Download the St Mary’s Bank app on Google Play.

Dismiss

Security Alerts

Listed below are the alerts that St. Mary’s Bank has recently received and/or experienced. You may contact our Member Contact Center for additional information at 1-888-786-2791. You can also sign-up for Fraud Prevention tips and alerts by clicking here.
 

1/30/2017 - Online/Mobile Banking Scam - Requesting Your Logon

St. Mary’s Bank is aware of a scam where fraudsters request members to provide their online banking user name and password in order to have funds deposited to their accounts. Members have been contacted through email, text message, or online conversation.

The fraudsters claim they will deposit money from a friend, for a work-from-home job, for an approved loan, etc. but there is NEVER a legitimate reason to provide your private online banking logon to anyone who does not already have access (e.g. joint owner, signer). The fraudsters will either deposit counterfeit checks that get returned and could cause you a loss OR they will now have access to all of your checking, savings, home equity line, etc., and the fraudsters can withdraw funds up to allowed balances at any time. And because you gave them this unrestricted access, you become fully liable for these transactions and may not be able to recover any losses! If you have provided this access, please contact our Member Contact Center immediately at 888-786-2791, and of course, contact us with any other questions or concerns.
 

10/7/2016 - Beware of Recent Scams to Local Consumers


St. Mary’s Bank is aware that local residents have been targeted by fraudsters in Jamaica calling from area code 876. The fraudster may indicate that you have won a lottery, that a relative is in trouble and needs money, or that the fraudster is representing law enforcement to help you recover funds from a prior scam, and they need money to pursue the case. We are also aware of scams coming from all areas of consumers being asked to provide their online banking logon. Fraudsters claim to be asking for the credentials in order to have funds automatically deposited to their accounts for a loan advance, work from home job, or from a “friend” they’ve been speaking with online. Regardless of where calls, emails or texts originate from, follow the steps below to protect yourself from potential scams.
  • Never provide your online banking logon to anyone. Once you provide this access, you may be liable for losses! Even a joint owner on your accounts should have their own logon.
  • Never provide private information to any caller (your debit/credit card number, your social security number, etc.) unless you initiated the call to a company well known to you.
  • Never send money based on a phone, email or text request unless you can positively confirm this is someone well known to you in person.
  • Be extremely cautious of anyone asking you to send money via Western Union, Moneygrams, Greendot card or other non-bank means especially if you did not initiate the contact or you are speaking to someone that you don’t know in person.
  • Law enforcement will NEVER ask for money to help you recover from a scam.
If you have any questions or concerns, please contact our Member Contact Center at 1-888-786-2791.
 

6/14/2016 - Exercise Caution in Choosing to use Cards at Wendy’s

Wendy’s has confirmed a few days ago through NBC News that a second variant of malware has been discovered and that the number of franchise restaurants impacted will be “considerably higher” than the 300 originally reported. Wendy’s has not yet provided a list of affected restaurants, and St. Mary’s Bank continues to see increased fraud on cards that coincidentally have been used at various Wendy’s locations. Because of this, we strongly advise you to use extreme caution in choosing to use your cards at any Wendy’s location until Wendy’s provides additional information on the affected locations or until they report that the breach has been fully contained.

Wendy’s customers may call a toll-free number (888-846-9467), or email PaymentCardUpdate@wendys.com with specific questions.
 

5/27/2016 - Wendy's Data Breach

Wendy’s has publicly reported on 5/11/16 that they have seen unusual card activity and malware installed on some of their point of sale systems and that their investigation is ongoing. Because Wendy’s has not yet concluded their investigation, members should be aware of this and closely monitor their card activity. More information can be found here: http://www.foxnews.com/tech/2016/05/11/wendys-data-breach-hit-5-percent-our-restaurants.html


5/12/2016 - Yahoo/Gmail/Hotmail Password Compromise

It was recently reported that over 40 million Yahoo, 33 million Hotmail, and 24 million Gmail passwords were stolen by a young Russian hacker. While the data may have been old and vendors have indicated they will notify affected users, this serves as a courtesy notification to you that if you have one of these type of mail accounts, we recommend you be proactive and do the following:
  • Change your password
  • Use multi-factor authentication any time it is offered (e.g. a private activation code is sent to you in order to reset/change your account)
  • Set up an alternate email or cell phone so that if/when changes are made you are sent a text or email of the change so at the very least you are aware if someone makes a change that you did not authorize
If you have any questions about these types of accounts, you should go to the vendor’s website and review the frequently asked questions section or contact their support.
 

4/12/2016 - Manchester Police Discover and Remove Skimming Device On McGregor Street Drive Up ATM

On Sunday, April 10, Manchester Police discovered and removed a skimming device that had been applied to the drive-up ATM at the headquarters location on McGregor Street. It was identified the device had been placed on the ATM on Saturday, April 9 at 4:42 a.m.

We are proactively issuing new debit cards for any St. Mary’s Bank member who used the ATM during the hours the skimming device was present. Additionally, we have increased fraud monitoring on affected cards. There has been no fraud reported.

Visa and ATM networks have been alerted to the incident to inform other financial institutions. Cardholders of other financial institutions, are encouraged to contact their bank or credit union.

It is important to note, consumers are not liable for fraudulent transactions. It is always a good practice to monitor account activity and statements. If anything unusual is found, it should be reported immediately.

St. Mary’s Bank members with questions may call 1-888-786-2791 or visit any branch office.

Read this article for tips on "How to Spot and Avoid Credit Card Skimmers" - http://www.pcmag.com/article2/0,2817,2469560,00.asp
 

3/20/2015 - NCUA Warns Consumers about "National Credit Union" Phishing Scam

The National Credit Union Administration (NCUA) is warning consumers of an online phishing scam that uses a website with similar logos and designs to the agency’s own site, in an attempt to defraud consumers. Consumers have received emails from the National Credit Union website which originates in Australia and claims to offer services in the U.S. and Europe. The emails are an attempt to persuade individuals to provide personal information such as Social Security numbers, account numbers and login credentials or to transfer large sums of money. 

The NCUA is not affiliated in any way with this website and the emails are not from the NCUA. Consumers should not provide information to the website or conduct any financial transactions through it. The NCUA would not request personal or financial information in this manner. See the NCUA’s Privacy Policy for more information (http://www.ncua.gov/about/pages/Privacy.aspx)

If you have any questions or concerns, feel free to contact our Member Contact Center at 1-888-786-2791.

1/5/2015 - Anthem Breach

Anthem reported that they were a victim of a sophisticated cyberattack resulting in information being accessed including names, health ID numbers/Social Security numbers, dates of birth, addresses, telephone numbers, email addresses and employment information, including income data.  The FBI is investigating the matter and Anthem will be contacting its customers directly to provide free credit monitoring but in the meantime, you should continue to pay close attention to your account statements and credit reports…you can view your free credit report at www.annualcreditreport.com. Because the fraudsters may have obtained so much private information, you may be more vulnerable to social engineering attacks such as fraudsters posing as valid representatives from Anthem, your employer or your financial institution. You should be very suspicious of any calls asking you for information or emails with links or attachments asking you to verify information or that create a sense of urgency requiring immediate reply or action.  You should instead contact these companies by going to their known website directly or calling them from a known phone number (e.g. from the back of your card).
 
Anthem has created a website, www.anthemfacts.com, and a hotline, 1-877-263-7995, to call for more information, and has shared their Frequently Asked Questions (FAQs) that further explains the cyber-attack.  As always, you can also contact us with any questions or concerns as well.

10/3/2014 - JP Morgan Chase

JP Morgan Chase announced that over 76 million consumers’ information had been hacked.  They have reported that no account information was included but what was included are names, addresses, phone numbers and email addresses.  This could potentially put consumers at higher risk for social engineering calls or phishing emails in order for a fraudster to entice you to divulge more information about yourself or your accounts.  If you get any emails or phone calls that appear to be from legitimate sources but are requesting private information from you, do not respond and instead contact the company from a known source (e.g. directly from their website or from a phone number on the back of your debit/credit card…do not click any links in the email).  Even if the sender claims that there is fraud on your account, if they are asking for more information other than simply verifying a transaction, remember that you are not liable for unauthorized transactions if reported timely so do not feel pressured into responding.  If you have any questions or if you have provided private information that is concerning to you, please contact our Member Contact Center at 1-888-786-2791.

9/9/2014 - Home Depot Breach

You may have heard on the news today about a breach involving Home Depot that may have compromised credit and debit cards. At this time we are not reissuing debit or credit cards, but please be assured that St. Mary’s Bank utilizes real time fraud monitoring to identify and help prevent unauthorized transactions and members would be notified of any potential issues. Members should also take action by ensuring statements are reviewed timely, as well as monitoring accounts through online banking. Any unauthorized transactions reported timely to St. Mary’s Bank are covered by VISA’s zero liability protection with provisional credit provided quickly to our members. If you have any questions or concerns, feel free to contact our Member Contact Center at 1-888-786-2791.

8/15/2014 - Shaw's Data Breach

You may have heard on the news today about a breach involving Shaw's Supermarket stores that may have compromised credit and debit cards. Please be assured that St. Mary’s Bank utilizes real time fraud monitoring to identify and help prevent unauthorized transactions and members would be notified of any potential issues. Members should also take action by ensuring statements are reviewed timely, as well as monitoring accounts through online banking. Any unauthorized transactions reported timely to St. Mary’s Bank are covered by VISA’s zero liability protection with provisional credit provided quickly to our members. If you have any questions or concerns, feel free to contact our Member Contact Center at 1-888-786-2791.


4/10/2014 - Heartbleed Internet Security Bug

You may have seen on the news a recently identified vulnerability called "Heartbleed" that impacts many secured websites that could compromise passwords. Please be assured that we have verified with our online banking and bill payment vendors that these sites are not vulnerable, and your information remains secure. If you have any questions or concerns, feel free to contact our Member Contact Center at 1-888-786-2791.

1/10/2014 - Target Data Breach Update

Target stores disclosed today that a data breach discovered last month exposed not only card data, but also the names, mailing addresses, phone numbers and email addresses for up to 70 million individuals. Fraudsters could use the phone and/or email information to send specific phishing emails or calls to you in order to convince you to provide even more private information (e.g. PIN, last 3 numbers from the back of the card). You should NEVER provide private information to anyone based on an email or phone call you did not initiate. You should also never click a link within any unsolicited email or even any expected email if you cannot validate it (e.g. verifying a security code specific to you, verifying it includes the last 4 of the account number associated with the sender).  If you have any questions or concerns, feel free to contact our Member Contact Center at 1-888-786-2791.

12/19/2013 - Target Data Breach

You may have heard on the news this morning about a breach involving Target’s physical stores that may have compromised millions of credit and debit cards. Please be assured that St. Mary’s Bank utilizes real time fraud monitoring to identify and help prevent unauthorized transactions and members would be notified of any potential issues. Members should also take action by ensuring statements are reviewed timely, as well as monitoring accounts through online banking.  Any unauthorized transactions reported timely to St. Mary’s Bank are covered by VISA’s zero liability protection with provisional credit provided quickly to our members.  If you have any questions or concerns, feel free to contact our Member Contact Center at 1-888-786-2791.

11/18/2013 - Fraudulent Credit Report Pop-Up Scam Targeting Online Banking Users

St. Mary’s Bank has been made aware of a recent scam targeting online banking users. There have been reports of a pop-up window opening upon logging into our online banking site. The pop-up window advertises credit reports and falsely implies that St. Mary’s Bank is involved with the company that is displaying the advertisement. If you encounter this pop-up message, please do not click on any links, or provide financial and sensitive information. St. Mary’s Bank does NOT have any connection to the company displaying the advertisements, and your individual computer likely has a virus or malware that needs to be removed. Please remain alert when logging into anyonline banking site as the virus/malware is targeted to individual users’ computers and not to specific financial institutions. What you should do to protect yourself from these types of scams:
  • Ensure all software is kept up to date including operating systems, internet browsers, Java, etc.
  • Ensure your anti-virus and malware software is up to date and that you scan your computers regularly
  • Question any unusual login requirements, including pop ups requesting additional entry of user name/password, or entering of financial and personal information
Please contact our Member Contact Center at 1-888-786-2791 if you have any concerns of unusual activity or suspected compromise.

7/30/2013 - Debit Card Deactivation Scam

We have reports of members receiving calls (possibly from 888-997-1234) stating that their debit cards have been deactivated. These calls are not coming from St. Mary's Bank. If you received one of these messages and responded by entering your card number, expiration date and PIN, please contact us immediately to prevent unauthorized withdrawals.

5/16/2013 - Phishing Email Scam

We have received reports of fraudulent emails circulating. The email instructs the individual to contact their Financial Institution about a fraudulent transaction on their debit card from Wal-Mart in the amount of $960.86. These emails are fraudulent and not coming from St. Mary’s Bank or any other financial institution.  If you responded to one of these emails and provided any information such as your debit card number, expiration date and PIN, please contact us immediately to prevent unauthorized withdrawals from your account.   Contact Options

1. 
Call our Member Contact Center during normal business hours: 1-888-786-2791 or 603-647-1111 Monday - Friday 8:30 a.m. - 7 p.m.
Saturday 9 a.m. - 12:30 p.m.

2. Outside of normal business hours, call the 24/7 hour support line: 1-888-241-2510.

3. Use the online service anytime if you are already signed up for online banking:
Just follow these simple directions:
  1. Log on to your online banking account
  2. Under “Preferences” select the option “Report Lost ATM / Debit Card”
  3. On this screen, you will see the ATM/Debit cards linked to your account(s).
  4. Check on the card you wish to deactivate and click submit.
  5. Once your ATM / Debit card has been deactivated, a new card will be automatically mailed to you.
You should receive your new card within 7-10 business days.

4/1/2013 - Debit Card Deactivation Scam

We have reports of members receiving calls (possibly from ) stating that their debit cards have been deactivated. These calls are not coming from St. Mary's Bank. If you received one of these messages and responded by entering your card number, expiration date and PIN, please contact us immediately to prevent unauthorized withdrawals.

11/15/2012 - Malware Targeting Online Banking Users

A new variant of malware is being used that is unknowingly being installed on user’s computers.  Once the user logs on to any online banking site, the malware creates a pop up that asks the user to enter their user name and password a second time….it’s at that time the malware collects logon information to be used to compromise the accounts and perform unauthorized transfers.  We strongly encourage use of the following prevention methods:
  • Ensure all software is kept up to date including operating systems, internet browsers, Java, etc.
  • Ensure your anti-virus software is up to date and that you scan your computers regularly (weekly is recommended)
  • Question any unusual login requirements including pop ups requesting additional entry of user name/password or installation of “upgrades”
  • Contact our Member Contact Center at 1-888-786-2791 if you have any concerns of unusual activity or suspected compromise

4/4/2012 - NetTeller - Phishing Emails

Our online banking vendor has notified us that phishing emails are being sent to members who may use Netteller Online Banking.  These emails have an address of customer _service @cm.netteller.com with the subject line of NetTeller Watch Notice.  These emails are NOT coming from St. Mary’s Bank or any valid online banking company so you should not click on any links contained in the email.  If you clicked on any link, you should perform a full scan of your computer using your updated anti-virus or other anti-malware tool and you should not logon to any secured sites until you are sure your computer is not infected.  If you provided any private information including your online banking credentials, please contact us at 1-888-786-2791 so that we may take further action to secure your private information and/or accounts.

3/23/2012 - Phony Text Messages

We have reports of members receiving text messages allegedly from their "credit unions" stating that their debit cards have been deactivated. These are not coming from St. Mary's Bank. If you received one of these messages and responded by entering your card number, expiration date and PIN, please contact us immediately to prevent unauthorized withdrawals:
Contact Options
1. Call our Member Contact Center during normal business hours:

1-888-786-2791 or 603-647-1111
Monday - Friday 8:30 a.m. - 7 p.m.
Saturday 9 a.m. - 12:30 p.m.

2. Outside of normal business hours, call the 24/7 hour support line: 1-888-241-2510 

3. Use the online service anytime if you are already signed up for online banking:

Just follow these simple directions:
  1. Log on to your online banking account
  2. Under “Preferences” select the option “Report Lost ATM / Debit Card”
  3. On this screen, you will see the ATM/Debit cards linked to your account(s).
  4. Check on the card you wish to deactivate and click submit.
  5. Once your ATM / Debit card has been deactivated, a new card will be automatically mailed to you.
You should receive your new card within 7-10 business days.

4/27/2011 - Sony Playstation Gaming Network Security Breach

It was reported in the news recently that Sony Playstation’s online gaming network was recently breached.  This network allows Playstation users to connect to other players on the Internet to compete and play against each other. It’s been reported that user names, home addresses, email addresses, date of birth and passwords were compromised. At this time there’s no evidence of compromised debit/credit card data but Sony has not ruled out that concern; Sony is in the process of notifying users. If you have used your St. Mary's Bank debit card on the Playstation network recently, please contact our Member Contact Center at 1-888-786-2791, so we may reissue you a new card. You should also be aware that you must change your Playstation password before updating any debit/credit card information with the Playstation network.

4/5/2011 - Epsilon Data Breach

You may have received notification that your email address and possibly your name was compromised due to a data breach at Epsilon, an online marketing company that runs loyalty programs for many large companies such as Target, Capital One, Walgreens and Best Buy to name a few. At this time no private financial data appears to be involved in the breach but the concern is that a fraudster could use your email address to target you with a phishing email specific to a particular company you’ve done business with which may make you more likely to fall for the scam. If you receive any email noting you may have fraud or requesting private information or validation of such information, contact the company at a known phone number or directly thru their website (NOT thru an attached link). You should not click on any links or open any attachments in these emails as they could contain malicious code.

3/17/2011 - Fraudulent e-mails claiming to be from NACHA (The Electronic Payments Association)

We received an alert from NACHA that their information is being used in a phishing email scam.  The emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments claiming that there’s been an error in the processing of the member’s transaction.  NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions.  Please be advised of the following:
  • Do not click on any links or open any attachments from unknown senders as these could contain malicious code and/ or may route you to fake websites.
  • If you have opened any attachments, you should ensure your anti-virus is up to date. Make sure you perform a full scan of your system.
  • If you clicked on a link to a website and provided banking data, you should close your accounts. If they provided private personal data (e.g. DOB, SSN, mother’s maiden), they should place a fraud alert with the 3 major credit reporting agencies (Equifax 800-525-6285, Experian 888-397-3742, TransUnion 888-397-374888-397-3742).
For more information please visit the NACHA alerts webpage by clicking here.

4/22/2010 - Current Phone Scam

NH residents are being targeted with phone calls claiming to be from the person’s “bank” stating there are fraudulent transactions on their debit card or account.  If you receive such a call, do not provide any private information including your debit card number or account number.  If you have provided this information, please contact us immediately at 1-888-786-2791. 1/27/2010 - The American Bankers Association (ABA) recently reported fake emails using their name and fraudulently alerting consumers of unauthorized transactions to their bank card.  The email instructs the consumer to click on a link to receive a transaction report but the email is a fraud and you should not click on the link as it could install malicious code onto your PC without your knowledge.  St. Mary’s Bank will NEVER notify you of unauthorized transactions in this manner.  If you have responded or provided private data, please contact our Member Contact Center at 1-888-786-2791 for assistance. See the section of this site labeled “E-mail Scams” for more information.

Fraudulent Email Link

We have received notice that some of our members may be receiving emails referencing a security alert and redirecting the user to a fraudulent link. The link or website may look exactly like the legitimate website but in fact is a “dummy” site that is set up to collect the private information you provide in order to commit identity theft or to initiate unauthorized transactions. You should never call the number or visit the website provided in the email…rather contact the sender at a known number or website directly. Learn more about these types of scams here.

12/04/2008 - Invalid Website Certificates

Have you ever gone to a secure website and received a warning box that the security certificate is invalid and if so, what should you do?  Secure website certificates are issued to help ensure that you are actually at the secure website you selected and have not be re-directed to a bogus website.  If you receive a pop-up or warning box that the certificate is invalid or expired, you should not proceed any further especially if this is a website in which you intend to enter private information such as account or login information that can then be used to commit identity theft or unauthorized withdrawals.  You should instead contact the company at a known phone number (i.e. from your bank statement or from the back of your credit/debit card).  If you have any questions or feel that you may have been compromised, please contact our Member Contact Center at 1-888-786-2791.

9/30/2008 - Please be aware of “smishing” scams which involve fraudulent text messages.

The text messages appear to come from legitimate companies and note some urgency in order to protect your finances or avoid unauthorized debits.  Typically the user is asked to call a certain number and enter ATM/Debit card info or on web-enabled phones may be asked to click on a link that could contain malicious code or direct the user to a fraudulent website in order to obtain private data.  Please be aware that legitimate companies do not notify customers in this manner and that St. Mary’s Bank will never send a text of this nature.   If you have responded and provided private data, please contact our Member Contact Center at 1-888-786-2791 for assistance.

03/19/2008 - Advance Fee Loan Scams

The FDIC has reported an increase in Advance Fee Loan Scams that prey on consumers who may be under financial duress and may be looking for “guaranteed” loans or are promised loans in return for fees paid upfront by the loan applicant.  The following are warning signs that may indicate a loan offer is not legitimate:
  • The loan approval is "guaranteed." Lenders do not typically guarantee loans before analyzing the applicant's financial condition, credit history and ability to repay.
  • The loan applicant is required to pay upfront fees to a third party or individual. Loan fees are normally paid to a business after the loan has been approved.
  • The lender or loan processor may be located outside of the United States.
  • Fees are requested using a retail wire transfer system. A password is sometimes used by the overseas receiver to pick up the funds in an attempt to hide the true identity of the criminals and make funds more difficult to trace.

01/28/2008 - Mystery Shopper Scam

Various counterfeit checks have been received by members with instructions to evaluate Western Union locations as part of a “Mystery Shopper” program.  Instructions note to keep a portion of the funds as “salary” and to remit the larger portion via Western Union in order to evaluate the effectiveness and efficiency of the payment system.   Included may be an official looking questionnaire to note how friendly the representative was, if the area was clean, etc.  After the funds have been sent, the check is returned as counterfeit resulting in financial loss to the depositor. See the section of this site labeled “Checks/Mail Scams” for more information.

12/18/2007 - American Express $500 checks

American Express has reported that counterfeit $500 travellers and gift checks are in circulation.  If you receive American Express checks (or any other type of check) with instructions to deposit/cash the items and return some of the funds, do not do so as they are likely to be counterfeit! You may call 1-800-525-7641 to verify American Express checks. See the section of this site labeled “Checks/Mail Scams” for more information.

10/30/2007 - CUNA Phishing E-mail

Some members have reported receiving e-mails from “CUNA” asking that they call a phone number or click on a link to resolve a compromised credit card. Please be aware that CUNA has reported this as a phishing scam and you should not click on any link or respond. If you have responded and provided private data, please contact our Member Contact Center at 1-888-786-2791 for assistance. See the section of this site labeled “E-mail Scams” for more information.

8/13/2007 - Increase in Counterfeit US Postal Money Orders

We are seeing an increase in counterfeit US Postal Money orders being received by members through the mail. If you receive postal money orders (or any other type of check) with instructions to deposit the items and return some of the funds, do not do so as they are likely to be counterfeit! You may call 1-866-459-7822 to verify US Postal Money Orders or visit your local post office to determine if they are valid. See the section of this site labeled “Checks/Mail Scams” for more information.

7/3/2007 - Beware Fraudulent FDIC Mailings

FDIC reported that fraudulent emails, mailings and faxes are being sent out with the purpose of gaining sensitive personal information. FDIC never contacts banking customers directly and you should never respond to such requests. See the section of this site labeled “Email Scams” for more information.

6/12/2007 - Increase in Counterfeit Checks for Government Grants

We are seeing an increase in counterfeit checks being received by members for an alleged “grant” they have received from the US Government. While there are legitimate US grants available, these grants are typically for projects that benefit the community and require detailed accounting and oversight by the government. They are never checks randomly mailed out. Be wary of any check randomly received especially if you get instructions to deposit the check and return some of the funds to another individual. See the section of this site labeled “Checks/Mail Scams” for more information.  Please check this page again as we are constantly updating with new alerts. 
If you are interested in learning more about St. Mary's Bank Privacy and Security policy please click here.

Back to Fraud Prevention Center Home.