Massachusetts Bank

Contact | Branch/ATM Locator | Investor Relations
Online Banking | Education Center | Security Center

Home Personal Banking Business Banking Cash Management Real Estate Lending About Us

Security Center

Need Some Help?

Ask Kevin

ATM Locator

Find the ATM machine closest to you!

Security Center

April 21, 2008
SECURITY ALERT

Danversbank was recently notified of a phishing campaign involving MasterCard users.

The phishing campaign targets MasterCard users, promising them a 16 percent discount on future purchases made with the MasterCard card as a reward for signing up for MasterCard SecureCode. An included link leads to a phishing site which appears identical to the real MasterCard site, and cardholders are required to supply confidential information such as credit card expiration date, date of birth, and the three-digit CVC code that appears on the bank of the card.

Danversbank's debit card service provider, Metavante, would like to remind issuers that MasterCard and Metavante do not send unsolicited e-mails to cardholders. In addition, Metavante recommends that cardholders do not click on links in unsolicited e-mails before verifying that the e-mail and the site address is legitimate.

If you have any questions about the authenticity of an email that purports to be from Danversbank or one of our providers, contact our Customer Support Center at 1-800-771-8200, between 7AM and 6PM on weekdays, and 9AM and 2PM on Saturdays (EST).

March 18, 2008
SECURITY ALERT
It was recently announced that a data breach occurred at Hannaford's Supermarkets between December 7th and March 10th, involving customers' debit and credit card numbers. All of Hannaford's 165 stores in the Northeast are affected.

In response to this, Danversbank is monitoring customer debit card accounts, and we've found no evidence of misuse to date. However, we would like to remind all customers to take an active role in protecting their accounts, by reviewing statements regularly and verifying transactions through Online Banking. If, in doing so, you discover any unauthorized activity, contact our Customer Support Center immediately at 1-800-771-8200, option 1.

IRS warns of rebate scams
Identity thieves use economic stimulus plan to steal personal information over the phone, Internet.
January 31 2008: 8:16 AM EST
WASHINGTON (AP) -- Even before Congress passes an economic stimulus package, identity thieves are using promises of tax rebates to trick people into revealing financial and personal data, the Internal Revenue Service warned Wednesday.
Under one scheme, the IRS said, people are receiving phone calls telling them they can only receive a rebate if they provide bank account information for a direct deposit.
The tax agency stressed that it does not collect information by telephone and that no legislation has been enacted that would allow it to provide advance payments to taxpayers or that specifies the details of those payments.

The House last week, as part of an economic stimulus package, approved tax rebates of $600 and $1,200 respectively for most individuals and couples, with another $300 per child. The Senate is now considering a slightly different version.

The IRS also repeated past warnings of e-mails, supposedly coming from the agency, where people are asked to enter personal information on a form needed to obtain a tax refund.

A new scam, it said, involves an e-mail notification that a person's tax return will be audited with instructions to click on links to complete forms with personal and account information.

Businesses and accountants are also getting e-mails with instructions to download information on tax law changes. Clicking on these links could download "malware" onto the recipient's computer that gives the scammer remote access to the computer hard drive.

In another telephone scam, a caller claims to be an IRS employee who says the taxpayer has not cashed a refund check and asks the person to verify his or her bank account number.

On Tuesday, at a Senate Finance Committee confirmation hearing for Douglas Shulman, the nominee to be IRS commissioner, Sen. Charles Schumer, D-N.Y., expressed concern that taxpayers would be victimized by tax prepares and lenders who charge high interest rates for short-term advances on their stimulus rebates.
The IRS advised people not to click on any link from an e-mail purporting to come from the tax agency. People receiving questionable e-mails can e-mail the IRS at phishing@irs.gov for assistance.

American Bankers Association issued the following information on January 8th, regarding two new trends in identity theft scams.

New Scam Trend No. 1 -- ‘Whaling’

According to various Internet reports, yet another variant of phishing, aimed at specific corporate leaders, has developed to the point that it has its own name now -- whaling. In fact, this is a more sophisticated variant of the practice known as “spear phishing,” in which criminals try to trick specific individuals by name into divulging online their confidential information.

In whaling, the criminals go after the really big targets -- company CEOs and other C-level executives.

On one day in June, MessageLabs, an international messaging security firm, documented more than 500 individual e-mail attacks targeting individuals in senior management positions within organizations around the world. Names and job titles of the victims were included in the subject lines of the e-mails. The e-mails had an attached Word document that contained a hidden code which, when opened, would activate a trojan component that would then compromise the victim’s computer.

Even worse, the company detected associated attacks on family members of the corporate executives, in an attempt to gain indirect access to confidential information through home computers.

“With social networking tools such as Face Book, Linked In and MySpace now highly populated with valuable content, personal information and sought-after details, it is easier than ever for the bad guys to harvest the personal details needed to personalize their attacks,” said MessageLabs’ Mark Sunner.

New Scam Trend No. 2 -- Targeting Troops

The Stars and Stripes newspaper last month told a story about how the grandmother of an Iraq-stationed soldier received a call from a stranger who said the soldier was on his way home but had lost his wallet.

The stranger asked the grandmother to wire $800 to him in order to help the soldier pay a surprise visit home to his family. Fortunately, the grandmother was immediately suspicious. She called her grandson directly, who confirmed to her that it was a scam.

The FBI Internet Crime Complaint Center last summer warned about similar scams involving e-mail. The use of a phone seems to be a variant. In any case, authorities say to record as much detail as possible about such communications and to report them to local or federal law enforcement. Complaints may be filed on the FBI center's website.

Tips for Protecting Yourself from Identity Theft and Other Scams

• If you did not initiate the contact, never provide personal information, account or
social security numbers or passwords over the phone or the Internet.

• Do not use your mailbox for outgoing mail (like credit card payments), and always
remove incoming mail as soon as possible after it arrives. For added security, opt
for direct deposit of your payroll and electronic delivery of bank statements, credit
card bills, and other mailings containing personally identifiable information, so that
it’s not available for thieves to access.

• Limit the number of cards (identification, credit and debit) that you carry. If they’re
stolen, you’ll have fewer to replace.

• Never click on a link provided in an email that you believe is fraudulent. Contact the
  company directly using a page you already have bookmarked or using contact
   information provided on your last statement.

• Never write down or share access codes, PINs or passwords. Memorize them
  instead.

• Detect fraud early by reviewing account statements on a regular basis. Up-to-the-
minute transaction information is always available for Danversbank customers
through Online Banking.

• Shred all personally identifiable documents before putting them in the trash.

• If your Social Security number is your driver’s license number, contact the Registry
of Motor Vehicles and ask for a state-issued driver’s license number.

• Do not use easy-to-guess passwords, like parts of your birth date, address, phone
number, children’s names, pets’ names, etc.

If you do fall victim of identity theft or fraud, follow these steps:
1. Contact us immediately to notify us.
2. Call one of the three major credit reporting bureaus, to obtain a credit report (you
    are entitled to one free per year) and place a fraud alert on your file: Equifax 800-
    525-6285; Experian 888-397-3742; TransUnion 800-680-7289.
3. Report all suspicious contacts to the Federal Trade Commission through their
    website or by calling 1-877-IDTHEFT.

Definitions
Phishing: Internet perpetrators send spam or pop-up messages to unsuspecting victims, usually providing a link so that the victim can “update,” “validate” or “confirm” account and personal information. Phishing scams usually threaten dire consequences if the recipient does not comply, like frozen accounts or denied access.

Vishing (voicemail fishing): Similar to email phishing, vishing traps people into revealing account numbers and other confidential personal information. In one example of vishing, customers of a bank in California received emails saying their online banking access had be disabled because the bank detected unauthorized access. The customers were instructed to call a phone number that brought them to an automated attendant who requested account numbers and PINs. Needless to say, it was a fraudulent email and it was not the bank behind that automated line.

Skimming: Thieves steal debit and credit card information using “skimming” devices (like circuit boards or hand-held wireless units) to steal the data from card-swipe machines (like ATMs or point-of-sale terminals in stores).

Foreign Sweepstakes or Lotteries: Official-looking letters, faxes or emails may arrive pushing foreign lotteries and their enticing odds, or claiming that the recipient has already won such a sweepstakes. Victims lose money when they are instructed to send a wire or a cashier’s check to buy their lottery tickets or pay for the taxes associated with the prize they’ve already won.

Jury Duty Scam: A caller claiming to be a court official tells the victim that a warrant has been issued for his or her arrest because of skipped jury duty. The scammer will ask for victim’s social security number and date of birth to verify the information and cancel the arrest warrant.

Obtaining Your Free Credit Report
The Fair and Accurate Credit Transactions Act (FACT Act) requires each of the three credit reporting agencies to provide you a free copy of your credit report, at your request, every twelve months. You can visit the Annual Credit Report website to request your report from Equifax, Experian and TransUnion. If you'd like to contact each reporting agency individually, phone numbers are below:

Equifax 800-685-1111
Experian 888-397-3742
TransUnion 800-888-4213