Click here to download a printable, PDF version of this document
Meridian Bank is committed to safeguarding information relating to customers and visitors to our Online Banking system.
Protecting Your Business From Cyber-Thieves
Today, a world-wide network of cunning, organized criminals is engaging in cyber crime, netting billions from unsuspecting businesses. The threats are global in nature, highly sophisticated and often difficult to prosecute. The technical term for this activity is "Corporate Account Takeover" and as a business owner you should be very aware of your company's vulnerabilities and take the necessary steps to mitigate this threat.
What is Corporate Account Takeover (CAT)?
Corporate Account Takeover is the business equivalent of personal identity theft. Small to mid-sized businesses are the main target of such attacks, however any business can fall victim. Corporate Account Takeover occurs when criminal entities obtain online banking credentials through a variety of tactics in order to drain accounts via ACH or wire transfers. Some common ways that a business system may be compromised by any of its employees are: Clicking on a link in an email that leads to an infected website
- Visiting legitimate websites, such as social engineering websites, that contain infected documents, videos or photos
- Using a flash drive that was infected by another computer
- Opening an infected email attachment
Sound Business Practices
It is important that business owners take steps to protect sensitive financial information and educate all users about cybercrimes. In an attempt mitigate these threats the following business practices are advised:
- Use appropriate tools to prevent and deter unauthorized access to your network including firewalls, anti-malware and encryption of laptops, hard drives VPN's or other communication channels.
- Install robust anti-virus and security software for all computer workstations and implement multi-layered security technology.
- Apply operating system and application updates regularly (patches).
- Disallow workstations used for online banking to be used for general web browsing and social networking.
- Disallow the conduct of online banking activities from free Wi-Fi hotspots such as airports or internet cafes.
- Educate all employees to think critically about all phone calls and emails received. If an email is suspicious, do not click on the link or open the attachment.
- Establish users for each employee and limit administrative rights.
- Maintain up-to-date contact information with the Bank.
- Stay informed about cybercrimes. Threats change rapidly and it is important to be aware or current trends in order to ensure your security practices are current.
- Reconcile accounts daily and contact Meridian Bank immediately to report any suspicious activity.
Financial Institution Security Controls
Business customers should take full advantage of options offered by Meridian Bank in order to reduce the risk of fraud. The following controls are recommended for customers who use the ACH or Wire modules through Meridian's online banking service, Net-Teller:
- Security Tokens
- Dual Control
- User Limits
- Email Alerts
- IP Restriction
- Online Access Time Restriction
Contact a Meridian Bank Representative at 866-327-9199 to discuss these free security options.
Meridian Online Banking uses advanced security procedures and technology. All sensitive information is encrypted and online access requires a Personal ID and a Password known only to you. Do not share your Password with anyone!
When you Log In to Meridian's Online Banking, your User ID and Password are sent over the Internet from your computer to our system using Secure Socket Layer (SSL) technology. SSL encrypts your personal information before it leaves your computer, ensuring that no one else can read it. You can check that your Log In and your Online Banking session are secure in two ways:
* Look for the small padlock icon located in the lower right corner of your web browser window or in the address line. A closed, or locked padlock indicates a secure connection.
* Look for the letters "https://" at the beginning of the Web site address or URL in your Web browser. The "s" means secure.
It is very important that only you know your User ID and Password. This is the only way your account may be accessed. Three (3) unsuccessful attempts will lock out the User from Online Access to an account, requiring a call to the bank. During your Online session, after a ten-minute period of inactivity, the system will prompt you to stay connected. No response to this prompt will result in your being logged off and require you to re-enter your User ID and Password.
How We May Use Information
How We Collect Information
Meridian Bank may store the information collected during your Online visit in an electronic database. Security measures are in place to prevent the loss or misuse of such of data.
Third Party Web Sites
Privacy and Children
Meridian Bank does not knowingly collect information on, nor market to children.
Your Role in Security
- Don't use obvious words or numbers or those based on easily accessible information for your User ID and PIN.
- Ensure that no one is watching when entering your Login ID and PIN.
- Memorize your PIN! Even the best PIN is worthless if it's written on a Post-It attached to your computer or is noted in your checkbook. If you must record your Login ID and PIN, keep them in a safe, secure location.
- Do not share your Login ID and PIN with anyone. If you think your PIN has been compromised, immediately change it online and contact the Bank right away.
- If you'll be away from your computer for any length of time, log out of Online Banking.
- Never give account information to anyone over the telephone unless you've initiated the call and you are 100% sure who you're talking to. We do not solicit information (SSN, account numbers, credit card numbers, passwords, etc.) by means of email. So, if you receive an email requesting confidential information from someone claiming to represent the bank, do not respond to the email. Call Meridian immediately to report any such activities.
- Change your User ID and PIN as often as you wish. (We recommend changing your PIN at least once each month.) Review your account information often. Report any unusual activity immediately.
- Don't leave your computer unattended during an Online Banking session - click on "exit" to end your session.
- Once you have finished conducting your banking on the Internet, always sign off before visiting other Internet sites.
- Avoid using public Internet access terminals, such as those in hotels, airports, libraries or Internet cafes, when conducting your Internet banking.