We utilize reasonable security technologies to protect sensitive information. However, the security of this information depends in part on the security of the computer you use to communicate with us, the security you use to protect User IDs and passwords, and the security provided by your internet access services provider. We are not responsible for the security of your internet access services provider; you should review the security and privacy policies of your internet access services provider carefully. Information that you access via this Site may be stored on your computer during your session for your convenience. If others have access to your computer or your User ID and password, they may be able to access this information. In any area of the Site requiring a password, you should log off the Site when you are done viewing information or whenever you leave your computer. We are not responsible for the security or privacy of information communicated to or from such a computer. Finally, you should keep any correspondence you receive relating to this Site or the Services (including, but not limited to, your User ID, passwords, other registration information, emails, order information, or any other information) confidential and in a safe place.
We will use reasonable efforts to allow you to review, correct or update the information that you have provided to us at any time. Please note that because of back-up systems and records of deletions, it may not be possible for us to locate and remove from our systems residual information that you have provided to us.
We cannot require third parties to change information that has been disclosed to them with your consent. To modify this information, you will have to go directly to the relevant third party.
BNY Mellon is licensed under the following U.S., Patents: 5,940,510; 5,949,880; 6,105,013; and 6,237,095.
The Internet is one of the most powerful communication tools available, making it possible to share information instantly, any time of the day or night, around the globe.
Criminals have capitalized on the broad power and wide availability of the Internet and electronic mail (e-mail) to defraud unsuspecting people. It is critical that each of us maintain constant vigilance over the way we use the Internet and all forms of electronic communication.
The Bank of New York Mellon maintains active oversight of all of our systems as part of our efforts to protect the security and privacy of client information.
If you have any concerns or questions, please contact your Bank of New York Mellon representative.
The Bank of New York Mellon does not contact its clients or anyone else by e-mail to confirm credit card or financial transactions, or to confirm or request personal account information or any other type of sensitive information.
To help protect yourself and your personal data, do not trust any e-mail communications that request your personal information.
Criminals can be convincing. They make their fraudulent e-mails look like they come from legitimate sources. They publish fake websites that use designs, information and programming stolen from their rightful owners. Cyber criminals use methods to impersonate you over the phone to arrange funds transfers, or imitate communications from the financial institution to verify transactions, or initiate other changes to your account. Don't fall for their ploys.
E-mail is by far the most popular way for criminals to try to get your attention — and your personal information. An e-mail may direct you to a website designed and operated by criminals to trick you into revealing such information. Therefore, treat e-mail from someone you don't know the same way you would treat a telemarketing call from someone you don't know: don't necessarily believe what you're being told.
Fraudulent e-mails and websites are created every day to attempt to steal personal information. It's called "phishing" — a variation of the word "fishing." There are limitless variations of these online scams, so the best defense is education and a healthy dose of skepticism. A few misleading and deceptive techniques in use include the following:
As technology and one's ability to detect these scams improves, so, unfortunately, do the criminals. The latest attacks do not even require you to do anything. Merely opening the e-mail can launch "hidden" software — a virus, "spyware" or other malicious code — that will download to and reside on your computer. Should they go undetected, any of these programs could compromise your computer in a variety of ways, including stealing private information, redirecting your Web surfing to unscrupulous sites and transmitting information that you type on your computer directly to the criminals. Therefore you should delete all unwanted and potentially fraudulent e-mails without opening them.
Some fraudulent e-mails, spear-phishing attempts for example, can be very well done and very convincing. These are often created by more sophisticated and more determined criminals who are highly motivated to succeed. More generally, however, most fraudulent e-mails and websites established for fraud may frequently be characterized by the following:
There are a number of common e-mail scams of which you should be aware. While this list is by no means exhaustive, recent e-mail tricks include:
"Spoofing" is another trick used by criminals. Criminals steal a website's code — the technical programming that makes the website work — and use it to create a fake website that "spoofs" or appears to be the legitimate site.
The difficulty for unsuspecting consumers is that these sites look legitimate. To help protect yourself, be aware of how you're accessing the site.
If you receive a letter, accompanied by a check with a The Bank of New York Mellon brand, that claims you have won a lottery, a sweepstakes, have been chosen to be a paid "secret shopper" or a similar variation of a popular contest, be advised that these are scam letters and fraudulent checks. If you contact the sender as requested, you will be instructed to negotiate the check and forward the sender money through a wire transfer or money order. Please do not negotiate these checks, as they are not authentic The Bank of New York Mellon checks. If you receive one of these letters and/or checks, you should report it to your local U.S. Postal Inspection Service.
Corporate account takeovers, once associated mostly with large corporations, have started to target municipalities, smaller businesses, and non-profit organizations. Thousands of businesses, small and large, have reportedly fallen victim to this type of fraud. To obtain access to business financial accounts, cyber criminals often target employees and cause the targeted individual to download and spread malicious software (or "malware") which in turn steals their log-in credentials. Cyber criminals typically will accomplish this by getting you to perform some action such as open an e-mail attachment, accept a fake friend request on a social networking site, visit an already compromised legitimate website, or plug an infected USB drive into your system. All of these can install malware on your computer.
Some recent methods used to trick employees into opening the attachment or clicking on the link, have included making the e-mail appear come from a legitimate business, for example:
Cyber criminals may try to take advantage of some current event, such as a natural disasters or major sporting events. They may use credentials stolen from company websites or co-workers or executives and design the e-mail to look like it comes from a trusted source.
Once they are able to get you to download their malware, they can easily steal your account login credentials and then be able to electronically steal money from your business accounts through unauthorized wire transfers and ACH payments.
Report any problems regarding The Bank of New York Mellon to your customer service representative.
If you should become a victim of identity theft, you can take the following actions to help you protect your personal and financial interests:
Contact your bank and credit card issuers to ensure that:
File a police report with your local police department and provide the facts and circumstances surrounding your loss. Obtain a police report number with the date, time, police department, location and name of the police officer taking the report or involved in the subsequent investigation. Having a police report on file will often facilitate your dealings with insurance companies, banks, credit card agencies, and commercial establishments that may be parties involved in fraudulent transactions. The police report may initiate a law enforcement investigation into the loss with the goal of identifying, arresting, and prosecuting the offender and possibly recovering your lost items. The police report will also help provide immediate clarification should someone assume your identity and be arrested for criminal activity using your name and biographical data.
Contact the three major credit bureaus (listed below) to order copies of your credit report, and to report identity theft.
PO Box 105069
Atlanta, GA 30349
To order a credit report: +1 800 685 1111
To report credit fraud: +1 800 525 6285
PO Box 2002
Allen, TX 75013
To order a credit report: +1 888 397 3742
To report credit fraud: +1 888 397 3742
PO Box 1000
Chester, PA 19022
To order a credit report: +1 800 916 8800
To report credit fraud: +1 800 680 7289
By ordering your credit report, you will be able to determine if the identity thief has opened any credit accounts in your name. You can then contact these creditors to let them know that your identity has been stolen, and that the accounts are fraudulent.
When calling to report fraud, request that a statement be placed on your credit report that indicates no further credit is to be granted in your name without first contacting you directly at the telephone number you designate. This is typically called a "Fraud Alert" or "Victim Statement", and will help prevent further accounts from being opened in your name.
Contact the Federal Trade Commission (FTC). The FTC maintains the Identity Theft Data Clearinghouse (the federal government's centralized identity theft complaint database), and provides identity theft victims with information. The FTC can be contacted through the following methods:
If you discover that a fraudulent bank account has been set up using your name, report the account information to the following merchant check guarantee firms:
Report improper use of your Social Security Number to the Social Security Administration (SSA) by contacting the SSA Hotline at +1 800 269 0271.
If your driver's license is stolen, report the theft immediately to your local Department of Motor Vehicles. Ensure that a duplicate license was not issued to the identity thief.
Maintain a log of what happened, what was lost, and all of the steps you took to correct the situation. Remember to record dates, times, phone numbers, people you spoke with, and any relevant reference numbers and information. Correcting an ID theft can be a long and difficult process — do not rely on your memory.
Security of client information is a top priority for BNY Mellon. Accordingly, we would like to remind our clients to take steps promptly to remove a user’s access to BNY Mellon systems once it is no longer required (e.g., removing access when an employee leaves your company/no longer requires access or when agents such as investment managers or vendors need to be removed).
Business and personal customers also should employ best practices to secure computer systems in their homes and business including, but not limited to:
Immediately notify us of any suspicious transactions, particularly ACH or wire transfers.
BNY Mellon actively works to protect the privacy and data integrity of sensitive information while it is in our possession and control. In the course of providing services, we may exchange information with clients or their authorized representatives which is sensitive and confidential. In order to protect this information, BNY Mellon requires Highly Confidential Information (HCI), and in some cases other types of sensitive information, to be encrypted when transmitted over an open unsecured network.
BNY Mellon provides two methods of encryption for electronic messages containing HCI sent to external recipients.
Enforced Transport Layer Security is the primary and preferred method of encryption for BNY Mellon. This method of encryption allows e-mail to be automatically secured with no additional steps required by the sender and recipient. ETLS requires our external partner organizations to have both an ETLS capable infrastructure and a valid digital certificate for encryption. Once established, this method is the most convenient for all users and provides seamless encryption for e-mail and attachments. ETLS encrypts e-mail message between servers and is designed to protect confidentiality and data integrity and is a widely recognized standard issued by the Internet Engineering Task Force (IETF) for securing transmitted data.
If you have questions about ETLS encryption or to establish an ETLS relationship with your client, please contact the TLS Administration Team.
BNY Mellon Secure Messaging Portal is the alternative secure encryption tool which is utilized when an external partner does not have ETLS capability. The portal encapsulates a message and its attachments into an encrypted message. Once protected, the encrypted message is sent to recipients as an attachment to a plain text e-mail. The recipient uses a self-created, pre-registered password to access the notification and any attachments. This guide provides step-by-step instructions on how to register and use BNY Mellon's Secure Messaging tool.
If you have questions about BNY Mellon's Secure Messaging Portal, please contact the Secure Messaging Team.
Note: When accessing any third-party/external sites that may be linked above, you will leave the BNY Mellon website. These sites are not controlled or endorsed by BNY Mellon, and BNY Mellon is not responsible for the contents, operation or security of these sites.
We use a number of unaffiliated social media sites, including Twitter, Facebook, YouTube and LinkedIn to share product and service information, thought leadership material, news, events and career information. A list of these accounts can be found below.
Social Media pages are typically public and can show up in search engines like Google, Yahoo and Bing. Because our social media sites are public and anyone with an account can engage with us, we cannot be responsible for views expressed other than our own.
We reserve the right to prohibit posting on our social media pages, as well as the right to delete or edit any posted content or material for any reason and without notice. Any posting on these pages is subject to our policies of usage, as we may change them from time to time. We prohibit postings about securities products, investment recommendations, investment product performance and client testimonials. In addition, we prohibit the posting of offensive, derogatory, inflammatory or illegal comments and statements.
We reserve the right to block or remove objectionable content and users if possible, in our sole discretion and without notice. Any delay in removing or failure to remove an objectionable posting should not be deemed an endorsement or approval of the posting, and does not preclude us from taking other steps to address objectionable content, particularly where a social media website restricts us from removing content or blocking users. If a follower forwards our posts and adds comments, such comments are the view and responsibility of the follower, and we expressly disclaim any responsibility over such communication.
Our social media sites are managed and monitored by BNY Mellon. We are actively watching what people are saying to and about BNY Mellon. However, because of the public nature of the platform, we cannot respond to or engage on all issues.
Never disclose any financial or personal information on any social media site or other website. BNY Mellon will never ask you for your Social Security number, account information, passwords, PINs or other personally identifiable information via social media or email. We are not responsible for the privacy or security practices of the social media sites we utilize. Please review their policies.
In addition, we do not endorse clicking on links posted by other social media users, as these links may pose risks to your computer or take you to inappropriate sites.
If you are a BNY Mellon client with specific questions about an account or investment, please contact your relationship manager directly. If you have any concerns or complaints about our social media websites, you may submit them using our online form.
We may occasionally mention a user, tweet, re-tweet or repost links to third-party sites when we think you may find that information useful. However, this does not constitute an endorsement of the individual, site, product or company. See also "Links to Other Websites" above.
When accessing any third-party/external sites that may be linked above, you will leave the BNY Mellon website. These sites are not controlled or endorsed by BNY Mellon, and BNY Mellon is not responsible for the contents, operation or security of these sites.