

To learn more about all of our Merchants Bank Online Banking alert options, watch this video featuring Lucas Stangl, Electronic Banking Specialist.

To get started with alerts, sign in to your Online Banking account now.

Are You Using These 7 Tips to Protect Your Identity?

Home budgeting

Security Awareness Week: June 5-9, 2017

It may feel like keeping your personal information secure is impossible in a world tech-savvy hackers and scammers. Every day the news reports on new data breaches and scams. But, you can play an important role in protecting yourself from identity theft and fraud by taking small steps.

Here’s where to start:

  1. Check your financial activity. It only takes a few minutes, but reviewing your bank, credit card and other financial activity and statements for fraud is an important first step. If you see any suspicious activity, report it.
  2. Don’t use the “remember password” option. Using this feature on your computer or mobile device makes it easier for someone to access your accounts.
  3. Set up automated account alerts. Get a text or email alert for certain transactions, balances and more. We offer free alerts through Merchants Bank Online Banking for your checking, savings and loan accounts and through My Mobile Money for your debit card transactions.
  4. Be cautious when asked for personal information. If you are asked to provide personal information through a phone call, email or website pop-up page, think before you act. Verify the company or person asking for the information through a third party, like a phone book or other trusted resource.
  5. Store private information securely. Whether at home or work, do not leave your personal information out where others can see it.
  6. Make a fraud kit. Keep a list of your credit and debit cards, account numbers, expiration dates and customer service of fraud department telephone numbers in a secure place away from the cards for easy access.
  7. Be a skeptic. If a situation sounds too good to be true, it probably is. You can’t win the lottery if you haven’t entered. You don’t need to send a payment to claim prize winnings.

To stay up-to-date on Merchants Bank fraud alerts and scams, sign up for our alerts emails.

How to Control Debit Card Activity

mymobilemoney

Security Awareness Week: June 5-9, 2017

Take control of your debit card transactions with our free My Mobile Money app. Use it to:

  • Set card transaction alerts
  • Set spending controls
  • Turn your debit card(s) on and off
  • Deny transactions based on criteria you choose
  • And much more!

Learn how to enable the top three features recommended by our staff. Before you begin, make sure you have downloaded the app, enrolled and signed in.

Feature 1: Transaction Alerts

From Customer Service Manager, Michelle Schroeder: “I can’t say enough about the automatic notifications for all transactions. I love seeing everything that goes through my debit card. It’s perfect in case I forget about an automatic withdrawal I had approved or someone is attempting fraud on my account.”

To receive alerts for certain transactions on your mobile device:

  1. Choose the card you wish to set alerts for.
  2. Select Alert Preferences.
  3. If you would like alerts on all transactions, click the “Send alerts for” drop down and select All Transactions.To set specific alerts, such as alerting for all online purchases, click the “send alerts for” drop down and selected Preferred Transactions. Then choose the type(s) of alerts you wish to set.

Feature 2: On/Off and Automatic Denials

From Commercial Banking Officer, Mike Swanson: “My wife and I have used the on/off feature for our debit card more than once. If one of us misplaces our card…leaves it in the car, forgets it on the counter or something else, we can just turn it off on the app until we find it. If our cards really were lost, it would prevent anyone else from using them. It’s just nice peace of mind.”

To turn off a debit card:

  1. Choose the card you wish to turn off.
  2. Slide the Card ON/OFF button from green to red.

To deny debit card transactions based on dollar amount:

  1. Choose the card you wish to set up for denials.
  2. Select Control Preferences.
  3. Select Spend Limits and slide on Per Transaction.
  4. Simply enter in the maximum amount that will be allowed for a transaction.
  5. Click Save.

Feature 3: Location Controls

From Customer Service Representative and Lead Teller, Tina Bechtel: “I’ve used the location feature and that’s really handy. You just set up if you only want to allow transactions based on a city, region or state. Transactions attempted from outside that area are then automatically denied.”

Although these options give you the flexibility to protect your card while traveling, you still need to notify us (contact your local Merchants Bank) of travel plans outside of Minnesota, Iowa and Wisconsin to ensure your debit card can be used while out of town.

To deny transactions based on the location of your mobile device:

  1. Choose the card you wish to set up location controls for.
  2. Select Control Preferences.
  3. Select Locations.
  4. Swipe the My Location function on.
  5. All attempted transactions outside of the zip code where your mobile device is located will be denied.

To allow transactions based on locations you select:

  1. Choose the card you wish to set up location controls for.
  2. Select Control Preferences.
  3. Select Locations.
  4. Swipe the My Regions function on.
  5. Select the plus symbol.
  6. Add a region by entering a zip code or using the map to zoom.
  7. Give your region a title and choose save.
  8. Repeat steps 5-7 to add up to two other regions.
  9. All transactions within the regions you selected will be allowed.

If you have questions about My Mobile Money, contact your local Merchants Bank.

Privacy Code: Why You Need One

PrivacyCode-Blog.jpg

Security Awareness Week: June 5-9, 2017

As part of our privacy standards, we would like all Merchants Bank customers to have a privacy code in place to protect you and your data from being accessed by someone other than you.

What is it?

A privacy code is a word or numbers or combination between 4 to 30 characters that you choose and will easily remember. This will be used to identify you and protect your data from being accessed by someone other than you. It is not the PIN associated with a card, phone banking or online banking system. It is a part of identifying you as a person.

When will it be used?

Merchants Bank staff will use a privacy code to identify that it is really you on the phone before we give you information on your accounts. If you do not have your photo ID with you, we may also use this to identify you in person.

Why do I need one?

Fraud and identity theft are increasing. Without a privacy code you may no longer be able to call in and obtain information over the phone.

To set up a privacy code, please call or visit your local Merchants Bank branch.

 

Ransomware and Rip Van Winkle: Don’t Ever, Ever Sleep Again

This can't be right

Security Awareness Week: June 5-9, 2017

By Rodney Nelsestuen, Chief Information Officer

We all know the story of Rip Van Winkle who slept for 20 years and woke to find he’d missed the Revolutionary War and that society had changed dramatically. Today, poor Rip would find that a mere 20-minute nap may be enough to put him out of touch – especially when it comes to security.

This was driven home by the recent global attack of ransomware (aptly named Wannacry) that put hospitals, governments, and businesses on the defensive and interrupted the normal course of business on some estimated 250,000 computers in 150 countries, including the US. This event was one of the first to have a large-scale global reach and one which cost those who were attacked an estimated $3 billion dollars. Moreover, the success of Wannacry and its scale will most certainly result in a massive expansion of the ransomware “business.”

You may wonder why ransomware is suddenly so popular as compared to other types of hacking. Here are three reasons:

The attacker need do nothing and still gets paid.

Ransomware either encrypts files on a computer or blocks access to the files. These programs used to be delivered exclusively in emails as an attachment that a victim would open. While that delivery method is still in use, the more pernicious versions simply roam the internet and when they find an unprotected network or computer, will launch the attack without human intervention.

Stealing personal information and credit card data is still popular, but imagine how much work it is to steal, store, organize, and then find a buyer for that data. In short, the old fashioned methods of theft are a lot of work compared to a ransomware attack that threatens to delete all data on a computer unless the victim pays for the release. Attackers simply sit back and wait for the victim to pay.

Want to go into business? Try ransomware as a service.

Don’t know anything about computers or hacking? No need to worry. You can contract with a hacker and outsource your criminal activity. Organizations offering ransomware services are beginning to take root and will encourage bad actors of all types to try their hand at it.

After all, what do they have to lose? The outsourced service provider does all the work and gets paid a cut of the take, and you merely await your share as the business owner.

If one door is locked, just try another.

The interconnectivity of the internet and businesses across the globe makes it much easier for a ransomware attack to succeed. Can’t get into a corporate network? Try the company’s version of webmail, which can be accessed from any computer in the world. Can’t get a user to click on a link? Then use in-memory malware to deliver the payload. Find it hard to scale your crime? Then hack cloud services and launch attacks against thousands of high value targets at once. In short, ransomware has multiple attack vectors.

So what can I do to protect my business?

There are long-standing processes and tools that companies need as a foundation to stopping ransomware. While the list of approaches is long, let’s focus on three items that will reduce the risk of being hacked or a victim of ransomware:

  1. Whether you run your own technology or outsource it, be sure you know what protections and processes you have in place. Anti-virus software, firewalls, and intrusion detection software with expert alerts, and patching systems and applications are regularly among these basics.More importantly, make sure your security tools are on the most current versions. This may mean having updates almost continuously at times as risk conditions can change dynamically. It’s good to look into new technologies as new threats arise, but remember that the tools you do have may be the best there are if kept up to date.
  2. Layer security across your business. No one single solution will protect you from every attack. Whether physical locks on doors, increasing the sophistication of passwords, using out of band authentication, or segmenting your network with additional firewalls, consider using a layered approach to make it more difficult for bad actors to get through to your valued information. This includes using the security and authentication steps offered by your bank. Most banks will provide tools that allow the business to verify financial transactions before they occur. Unfortunately, too many businesses fail to adopt these solutions and processes.
  3. Train your staff on proper use of the connected world we live in – and keep security awareness in the forefront of employees’ minds. The human threat is twofold: first, people make mistakes and as humans, we always will.Second, there has been a growing threat from insiders who are ‘groomed’ by bad actors to ultimately take part in a crime. While this is an unpleasant topic, it’s something every business owner or manager needs to consider today.

One final thought. It would pay most businesses to be connected to an organization that monitors the global threat environment and can keep the business up to date on emerging threats. This external information can then be aligned with your internal IT steps and actions. There are several such organizations and many have very reasonable fees.

The security issues faced by businesses will only be more challenging in the future. Staying up to date on security technology, being vigilant on how users interact with your systems, and having an eye to the emerging threats as they grow are all smart and necessary steps for any business today.

While there are no sure-fire solutions to risk, by taking a multi-faceted approach you’re in the know about the threat environment, and you’ll feel better that you’re managing it in a sound manner. Then you’ll be able to sleep peacefully even with one eye open so as not to miss, as Rip Van Winkle did, the important things in life such as the birth of a nation.

Tip #5: How to Take Action When You Suspect Fraud

SAWFriday

If you suspect fraud on any of your Merchants Bank accounts, please contact us as soon as possible. You can:

According to the terms and conditions of your account, federal regulations require that if your statement contains electronic transactions you did not authorize, you must notify us within 60 days after the statement was mailed to you, or within 14 days for draft/check by phone, or check disputes.

Here are the steps we will take together when you identify an unauthorized transaction. We will:

  1. Determine if a transaction is truly fraudulent, a recording or processing error, or a simple miscommunication with the business or store.
  2. Assist you with calling the business to try to identify the charges subtracted from your account.
  3. Help you initiate a dispute by completing a Dispute Form. You will need to come to the bank to complete this paperwork.
  4. Contact you, as needed, for additional information during the dispute process.
  5. Notify you via mail with the results of your dispute.

During Security Awareness week, June 1-6, 2015, Merchants Bank shared a fraud prevention tip each day. Click here to view previous tips from this week:

Tip #4: How to Know if Merchants Bank is Really Calling

SAWThursday

Merchants Bank will never initiate a phone call or email asking you to verify your Social Security number or account number. If you are asked for this information from another company, please proceed with caution.

Merchants Bank may, however, contact you in the following situations:

  • If mail is returned for incorrect address and we do not have record of receiving an address change request from you.
  • If you are in the process of opening an account with us and we need additional information.
  • If you have submitted an Online Bill Payment and there is a question on the address or company information.
  • If you are enrolled for Online or Mobile Banking and have not used them for a period of time, or your Online Banking account is locked.
  • If you are a business and submit an ACH file; we will verify this with you.
  • If your debit card is captured in an ATM.
  • If your debit card or PIN mailer is returned to the Bank.
  • If fraud is suspected on your Merchants Bank debit or credit card.

In these, or similar, situations, we may contact you. If you do not know the bank employee calling you, we encourage you to write down the information being requested and call the person back by dialing your local Merchants Bank office at a number you have verified on your own through a public source, such as a phone book, or call a bank employee you do know personally.

For additional protection, you may set up a privacy code with the Bank. A privacy code is a 4-5 character combination of letters and/or numbers that the Bank will use to identify you over the phone. To set up a privacy code, visit your local Merchant Bank or contact your Customer Service Representative.

Friendly reminder: In order for any communication between you and the Bank to occur, we need to have your up-to-date contact information. Please contact us if you’ve moved or made any changes to your personal contact information, such as discontinuing a landline phone or changing your cell phone number. You may also update your contact information by logging in to Online Banking and clicking on Other Services.

During Security Awareness week, June 1-6, 2015, Merchants Bank will be sharing a fraud prevention tip each day. Visit our blog or Facebook or LinkedIn pages tomorrow for the next article in our Security Awareness Week series.