Important Service Disruption:
When it comes to protecting your business from fraud and cybercrime, it pays to know the latest threats. That’s why NBT Bank is committed to providing you with the most up-to-date information and alerts. Click the headings below to learn more about recent scams and tactics being used by cyber criminals.
Here at NBT Bank, we prioritize the safety of our customers by constantly enhancing our security measures and educating customers on how to #BeCyberSmart and remain #CyberAware. There are several steps you can take to make sure your information and your devices are always protected against cybercrime. We’re sharing three simple steps to help you Own IT. Secure IT. Protect IT. These tips encompass all necessary actions to protect your most valuable information. The focus to #BeCyberSmart is to be intentional with your online activity.
Own IT: Keep track of the information you’re sharing online and what rights those platforms have to it. Regularly maintain privacy settings and manage your information.
Secure IT: Establish unique passwords and keep them private. Set up multi-factor authentication when available and never write down your login credentials. Ensure that you’re the sole person that can login to your accounts.
Protect IT: Be cautious when you see an email that looks suspicious. Never click on links or attachments if an email seems unusual or you don’t know who it’s from. If you receive a suspicious email that claims to be from NBT Bank, notify us by emailing ReportFraud@nbtbank.com.
The effort to raise cybersecurity awareness doesn’t stop. We encourage you to explore the Fraud Information Center to learn more about how to prevent, protect, and report all suspicious banking activity. This information is updated on a regular basis.
If you think you might have been the victim of a scam or other form of cybercrime, contact our team right away by calling 1-800-NBT-BANK. Customer service representatives are available Monday through Friday from 7:00 a.m. to 7:00 p.m. and Saturday from 9:00 a.m. to 12:00 p.m.
It’s a normal day in your business’s payroll department when an email comes in posing as an employee. The email asks to have payroll switched to a new account. The payroll is switched with no questions asked and everything seems OK. Fast forward two weeks when the direct deposit hits. The employee calls asking why their payroll deposit was never made. Turns out, they never requested a changed in their direct deposit, and the fraudsters have been paid instead.
To avoid falling victim to this scam like this, look for these red flags:
In order to avoid being a victim, set up extra verification steps when employees request a change in their payroll. If your company requires a signed form, compare signatures with what you have on file. If you receive an email that seems suspicious, contact the employee directly via a known phone number.
At NBT Bank, we take steps to monitor and protect all our customer’s account. If you believe you’ve been the victim of this scam, contact your local branch or call 1-800-NBT-BANK. Customer service representatives are available Monday through Friday from 7:00 a.m. to 7:00 p.m. and Saturday from 9:00 a.m. to 12:00 p.m.
NBT Bank continues to receive reports of phishing emails targeting customers and non-customers containing suspicious links. Phishing is a fraud attempt where an individual is asked to click on links or attachments in an email or other type of message to gather personal information or cause damage to a computer or network.
In the latest phishing attempt, fraudsters are sending emails impersonating NBT Bank to advise you about a low balance on your account, updating your account information or there is unusual activity on the account. There is a link at the bottom that directs you to a fake website to input login credentials and personal information. The fraudsters take this information and immediately use it to take over your account and change the username and password so it’s not accessible.
Pictured is a sample of the fraudulent emails. Please be advised that even if body of the email is different or appears to be coming from a different sender, any similar emails could be a phishing attempt.
If you believe you have received a phishing email and shared your personal information, please call NBT Bank immediately at 1-800-NBT-BANK.
NBT Bank has recently noticed an increase in a type of fraud referred to as Business Email Compromise (BEC). This occurs when fraudsters fool an employee into submitting a wire transfer by posing as a supplier, vendor, or business partner. In a new variation of BEC, fraudsters are using spear phishing attempts. Spear phishing refers to targeted emails going to a specific department or line of business. For example, the accounting and finance department or payroll.
The email contains a link to what looks like an encrypted file. When clicked, the user is prompted for their username and password on a fake login screen. With this information, fraudsters can sort through their emails for invoices, communications with banks, or other important financial information. They also use this information to make rules in the user’s inbox to automatically forward emails for real time information. Most recently, there has been an increase in attacks toward healthcare, professional services, higher education and real estate closing companies.
If you have any questions, please contact NBT Bank Cash Management Support at 800-NBT-Bank (628-2265), option 8.
Ransomware attacks continue to increase in frequency, and are becoming more sophisticated and targeted, meaning that an email containing an infected attachment can seem like it is coming from a trusted source such as a vendor or company. Malicious emails often no longer contain the typical indicators of phishing attempts, such as poor grammar and spelling, or "from" addresses which you do not recognize. It is extremely important to review all emails for content and purpose, and never open any attachments before verifying that the email is intended for you and is something which you were anticipating for a specific purpose.
What is Ransomware, and how does it happen to you? Ransomware attacks begin when an individual clicks on a malicious link or attachment in an email. Ransomware will then encrypt, or 'lock' all of the files on the user's computer, rendering the files unusable and inaccessible. After the files have been encrypted, the user will be prompted to pay a ransom to unlock their files.
Who is vulnerable? Ransomware attacks can be perpetrated against anyone, and caution must be practiced at all times.
How will you or your business be impacted?
If you fall victim to a Ransomware attack, the impact to individuals and businesses can reach far beyond removing the infection and recovering your files, and could also include:
How to protect yourself: Prevent, Detect, Respond
For More information on Ransomware including an example of what a ransomware email might look like, please review our previous alert on Ransomware. It can be found by typing in the following web address into your browser:
If you have any questions, please contact NBT Bank at 1-800-NBT-Bank (628-2265)