Security & Privacy

Butterfield Online Banking

Visit our Homepage
www.butterfieldgroup.com

Security & Privacy

At Butterfield we understand that website users are concerned about their privacy and the information we gather about them. Butterfield is committed to protecting the privacy of clients and customers using its website and ensuring that all transactions are as secure as possible.
We gather information about visitors to our website for internal tracking purposes, to evaluate our website s technical capabilities, to make our website useful to you and to respond to specific requests for information or services. Unless otherwise specified, we do not use the information we collect for other purposes and we do not sell the information we collect to any third party.
We may use cookie technology to learn certain information about every visitor to our website. Unless and until you register and log-in, this information does not relate to you as an individual. It is merely collected and analysed in the aggregate. The information we collect includes data about our user’s domains and web-browsers, the date and time of visits to our website, and the pages on our website that are visited and downloaded.
We only identify visitors if they voluntarily provide personal information to us. We keep any personal information voluntarily provided to us, and may use it to contact you for marketing purposes. Please note, however, that if you choose to send us an e-mail message, we will obtain your specific e-mail address and use that to respond to your message. Moreover, we may keep both the message you send, and our response.
Butterfield's Internet e-mail service is restricted to communications of a general nature. Financial instructions will not be acted upon if received via e-mail.
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. Incoming and outgoing messages are scanned for viruses.
Finally, please note that if you use a link to move from our website to another website, your browsing on that new website is subject only to the policies, including the privacy policy, of that site.
If any personal or account information maintained on Butterfield Online Banking is not correct, please contact us immediately. We will be happy to review and update our records as appropriate.

Digital Certificates
To help ensure the security of your account information while using Butterfield Online, we use a system involving VeriSign.
Find out more: For more about digital certificates, visit VeriSign website.

Encryption
Butterfield uses 128-bit Secure Sockets Layer (SSL) encryption. When you visit pages requesting or presenting sensitive personal or financial information, the data is encrypted to prevent third parties from accessing it in transit (look for the padlock icon on your browser)
Protecting yourself
It is important for our customers to properly protect their personal financial and security information. We recommend taking the following steps to guard against online and identity fraud:
• Download the latest security updates or patches for your web browser and operating system.
• Install anti-virus software and keep it regularly updated.
• Install a personal firewall to prevent unauthorised access to your computer.
• Install anti-spyware software to prevent unauthorised monitoring of your online activity.
• Learn to recognise the danger signs of online fraud, such as phishing – e-mail scams usually asking you to "update" or "verify" your customer account information.
Remember - Butterfield will never ask you to disclose your password or other sensitive information by e-mail.
• Protect your password and personal information at all times.
• Learn more: For more information and tips about safety online, we recommend visiting:
http://www.centralbank.org.bb/Financial/ElectronicBankingGuidelines.pdf

Fraudulent emails and phishing attacks
See the most common Phishing email examples as of September 24, 2006
Phishing Email Example: Update your profile.
Below is a sample of a fraudulent email sent to Butterfield’s customers purporting to be from Butterfield, but it is not. Its aim is to get you to re-enter your account information and then to use this information to commit fraud.
The email link appears to be genuine but its actual URL address is not. To ensure a legitimate and safe sign on, always enter www.butterfieldgroup.com or www.butterfieldonline.bb in your browser and never click on a link within an email.
Every Internet user should know about spoof, phishing, pharming or hoax emails that purport to be from Butterfield. Watch out - some emails look surprisingly genuine!
PLEASE REMEMBER – We will never ask you to disclose your security and personal details by email.
What to do if you receive a fraudulent email.
If you receive one of these emails, please forward it to: online@bb.butterfieldgroup.com

How scams work
You’ll first notice scams when you get an unsolicited email requesting an urgent response. The email usually claims to be from a bank, credit card company or some other financial service you might use. It usually asks you to send your account details and sometimes your password, either by return email or through a website.
These scams are known as 'phishing'. This is the process by which you are tricked into disclosing your password, pin number or bank account details to criminals using the internet.
They often use the excuse that a large transaction has recently passed through your account and they require your details to verify its validity. Other tricks are used to lower your guard, such as 'security and maintenance upgrades', 'investigation of irregular account activity' or 'bills or charges due'.
Online Fraud can also be in the form of ‘Pharming’ which occurs when you type in a web address and it redirects you to a fraudulent website without your knowledge or consent. The website will try and look similar to the legitimate site in hopes of capturing your confidential information.

Why these frauds look genuine
Fraudsters scan the internet for email addresses or generate them at random. They don't need online service provider's mailing lists. They may send just a few dozen emails but sometimes thousands. Even if only a few unsuspecting people respond, it can be worth the effort. These attempted frauds can look genuine by using:
• the names of real people.
• the right logos and branding.
• links to pages from the real website.
• official-looking fine print.
• a site that mimics the real thing. Technically, it's quite easy to copy and paste genuine pages to a new fake address.

How to spot a fraud
The success of each fraudulent email depends entirely on fooling the recipient. However with closer attention, you can easily pick out warning signs:
• Website address: this can be easily faked. Is the address spelt accurately? You should only access our official websites i.e.: www.butterfieldgroup.com
• Contact details: does the email address look legitimate? Bear in mind anything before the ‘@’ sign can be faked.
• Shipping address: frauds often originate from areas such as Western Africa so avoid any requests to ship goods there.
• General appearance: fraud emails will often have poor spelling, bad grammar, generally look sloppy and state a false sense of urgency to follow their instructions.

Safety checks to protect yourself
a) Stay calm: It's natural to be alarmed by an email claiming your account has been frozen or your credit card information has been stolen. Resist your first impulse to reply. Never follow the instructions in the email.
b) Suspect a scam if you’re asked for your account details or your passwords by email: We will never ask for your account details or your passwords by email. If you get this kind of email, it's almost certainly a scam.
c) Only go to the official Butterfield (Barbados) Limited website using your bookmark or by typing its URL in the address bar of your web browser: Never click any hyperlink in an email as you cannot be certain where it directs you to.
d) Keep your computer secure: Some frauds can lure you into opening an email or attachment that secretly installs 'trojan' software. Trojan software allows fraudsters to monitor your computer and access your accounts. Install effective protection on your computer and keep it up to date. You can keep your computer secure by:
• Ensuring your computer software has the latest security updates.
• Getting an effective virus protection program and update it regularly.
• Getting a 'firewall' to protect your computer from unauthorised access.
• Deleting suspicious emails without opening them. Avoid opening dubious attachments, even if the email seems to come from someone you trust.
e) Take a few privacy precautions
Avoid personal transactions at Internet cafes, community centres and libraries. In some places, criminals have loaded software that records keystrokes. Check that nobody is looking over your shoulder and keep private information out of chat rooms or email. Where possible use a secure website address starting with “https”. Protect your email address accordingly.
f) Act quickly if you think you’ve been conned
If you get a suspicious email contact us directly via our contact details posted on the website. Do not respond to any contact details in the email as they are probably false. If you're still uncertain or if you have sent any details through an email or website you’re a bit worried about, contact us and ask to confirm the email's authenticity. Monitor your account statements for any suspicious activity.
What to do if you receive a fraudulent email
If you have received a fraudulent email purporting to come from us or have a query on a potential fraud please contact the Information Systems team.
Tel: +1 (246) 434-3686/ 87
Fax: +1 (246) 429-5734
Email: online@bb.butterfieldgroup.com

Protect Yourself from Fraud
Card, ATM and Cheque Fraud Prevention Tips
In order to help you avoid Card, ATM and Cheque fraud on your account, we would encourage you to practice the following diligently:
General Card Usage Tips
• Sign your card as soon as you receive it. A signed card gives you protection from fraud. An unsigned card will allow a crook possessing your card to sign it himself and more easily defraud your account.
• If your card is pinned, keep your PIN (Personal Identification Number) safe. Your PIN is the key to your account and a crook will need it to withdraw funds from your account at an ATM. Never keep your PIN with your card and never disclose it to anyone else. Preferably you should memorise it, and do not write it down.
• Before signing a purchase slip, make sure that the amount and the currency are correct.
• Always take your receipts with you.
• Keep track of your card like your cheque book. If you discover your card missing, notify us immediately by telephoning (246) 431-4500.
• Check your statements carefully and report any unauthorised or unusual transactions to us immediately.

ATM Usage Tips
• Be mindful of strangers lingering in the vicinity of the ATM that you are about to use.
• If at any time you feel uneasy or suspicious of someone in the vicinity of the ATM, do not use the ATM.
• Never use an ATM that has signs posted asking you to enter your PIN several times if your card gets stuck. The bank will never ask you to do this.
• Never use an ATM if the machine appears to have been tampered with in any way.
• Never enter your PIN with someone looking over your shoulder or observing.
• Never accept assistance from a stranger at the ATM.
• Never let anyone distract you when performing a transaction.
• Keep your PIN safe. Remember, your PIN is the key to your account and a crook will need it to withdraw funds from your account at an ATM. Never keep your PIN with your card and never disclose it to anyone. Preferably you should memorise it, and do not write it down.
• Always shield the key pad when entering your PIN. Even if no one is near the ATM, there may be hidden cameras recording you entering your PIN. Remember, a crook cannot use your ATM card for cash withdrawals at an ATM unless he has your PIN.
• Beware of small cameras and suspicious swiping devices attached to the ATM or the ATM vestibule door. Crooks use these swiping devices to capture the magnetic content on your card and cameras to record your PIN.
• Beware of any unusual card trapping devices attached within the card entry slot of the ATM. Crooks will use strips of plastic or glue to capture cards that have been inserted into the machine and then retrieve the card after you have left the ATM.
• Keep your ATM slips to reconcile your account.
• Shred your slips when discarding to ensure that no one can later retrieve information from the discarded slips.
• Get into the habit of using the same ATM or only use the same few machines. You will become familiar with the machines and probably notice any suspicious changes such as cameras or unusual swipe devices that have been attached.
• Take care when using an ATM at night. Make sure there is good lighting and the area is not deserted.
• Check to make sure that the card is in your possession after every transaction.

Cheque Fraud Prevention Tips
• Always keep your cheque book in a safe place.
• Never sign cheques and leave the payee and the amount blank.
• Never give your cheque book to anyone who is not authorised to sign on your account.
• Never use erasable ink to write your cheques.
• If you make any changes to the payee or the amount, always sign next to the change.
• Always fill any unused spaces on your cheque with lines to help prevent the cheque being fraudulently altered to a greater amount or different payee. For example, if you were writing a cheque payable to John Doe for one hundred Cayman Islands dollars, you would complete it as follows:
o Payee---------John Doe------Currency / Amount: BB$100.00---------
o Words:--------One hundred dollars-----00/100--------
• **Note the lines used before and after the payee, amount and words**
• Adopt a signature that is not easily traced or forged.
• Ensure that your blank cheques are printed by us or on ‘Safety Paper’ approved by us.
• Reconcile your statement regularly and let us know immediately if there are any transactions that appear to not belong to your account. You may report any discrepancies to a Supervisor or the Manager at your branch by either visiting the branch or calling (246) 431-4500.

For more information contact:
Butterfield (Barbados) Limited
The Mutual Building, #1 Beckwith Place
Lower Broad Street
Bridgetown, Barbados
Telephone: (246) 434-3686/87
Emergency: (246) 228-HELP
Fax: (246) 429-5734
Email: online@bb.butterfieldgroup.com

Return to Butterfield Online

Legal \| Security & Privacy	© Butterfield 2009