Consumer Protection
Protect Yourself from Fraud
Protecting our customers accounts’ and privacy is one of our highest priorities. Farmers Bank and Trust will NEVER request personal information by phone, email, or text messaging, including account numbers, personal identification information, passwords, or any other confidential customer information.
If you believe you have received fraudulent communication from someone misrepresenting themselves as a Farmers Bank employee, please give your local branch a call.
Customer Awareness & Education Program
Today’s electronic environment is ever changing, so it’s important to keep up with the latest information. Don’t let the lack of knowledge make you a victim to identity theft. Use the information below to help develop good habits that will protect you and your accounts from malicious activity.
We will also list any scams that could potentially affect our customers on this page, so please check back often if you have any concerns. You can always reach out to us if you are unsure of the legitimacy of a claim associated with our bank or your finances.
- An Access ID and Password are required to access accounts through Online Banking.
- If you log into your account from a different device, you must answer a personal security question to help verify your identity.
- Authentication of Farmers Bank and Trust’s website can be evidenced by the presence of a green bar in the URL address bar. This gives our customers visual confirmation that they are on a valid website.
- Accounts are locked after 3 invalid logon attempts. Resetting your password is possible via telephone if your identity can be verified via security questions. If we are unable to verify your identity, you must come into the bank with proper ID to reset.
- Farmers Bank and Trust’s Online Banking will sign off automatically after 10 minutes of inactivity.
- Farmers Bank and Trust limits online banking transfers between your authorized accounts only.
- Unused accounts are deleted after 180 days of inactivity.
- Our website uses firewalls to protect our computer system and your information.
Online Banking is accessed through a Secure Socket Layer (or SSL), meaning all data transmitted to or from the bank’s computer systems is encrypted and your money and privacy are protected. Several firewalls exist to prevent unauthorized access to the system and ensure your information is accessible only with an Internet Banking ID and PIN.
In addition to the security features put in place by Farmers Bank and Trust, you can help protect yourself by taking the following actions to stay safe and secure your information:
- Be aware of suspicious emails asking for your personal information.
- Never provide any personal information such as Social Security number, account number, usernames or passwords over the phone or the internet if you did not initiate the contact.
- Do not use personal information as your username or passwords.
- Create hard-to-guess passwords that include upper & lower case letters, numbers, and special characters.
- Change your passwords frequently and don’t reuse the same passwords across accounts.
- Always sign out or log off of your online banking sessions.
- Avoid using public computers and Wi-Fi to access your online banking accounts.
- Ensure your computer has the most recent anti-virus software and is being updated daily.
- Ensure your computer or mobile devices have the latest software version.
In addition to the information provided regarding online banking security, commercial and small business account holders should institute additional measures in order to further protect their online banking information.
- Perform your own annual internal risk assessment & evaluation on all online accounts.
- Establish internal policies regarding employee internet usage.
- Educate your employees on the risks.
- Establish proper user account controls.
- Review all transactions.
- Ensure all company computers are equipped with up-to-date antivirus protection software and virus definitions are being updated daily.
The Bank uses the same security precautions for mobile and bill payment services as for online banking. The bank will never request your PIN or other sensitive information over the mobile channel. Usernames/userIDs, passwords, or personally identifiable information should not be stored on mobile devices, and mobile banking PINs are disguised with asterisks to prevent a fraudster from viewing the PIN. In addition, you may only log into mobile banking if you also have the correct online banking user name and the password that is sent via Short Message Service (SMS) each time you sign in. Carrier Message and Data rates may apply. You will have the option to opt out of the message program at any time. For help, text “HELP” to 99588. To cancel, text “STOP” to 99588.
Identity theft occurs when someone uses your personal information such as your Social Security Number, account number, or credit card number without your consent to commit fraud or other crimes. The following are tips to protect you against identity theft:
- Report lost or stolen checks or credit/debit cards immediately.
- Never give out your personal information.
- Review statements promptly and carefully.
- Shred all documents that contain confidential information (i.e. bank and credit card statements, bills and invoices that contain personal information, expired credit cards and pay-stubs.)
- Check your credit report periodically.
Consumers can request one free copy of his or her credit report every year. Reviewing your credit report can help you find out if someone has opened unauthorized financial accounts, or taken out unauthorized loans, in your name.
Equifax: 1-800-685-1111
Experian: 1-888-397-3742
Transunion: 1-877-322-8228
Regulation E is a consumer protection law for accounts established primarily for personal, family, or household purposes. Regulation E gives consumers a way to notify their financial institution that an EFT has been made on their account without their permission.
Non-consumer accounts, such as corporations, partnerships, trusts, etc. are excluded from coverage. A non-consumer (business account) customer using internet banking and/or bill pay is not protected under Regulation E. As such, special consideration should be made by the business customer to ensure adequate internal security controls are in place that commensurate with the risk level that the customer is willing to accept.
As a non-consumer customer you should perform periodic assessments to evaluate the security and risk controls you have in place. The risk assessment should be used to determine the risk level associated with any internet activities you perform and any controls you have in place to mitigate these risks.
An EFT is the electronic exchange or transfer of money from one account to another, either within a single financial institution or across multiple institutions initiated through electronic-based systems. The term includes, but is not limited to:
- Point-of-sale transfers
- Automated Teller Machine transfers (ATM)
- Direct deposits or withdrawal of funds
- Transfers initiated by telephone
- Transfers resulting from debit card transactions, whether or not initiated through an electronic terminal
- Transfer initiated through internet banking/bill pay
If you believe an unauthorized EFT has been made on your account, contact us immediately. If you notify us within 2 business days after you learn of the loss or theft of your ATM/debit card or Personal Identification Number (PIN), the most you can lose is $50. Failure to notify the bank within 2 business days may result in additional losses.
Unlimited loss to a consumer account can occur if:
- The periodic statement reflects an unauthorized transfer of money from your account, and you fail to report the unauthorized transfer to us within 60 days after we mailed your first statement on which the problem or error appeared.
The term EFT does not include:
- Checks – Any transfer of funds originated by check, draft, or similar paper instrument or any payment made by check, draft, or similar paper instrument at an electronic terminal
- Check Guarantee or Authorization – Any transfer of funds that guarantees payment or authorizes acceptance of a check, draft or similar paper instrument but does not directly result in a debit or credit to a consumer’s account
- Wire or other similar transfers – Any transfer of funds through a wire transfer system that is used primarily for transfers between financial institutions or between businesses
- Securities and Commodities Transfers – Any transfer of funds for the primary purpose of the purchase or sale of a security or commodity, if the security or commodity is:
- Regulated by the Securities and Exchange Commission or the Commodity Futures Trading
- Purchased or sold through a broker-dealer regulated by the Securities and Exchange Commission or through a futures commission merchant regulated by the Commodity Futures Trading Commission
- Held in Book-entry form by a Federal Reserve Bank or federal agency
- Automatic transfers by account-holding institution – Any transfer of funds under an agreement between a consumer and a financial institution which provides that the institution will initiate individual transfers without a specific request from the consumer:
- Between a consumer’s accounts within the financial institution
- From a consumer’s account to an account of a member of the consumer’s family held in the same financial institution
- Between a consumer’s account and an account of the financial institution, except that these transfers remain subject to § 205.10(e) regarding compulsory use and sections 915 and 916 of the act regarding civil and criminal liability. (Refer to “Coverage in Detail ” section below.)
- Telephone-initiated transfers – Any transfer of funds that:
- Is initiated by a telephone communication between a consumer and financial institution making the transfer; and
- Does not take place under a telephone bill payment or other written plan in which periodic or recurring transfers are contemplated.
For a complete detailed explanation of protections provided under Regulation E, please visit the Consumer Financial Protection Bureau ’s (CFPB ’s) website:
- CFPB – Electronic Funds Transfers Act (Regulations E)— http://www.consumerfinance.gov/eregulations/1005
Managing your finances using a smartphone or tablet can be very convenient. However, you should consider these safety tips to protect your account information:
- Be proactive in protecting your smartphone and/or tablet by installing anti-malware software on the device. Research any application (app) before you download it. Fraudulent apps are often designed with names that look like real apps. It’s best if you access an app using a link from the provider’s website.
- Create a strong password or PIN for your mobile app and your device.
- Use at least eight characters
- Do not use your username, real name, or company name
- Do not use a complete word
- Make it significantly different from previous passwords
- Use a character from each of the following categories (some apps may limit symbols)
- Uppercase letters
- Lowercase letters
- Numbers
- Use an auto-lock or time-out feature so your device will lock when it is left unused for a certain period of time.
- Upgrade your device to the latest operating system version.
- Do not jailbreak or root your mobile device. Doing so exposes the security controls and makes your device vulnerable to cyber-attacks.
- Check your account history periodically to make sure there are no fraudulent transactions.
- Take precautions in case your device is lost or stolen, before your device is lost or stolen. Avoid leaving your device unattended in public places.
- Consult your wireless provider to see if they provide a service to remotely erase your device or turn off access to your device and/or account in the event your device is lost or stolen.
- Always conduct your transactions in a safe environment. Use your cellular service or your own internet provider rather than unsecured/public Wi-Fi networks like those offered at coffee shops.
- Don’t send account numbers or PIN in emails or text messages, because those methods are not necessarily secure
Please contact any of our branch locations directly or by email at info@fbtbly.com with any questions or concerns you may have. If you believe your online banking account has been compromised or you receive suspicious or fraudulent mail, email, or websites related to Farmers Bank and Trust, please contact us immediately.
Remember: Farmers Bank and Trust will never contact any customer and request electronic banking credentials. If you get a call asking for your credentials, hang up and call us!
FDIC Consumer Protection
http://www.fdic.gov/consumers/
Consumer Action: Complaints
https://www.usa.gov/consumer-complaints#item-212527
US Department of Homeland Security
https://www.cisa.gov/audiences
Protecting Your Business: Start With Security
https://www.ftc.gov/news-events/audio-video/business
NACHA Fraud Resources
https://www.nacha.org/content/current-fraud-threats
Consumer Information: Wiring Money
https://www.consumer.ftc.gov/articles/0090-using-money-transfer-services
Federal Communication Commission – Business Cyber-planner:
Consumer Information: Identity Theft
https://www.consumer.ftc.gov/features/feature-0014-identity-theft
Federal Trade Commission: Identity Theft by Mobile Phone
https://www.consumer.ftc.gov/blog/identity-theft-mobile-phone
Federal Trade Commission: Tips for Using Public WiFi Networks
https://www.consumer.ftc.gov/articles/0014-tips-using-public-wi-fi-networks
Farmers Bank and Trust Media Contact: LaRay White, laray.white@fbtbly.com
ABA Media Contact: Sarah Grano, sgrano@aba.com
Farmers Bank and Trust Joins ABA and Banks Across U.S. for #BanksNeverAskThat Anti-Phishing Campaign
America’s banks join forces in coordinated, industry-wide campaign to protect consumers during National Cybersecurity Awareness Month
Today Farmers Bank and Trust joined the American Bankers Association and banks across the nation to promote an industry-wide campaign educating consumers about the persistent threat of phishing scams. The FTC estimates that consumers lost $5.8 billion to phishing and other fraud in 2021, an increase of more than 70% compared to 2020. To combat phishing, the #BanksNeverAskThat campaign uses attention-grabbing humor and other engaging content to empower consumers to identify bogus bank communications asking for sensitive information like their passwords and social security numbers.
“Phishing attempts are at an all-time high and scammers are targeting consumers from every direction—by text, phone and email,” said Paul Benda, Senior Vice President, Operational Risk and Cybersecurity at ABA. “Education and awareness are key to helping consumers spot a scam, and with help from participating banks like Farmers Bank and Trust, we’re able to reach bank customers across the country so they can stay one step ahead of the scammers.”
Farmers Bank and Trust, along with more than 1,000 banks from across the U.S. and ABA, are kicking off this year’s updated campaign on Oct. 3 to mark the beginning of National Cybersecurity Awareness Month. Throughout the month Farmers Bank and Trust will share information and consumer tips on social media and in bank branches designed to highlight common phishing schemes .
Because cybersecurity education and fraud awareness can often be dull and forgettable to many consumers, the campaign is designed to be bright and bold with a bit of comedy.
“Do you prefer boxers or briefs? Do you believe in aliens?!,” one of the campaign’s animated GIFs asks social media users. “Banks would never ask you these questions. Here’s another question a real bank would never ask: We’ve spotted some unusual activity on your account, can you please verify your username and password?”
The campaign’s short videos offer similarly ridiculous scenarios like wallpapering a room with cash, roasting marshmallows over a cash fire and recycling cash on garbage day. Consumers are directed to BanksNeverAskThat.com where they will find an interactive game, videos, phishing red flags, tips and FAQs.
For more information about phishing scams and how to stop fraudsters in their tracks, visit www.BanksNeverAskThat.com.
Someone in your company gets an email.
It looks legitimate — but with one click on a link, or one download of an attachment, everyone is locked out of your network. That link downloaded software that holds your data hostage. That's a ransomware attack.
The attackers ask for money or cryptocurrency, but even if you pay, you don't know if the cybercriminals will keep your data or destroy your files. Meanwhile, the information you need to run your business and sensitive details about your customers, employees, and company are now in criminal hands. Ransomware can take a serious toll on your business.
How it Happens
Criminals can start a ransomware attack in a variety of ways.
Scam emails
with links and attachments that put your data and network at risk. These phishing emails make up most ransomware attacks.
Server vulnerabilities
which can be exploited by hackers.
Infected websites
that automatically download malicious software onto your computer.
Online ads
that contain malicious code — even on websites you know and trust.
How To Protect Your Business
Have a plan
How would your business stay up and running after a ransomware attack? Put this plan in writing and share it with everyone who needs to know.
Back up your data
Regularly save important files to a drive or server that’s not connected to your network. Make data backup part of your routine business operations.
Keep your security up to date
Always install the latest patches and updates. Look for additional means of protection, like email authentication, and intrusion prevention software, and set them to update automatically on your computer. On mobile devices, you may have to do it manually.
Alert your staff
Teach them how to avoid phishing scams and show them some of the common ways computers and devices become infected. Include tips for spotting and protecting against ransomware in your regular orientation and training.
What To Do If You're Attacked
Limit the damage
Immediately disconnect the infected computers or devices from your network. If your data has been stolen, take steps to protect your company and notify those who might be affected.
Contact the authorities
Report the attack right away to your local FBI office.
Keep your business running
Now’s the time to implement that plan. Having data backed up will help.
Should I pay the ransom?
Law enforcement doesn’t recommend that, but it’s up to you to determine whether the risks and costs of paying are worth the possibility of getting your files back. However, paying the ransom may not guarantee you get your data back.
Notify customers
If your data or personal information was compromised, make sure you notify the affected parties ― they could be at risk of identity theft. Find information on how to do that at Data Breach Response: A Guide for Business.