Northrim Bank
Achieve More
  • Personal Banking
  • Business Banking
  • Contact Us
 

Security Alerts
 

Home Depot Security Breach

September 29, 2014

Northrim is aware that Home Depot is investigating the theft of credit and debit card data from its stores. Initial investigation shows there is potential risk for transactions completed April 30 through August 24. Whether or not you have recently used your card at Home Depot, it is always a good practice to actively monitor your accounts and report any suspicious activity right away. We are currently working to determine which cards were affected and will be contacting those customers directly. Please read our FAQs below for more details and click here for the most recent information and resources direct from Home Depot.

Remember to always immediately report any unfamiliar charges to our Customer Service Center.

Home Depot Card Breach FAQs

  • How can I find out whether my card was affected?
    At this time, there is no need for customers to call Northrim. If fraudulent activity is detected on your account, Northrim will contact you.
  • Should I reset my PIN?
    The investigation is open and has not confirmed whether PIN information was compromised. It is good practice to reset your card’s PIN periodically. Update your PIN at any Northrim branch or ATM location.
  • Should I cancel my card?
    There is no need to cancel your card. Northrim Bank monitors accounts for suspicious activity and will notify affected customers.
  • What should I do if I see suspicious charges on my account?
    Monitor your account(s) through Online Banking and review your monthly statements carefully. You should notify Northrim promptly if you see any unauthorized activity.
  • If my card has been breached, will Northrim Bank reissue my card?
    Northrim has a highly sophisticated fraud detection system that is constantly monitoring account activity. If we determine your account is at risk, we will notify you and reissue your card(s).
     

Fraudulent Email Regarding Incoming Money Transfer

August 18, 2014

Northrim has received reports of fraudulent emails regarding an incoming money transfer. The email indicates that a money transfer has been received and instructs the recipient to review the attached file for transaction details. This email is fraudulent. The attachmed message is a zip file containing a malicious executable file that looks like a PDF document and infects the user's computer with malware. DO NOT open any attachments in the email. If you received this fraudulent email, please delete it immediately. If you downloaded or opened the attachment in the email, please contact our Customer Service Center immediately at 562-0062 or toll free at 800-478-2265. See a sample of the fraudulent email below. 

For more information on online security, please read the Online Security section below.

= = = = = = = Sample Email = = = = = = =

Incoming Transactions Report

An incoming money transfer has been received by your financial institution and the funds deposited to account.

Initiated By: Fiserv Inc.

Initiated Date & Time: Fri, 15 Aug 2014 23:00:11 +0700

Batch ID: 976

Please view the attached file to review the transaction details. 

= = = = = = = = = = = = = = = = = = = = = =


Svpeng and Dyreza Malware

June 18, 2014

Svpeng and Dyreza have recently emerged as mobile banking and web browser vulnerabilities. Although Northrim has not been affected by these malwares, we recommend our customers employ best practices to proactively mitigate risk. To learn more about how to reduce technology risk please read our Online Security tips below.

What is Svpeng?
Svpeng is a new malicious malware for Android devices. Svpeng searches for specific mobile banking apps on the device, then locks the device and demands money to unlock it. Svpeng breaks into a mobile device through a social engineering campaign using text messages.

What is Dyreza?
Dyreza or “Dyre” is a new family of banking malware that redirects the traffic to malicious servers, while end users think they have a secure connection with their legitimate online banking site. Dyreza is spread through spam e-mail messages such as "Your FED TAX payment ID [random number]" and "RE: Invoice #[random number].” These messages contain a “.zip” file often hosted on legitimate domains, to minimize suspicion.

If you have questions or concerns, please contact our Customer Service Center.


OAuth 2.0 Vulnerability

May 6, 2014

Recently a vulnerability in OAuth 2.0 & OpenID has garnered a lot of media attention. This vulnerability targets sites that utilize OAuth to exchange data between third-party apps, such as: Facebook, Google, Linked In, Yahoo, Microsoft, PayPal, & GitHub. Northrim Bank is not affected by this vulnerability. That said, we do recommend customers avoid clicking on unknown links or pop-up windows when browsing the Internet.

To learn more about how to reduce technology risk please read our Online Security tips below.

If you have questions or concerns, please contact our Customer Service Center.


Internet Explorer Zero Day Exploit

April 28, 2014

On April 26th, Microsoft acknowledged a critical vulnerability in Internet Explorer that could allow your computer to be compromised by simply visiting a website containing malware (malicious software). Microsoft has yet to release a patch for this vulnerability, but has listed several mitigating strategies here.

To protect yourself from this vulnerability we recommend that you avoid opening suspicious e-mails or clicking on third-party links. We have determined that our products are NOT affected by this vulnerability, but it is always a good idea before logging into Online Banking to confirm that you are on Northrim Bank’s homepage by looking for the green Northrim Bank lock icon in the address bar.

Internet Explorer:

Google Chrome:


Microsoft has made a patch for this vulnerability automatically available through Windows Update for all Windows 7 and later machines. Windows XP users need to contact Microsoft to obtain the patch, and earlier versions of Windows are still susceptible. If you have any questions or concerns, please contact our Customer Service Center.


Heart Bleed Bug

April 9, 2014

On April 7, 2014, security researchers announced a recently-discovered vulnerability called the Heartbleed bug. This bug could potentially allow attackers to access secure websites that use a specific software library, compromising the security of the server and its users.

Northrim Bank is committed to providing safe, secure, and reliable online banking solutions. We have verified that our personal and business online banking systems have not been affected by the Heartbleed vulnerability. At Northrim, we take security very seriously and are continuing to work with our other vendors to determine if they use the affected software in any of their products. To date, there are no known vendor vulnerabilities.

We are exercising the same level of due-diligence and security analysis for our new Alaska Pacific Bank customers in Southeast Alaska. We are working directly with Alaska Pacific Bank vendors to ensure all systems are safe and sound. To date, there are no known vendor vulnerabilities affecting Alaska Pacific Bank customers.

It is a best practice to use unique passwords for your online banking account and to change your password frequently (about every 90 days). Although we have validated that Northrim Bank and Alaska Pacific Bank’s online banking systems were not susceptible to the Heartbleed virus, if you have not changed your password recently, we recommend changing it the next time you log in to online banking by clicking on ‘My Settings’.

To learn more about how to reduce technology risk please read our Online Security tips below.

If you have questions or concerns, please contact our Customer Service Center.


Phone Phishing Alert

March 11, 2014

There have been reports of a phone phishing campaign. This phishing attempt starts with an automated phone call wherein the intended victim is told that their credit/debit card has been blocked and that the card can be unblocked simply by entering their card information. This is NOT a legitimate call and Northrim does not use automated systems to create such alerts.

DO NOT enter your card number. Connect with our Customer Service Center at 562-0062 or toll free at 800-478-2265 if you responded to the call or think that there is anything suspicious on your account.


 

Online Security — Avoid email and internet scams

If you use email and the internet, your information could be at risk. In 2008, more than 275,000 complaints of internet crime were reported to the Internet Crime Complaint Center, a partnership between the National White Collar Crime Center and the FBI. Alaska had the highest per-capita rate of complaints in the U.S., with three times as many complaints per capita as the next highest state.

Northrim Bank has invested in making our online banking services secure and reliable; however, your online banking is only as secure as the computer you use to access it.

How to protect your computer systems and data

 

  1. Make sure your computer software is up to date. This includes Operating System (Windows, Linux, or Mac), applications (Office, Internet Explorer, Safari) and plug-ins (Flash, Java, Windows Media). Most major software distributers have automatic updates that will keep your system protected.
  2. Install, and regularly update, reputable antivirus and anti-spyware software. Schedule your antivirus software to update automatically. Be wary of free antivirus software and clean-up tools from companies you've never heard of. They could in fact be malicious software that fixes one problem but creates many more.
  3. Use public computers with care. Do not access sites that require a personal logon, such as your online banking service, from a public computer.
  4. Guard your personal information. Use strong passwords with at least eight alphanumeric characters and special characters. Try not to use the same password on multiple sites. Never respond to emails or telephone calls with usernames, passwords, your social security number or other personal information. Northrim Bank already has this information so you do not need to tell them.
  5. Review your bank accounts regularly. Immediately report any suspicious activity to your financial institution.

 

Information that is phished includes:

 

  • Credit card numbers
  • Social security numbers
  • Deposit account numbers
  • User names and passwords

Phishing scams can be difficult to detect because Internet fraudsters have become very skilled at misrepresenting the businesses you know and trust. Emails created to phish information may contain stolen business logos or other visuals to mislead you into believing they are legitimate.

 

Take action

The Federal Trade Commission, a national consumer protection agency, recommends these tips to avoid phishing scams:

 

  • Do not reply to emails or pop-up messages that ask for personal or financial information.
  • Do not follow a link from an email. If you wish to check the validity of your website, type in the site name.
  • If you receive a suspicious email, check the validity of the message by contacting the business at a number you know is real.
  • Do not send personal or financial information in an email or email attachment.
  • When you transact business online, look for security indicators such as the lock icon on the browser’s status bar or a url address that begins with “https.”
  • Do not open attachments or download files unless you are confident of the source.

 

Be wary of any email that:

 

  • Tells you there is a problem with your account.
  • Directs you to website where you are asked to provide sensitive information.
  • Does not include a phone number you recognize to be genuine.

 

Report fraud ASAP

If you think you have been phished, act quickly to:

 

  • Contact your financial institution and/or credit card company to alert them to potential fraud.
  • Contact the three major credit bureaus listed below to request that a fraud alert be placed on your credit report.

 

Equifax
P.O. Box 740241
Atlanta, GA 30374
1-800-685-1111
Experian
P.O. Box 2002
Allen, TX 75013
1-888-397-3742
TransUnion
P.O. Box 1000
Chester, PA 19022
1-800-888-4213

The Federal Trade Commission (FTC) also investigates consumer fraud through the Bureau of Consumer Protection. You can forward unsolicited commercial email (spam), including phishing messages, directly to the FTC at spam@uce.gov.


Privacy Policy - We make sure that your personal information is protected and that you understand the policies that protect you.

Your Security - Information on identity theft prevention and detection from our Online Banking vendor, Digital Insight.

 

Video Learning Center

 

Member FDIC Equal Housing Lender

© 2014 Northrim Bank - All Rights Reserved