Protect Yourself from Fraud
Protecting our customers accounts’ and privacy is one of our highest priorities. Farmers Bank and Trust will NEVER request personal information by phone, email, or text messaging, including account numbers, personal identification information, passwords, or any other confidential customer information.
If you believe you have received fraudulent communication from someone misrepresenting themselves as a Farmers Bank employee, please give your local branch a call.
Customer Awareness & Education Program
Today’s electronic environment is ever changing, so it’s important to keep up with the latest information. Don’t let the lack of knowledge make you a victim to identity theft. Use the information below to help develop good habits that will protect you and your accounts from malicious activity.
We will also list any scams that could potentially affect our customers on this page, so please check back often if you have any concerns. You can always reach out to us if you are unsure of the legitimacy of a claim associated with our bank or your finances.
- An Access ID and Password are required to access accounts through Online Banking.
- If you log into your account from a different device, you must answer a personal security question to help verify your identity.
- Authentication of Farmers Bank and Trust’s website can be evidenced by the presence of a green bar in the URL address bar. This gives our customers visual confirmation that they are on a valid website.
- Accounts are locked after 3 invalid logon attempts. Resetting your password is possible via telephone if your identity can be verified via security questions. If we are unable to verify your identity, you must come into the bank with proper ID to reset.
- Farmers Bank and Trust’s Online Banking will sign off automatically after 10 minutes of inactivity.
- Farmers Bank and Trust limits online banking transfers between your authorized accounts only.
- Unused accounts are deleted after 180 days of inactivity.
- Our website uses firewalls to protect our computer system and your information.
Online Banking is accessed through a Secure Socket Layer (or SSL), meaning all data transmitted to or from the bank’s computer systems is encrypted and your money and privacy are protected. Several firewalls exist to prevent unauthorized access to the system and ensure your information is accessible only with an Internet Banking ID and PIN.
In addition to the security features put in place by Farmers Bank and Trust, you can help protect yourself by taking the following actions to stay safe and secure your information:
- Be aware of suspicious emails asking for your personal information.
- Never provide any personal information such as Social Security number, account number, usernames or passwords over the phone or the internet if you did not initiate the contact.
- Do not use personal information as your username or passwords.
- Create hard-to-guess passwords that include upper & lower case letters, numbers, and special characters.
- Change your passwords frequently and don’t reuse the same passwords across accounts.
- Always sign out or log off of your online banking sessions.
- Avoid using public computers and Wi-Fi to access your online banking accounts.
- Ensure your computer has the most recent anti-virus software and is being updated daily.
- Ensure your computer or mobile devices have the latest software version.
In addition to the information provided regarding online banking security, commercial and small business account holders should institute additional measures in order to further protect their online banking information.
- Perform your own annual internal risk assessment & evaluation on all online accounts.
- Establish internal policies regarding employee internet usage.
- Educate your employees on the risks.
- Establish proper user account controls.
- Review all transactions.
- Ensure all company computers are equipped with up-to-date antivirus protection software and virus definitions are being updated daily.
The Bank uses the same security precautions for mobile and bill payment services as for online banking. The bank will never request your PIN or other sensitive information over the mobile channel. Usernames/userIDs, passwords, or personally identifiable information should not be stored on mobile devices, and mobile banking PINs are disguised with asterisks to prevent a fraudster from viewing the PIN. In addition, you may only log into mobile banking if you also have the correct online banking user name and the password that is sent via Short Message Service (SMS) each time you sign in. Carrier Message and Data rates may apply. You will have the option to opt out of the message program at any time. For help, text “HELP” to 99588. To cancel, text “STOP” to 99588.
Identity theft occurs when someone uses your personal information such as your Social Security Number, account number, or credit card number without your consent to commit fraud or other crimes. The following are tips to protect you against identity theft:
- Report lost or stolen checks or credit/debit cards immediately.
- Never give out your personal information.
- Review statements promptly and carefully.
- Shred all documents that contain confidential information (i.e. bank and credit card statements, bills and invoices that contain personal information, expired credit cards and pay-stubs.)
- Check your credit report periodically.
Consumers can request one free copy of his or her credit report every year. Reviewing your credit report can help you find out if someone has opened unauthorized financial accounts, or taken out unauthorized loans, in your name.
Regulation E is a consumer protection law for accounts established primarily for personal, family, or household purposes. Regulation E gives consumers a way to notify their financial institution that an EFT has been made on their account without their permission.
Non-consumer accounts, such as corporations, partnerships, trusts, etc. are excluded from coverage. A non-consumer (business account) customer using internet banking and/or bill pay is not protected under Regulation E. As such, special consideration should be made by the business customer to ensure adequate internal security controls are in place that commensurate with the risk level that the customer is willing to accept.
As a non-consumer customer you should perform periodic assessments to evaluate the security and risk controls you have in place. The risk assessment should be used to determine the risk level associated with any internet activities you perform and any controls you have in place to mitigate these risks.
An EFT is the electronic exchange or transfer of money from one account to another, either within a single financial institution or across multiple institutions initiated through electronic-based systems. The term includes, but is not limited to:
- Point-of-sale transfers
- Automated Teller Machine transfers (ATM)
- Direct deposits or withdrawal of funds
- Transfers initiated by telephone
- Transfers resulting from debit card transactions, whether or not initiated through an electronic terminal
- Transfer initiated through internet banking/bill pay
If you believe an unauthorized EFT has been made on your account, contact us immediately. If you notify us within 2 business days after you learn of the loss or theft of your ATM/debit card or Personal Identification Number (PIN), the most you can lose is $50. Failure to notify the bank within 2 business days may result in additional losses.
Unlimited loss to a consumer account can occur if:
- The periodic statement reflects an unauthorized transfer of money from your account, and you fail to report the unauthorized transfer to us within 60 days after we mailed your first statement on which the problem or error appeared.
The term EFT does not include:
- Checks – Any transfer of funds originated by check, draft, or similar paper instrument or any payment made by check, draft, or similar paper instrument at an electronic terminal
- Check Guarantee or Authorization – Any transfer of funds that guarantees payment or authorizes acceptance of a check, draft or similar paper instrument but does not directly result in a debit or credit to a consumer’s account
- Wire or other similar transfers – Any transfer of funds through a wire transfer system that is used primarily for transfers between financial institutions or between businesses
- Securities and Commodities Transfers – Any transfer of funds for the primary purpose of the purchase or sale of a security or commodity, if the security or commodity is:
- Regulated by the Securities and Exchange Commission or the Commodity Futures Trading
- Purchased or sold through a broker-dealer regulated by the Securities and Exchange Commission or through a futures commission merchant regulated by the Commodity Futures Trading Commission
- Held in Book-entry form by a Federal Reserve Bank or federal agency
- Automatic transfers by account-holding institution – Any transfer of funds under an agreement between a consumer and a financial institution which provides that the institution will initiate individual transfers without a specific request from the consumer:
- Between a consumer’s accounts within the financial institution
- From a consumer’s account to an account of a member of the consumer’s family held in the same financial institution
- Between a consumer’s account and an account of the financial institution, except that these transfers remain subject to § 205.10(e) regarding compulsory use and sections 915 and 916 of the act regarding civil and criminal liability. (Refer to “Coverage in Detail ” section below.)
- Telephone-initiated transfers – Any transfer of funds that:
- Is initiated by a telephone communication between a consumer and financial institution making the transfer; and
- Does not take place under a telephone bill payment or other written plan in which periodic or recurring transfers are contemplated.
For a complete detailed explanation of protections provided under Regulation E, please visit the Consumer Financial Protection Bureau ’s (CFPB ’s) website:
- CFPB – Electronic Funds Transfers Act (Regulations E)— http://www.consumerfinance.gov/eregulations/1005
Managing your finances using a smartphone or tablet can be very convenient. However, you should consider these safety tips to protect your account information:
- Be proactive in protecting your smartphone and/or tablet by installing anti-malware software on the device. Research any application (app) before you download it. Fraudulent apps are often designed with names that look like real apps. It’s best if you access an app using a link from the provider’s website.
- Create a strong password or PIN for your mobile app and your device.
- Use at least eight characters
- Do not use your username, real name, or company name
- Do not use a complete word
- Make it significantly different from previous passwords
- Use a character from each of the following categories (some apps may limit symbols)
- Uppercase letters
- Lowercase letters
- Use an auto-lock or time-out feature so your device will lock when it is left unused for a certain period of time.
- Upgrade your device to the latest operating system version.
- Do not jailbreak or root your mobile device. Doing so exposes the security controls and makes your device vulnerable to cyber-attacks.
- Check your account history periodically to make sure there are no fraudulent transactions.
- Take precautions in case your device is lost or stolen, before your device is lost or stolen. Avoid leaving your device unattended in public places.
- Consult your wireless provider to see if they provide a service to remotely erase your device or turn off access to your device and/or account in the event your device is lost or stolen.
- Always conduct your transactions in a safe environment. Use your cellular service or your own internet provider rather than unsecured/public Wi-Fi networks like those offered at coffee shops.
- Don’t send account numbers or PIN in emails or text messages, because those methods are not necessarily secure
Please contact any of our branch locations directly or by email at email@example.com with any questions or concerns you may have. If you believe your online banking account has been compromised or you receive suspicious or fraudulent mail, email, or websites related to Farmers Bank and Trust, please contact us immediately.
Remember: Farmers Bank and Trust will never contact any customer and request electronic banking credentials. If you get a call asking for your credentials, hang up and call us!
FDIC Consumer Protection
Consumer Action: Complaints
US Department of Homeland Security
Protecting Your Business: Start With Security
NACHA Fraud Resources
Consumer Information: Wiring Money
Federal Communication Commission – Business Cyber-planner:
Consumer Information: Identity Theft
Federal Trade Commission: Identity Theft by Mobile Phone
Federal Trade Commission: Tips for Using Public WiFi Networks
Farmers Bank and Trust Media Contact: LaRay White, firstname.lastname@example.org
ABA Media Contact: Sarah Grano, email@example.com
Farmers Bank and Trust Joins ABA and Banks Across U.S. for #BanksNeverAskThat Anti-Phishing Campaign
America’s banks join forces in coordinated, industry-wide campaign to protect consumers during National Cybersecurity Awareness Month
Today Farmers Bank and Trust joined the American Bankers Association and banks across the nation to promote an industry-wide campaign educating consumers about the persistent threat of phishing scams. The FTC estimates that consumers lost $5.8 billion to phishing and other fraud in 2021, an increase of more than 70% compared to 2020. To combat phishing, the #BanksNeverAskThat campaign uses attention-grabbing humor and other engaging content to empower consumers to identify bogus bank communications asking for sensitive information like their passwords and social security numbers.
“Phishing attempts are at an all-time high and scammers are targeting consumers from every direction—by text, phone and email,” said Paul Benda, Senior Vice President, Operational Risk and Cybersecurity at ABA. “Education and awareness are key to helping consumers spot a scam, and with help from participating banks like Farmers Bank and Trust, we’re able to reach bank customers across the country so they can stay one step ahead of the scammers.”
Farmers Bank and Trust, along with more than 1,000 banks from across the U.S. and ABA, are kicking off this year’s updated campaign on Oct. 3 to mark the beginning of National Cybersecurity Awareness Month. Throughout the month Farmers Bank and Trust will share information and consumer tips on social media and in bank branches designed to highlight common phishing schemes .
Because cybersecurity education and fraud awareness can often be dull and forgettable to many consumers, the campaign is designed to be bright and bold with a bit of comedy.
“Do you prefer boxers or briefs? Do you believe in aliens?!,” one of the campaign’s animated GIFs asks social media users. “Banks would never ask you these questions. Here’s another question a real bank would never ask: We’ve spotted some unusual activity on your account, can you please verify your username and password?”
The campaign’s short videos offer similarly ridiculous scenarios like wallpapering a room with cash, roasting marshmallows over a cash fire and recycling cash on garbage day. Consumers are directed to BanksNeverAskThat.com where they will find an interactive game, videos, phishing red flags, tips and FAQs.
For more information about phishing scams and how to stop fraudsters in their tracks, visit www.BanksNeverAskThat.com.
Spot and Stop Messaging Attacks
What are messaging attacks?
Smishing (a portmanteau word combining SMS and phishing) are attacks that occur when cyber attackers use SMS, texting, or similar messaging technologies to trick you into taking an action you should not take. Perhaps they fool you into providing your credit card details, get you to call a phone number to get your banking information, or convince you to fill out an online survey to harvest your personal information. Just like in email phishing attacks, cyber criminals often play on your emotions to get you to act by creating a sense of urgency or curiosity, for example. However, what makes messaging attacks so dangerous is there is far less information and fewer clues in a text than there is in an email, making it much harder for you to detect that something is wrong.
A common scam is a message telling you that you won an iPhone, and you only need to click on a link and fill out a survey to claim it. In reality, there is no phone and the survey is designed to harvest your personal information. Another example would be a message stating that a package could not be delivered with a link to a website where you are asked to provide information needed to complete delivery, including your credit card details to cover “service charges.” In some cases, these sites may even ask you to install an unauthorized mobile app that infects and takes over your device.
Sometimes cyber criminals will even combine phone and messaging attacks. For example, you may get an urgent text message from your bank asking if you authorized an odd payment. The message asks you to reply YES or NO to confirm the payment. If you respond, the cybercriminal now knows you are willing to engage and will call you pretending to be the bank’s fraud department. They will then try to talk you out of your financial and credit card information, or even your bank account’s login and password.
Spotting and Stopping Messaging Attacks
Here are some questions to ask yourself to spot the most common clues of a messaging attack:
- Does the message create a tremendous sense of urgency attempting to rush or pressure you into taking an action?
- Is the message taking you to websites that ask for your personal information, credit card, passwords, or other sensitive information they should not have access to?
- Does the message sound too good to be true? No, you did not really win a new iPhone for free.
- Does the linked website or service force you to pay using non-standard methods such as Bitcoin, gift cards or Western Union transfers
- Does the message ask you for the multi-factor authentication code that was sent to your phone or generated by your banking app?
- Does the message look like the equivalent of a “wrong number?” If so, do not respond to it or attempt to contact the sender; just delete it.
If you get a message from an official organization that alarms you, call the organization back directly. Don’t use the phone number included in the message, use a trusted phone number instead. For example, if you get a text message from your bank saying there is a problem with your account or credit card, get a trusted phone number on your bank’s website, a billing statement, or from the back of your bank or credit card. Also remember that most government agencies, such as tax or law enforcement agencies, will never contact you via text message, they will only contact you by old fashioned mail.
When it comes to messaging attacks, you are your own best defense.
Source: SANS OUCH! Newsletter, Jeff Lomas, Detective for Las Vegas Metropolitan Police Department’s Cyber Investigative Group, January 5, 2022