My Bank for life.

  

Consumer Education / Security Center

The Farmers Bank will never request customers’ personal information by phone, through email, or provide links within an email to update your information.

Deluxe Provent Identity Theft Protection

Identity theft affects millions of consumers every year. Take steps to prevent it from harming you - before it's too late. Protect yourself with Deluxe Provent™. Learn More >

FDIC-EDIE The Estimator

Understanding the deposit insurance coverage you have on your accounts. Learn more >

Free Credit Report

Taking charge of your credit history has never been easier. Learn more >

Prevent ID Theft

Identity thieves are lurking everywhere, ready to steal your ID and drain your resources. Protect yourself by becoming informed. Learn more >


FDIC Consumer News

Writing a Check: Understanding Your Rights

www.mymoney.gov


Business

Is your company keeping information secure?

Are you taking steps to protect personal information? Safeguarding sensitive data in your files and on your computers is just plain good business. After all, if that information falls into the wrong hands, it can lead to fraud or identity theft. A sound data security plan is built on five key principles:

  1. Take stock. Know what personal information you have in your files and on your computers.
  2. Scale down. Keep only what you need for your business.
  3. Lock it. Protect the information in your care.
  4. Pitch it. Properly dispose of what you no longer need.
  5. Plan ahead. Create a plan to respond to security incidents. 

To learn more about how you can implement these principles in your business, watch the videos below. You'll see and hear about practical steps your business can take to protect personal information. After you experience the tutorial, we hope you'll take advantage of the other resources on this site to educate your employees and customers. This information is provided by the Federal Trade Commision, Bureau of Consumer Protection.

Take Stock

Know what personal information you have in your files and on your computers.

  • Inventory all file storage and electronic equipment. Where does your company store sensitive data?
  • Talk with your employees and outside service providers to determine who sends personal information to your business, and how it is sent.
  • Consider all the ways you collect personal information from customers, and what kind of information you collect.
  • Review where you keep the information you collect, and who has access to it.
Scale Down

Keep only what you need for your business.

  • Use Social Security numbers only for required and lawful purposes. Don’t use SSNs as employee identifiers or customer locators.
  • Keep customer credit card information only if you have a business need for it.
  • Review the forms you use to gather data — like credit applications and fill-in-the-blank web screens for potential customers — and revise them to eliminate requests for information you don’t need.
  • Change the default settings on your software that reads customers’ credit cards. Don’t keep information you don’t need.
  • Truncate the account information on electronically printed credit and debit card receipts you give your customers. You may include no more than the last five digits of the card number, and you must delete the card’s expiration date.
  • Develop a written records retention policy, especially if you must keep information for business reasons or to comply with the law.
Lock It

Protect the information that you keep.

  • Put documents and other materials containing personally identifiable information in a locked room or file cabinet.
  • Remind employees to put files away, log off their computers, and lock their file cabinets and office doors at the end of the day.
  • Implement appropriate access controls for your building.
  • Encrypt sensitive information if you must send it over public networks.
  • Regularly run up-to-date anti-virus and anti-spyware programs on individual computers.
  • Require employees to use strong passwords.
  • Caution employees against transmitting personal information via e-mail.
  • Create security policies for laptops used both within your office, and while traveling.
  • Use a firewall to protect your computers and your network.
  • Set “access controls” to allow only trusted employees with a legitimate business need to access the network.
  • Monitor incoming Internet traffic for signs of security breaches.
  • Check references and do background checks before hiring employees who will have access to sensitive data.
  • Create procedures to ensure workers who leave your organization no longer have access to sensitive information.
  • Educate employees about how to avoid phishing and phone pretexting scams.
Pitch It

Properly dispose of what you no longer need.

  • Create and implement information disposal practices.
  • Dispose of paper records by shredding, burning, or pulverizing them.
  • Defeat dumpster divers by encouraging your staff to separate the stuff that’s safe to trash from sensitive data that needs to be discarded with care.
  • Make shredders available throughout the workplace, including next to the photocopier.
  • Use wipe utility programs when disposing of old computers and portable storage devices.
  • Give business travelers and employees who work from home a list of procedures for disposing of sensitive documents, old computers, and portable devices. 
Plan Ahead
  • Create a plan for responding to security incidents.
  • Create a plan to respond to security incidents, and designate a response team led by a senior staff person.
  • Draft contingency plans for how your business will respond to different kinds of security incidents. Some threats may come out of left field; others — a lost laptop or a hack attack, to name just two — are unfortunate, but foreseeable.
  • Investigate security incidents immediately.
  • Create a list of who to notify — inside or outside your organization — in the event of a security breach.
  • Immediately disconnect a compromised computer from the Internet.
Protect Your Account

Good practices can keep your information secure.

Corporate Account Takeover is a form of identity theft in which criminals steal your valid online banking credentials. The attacks are usually stealthy and quiet. Malware introduced into your systems may be undetected for weeks or months. Account-draining transfers using stolen credentials may happen at a time when they are not noticed for a day or two.

The good news is, if you follow sound business practices, you can protect your company:

 

  • Use Layered System Security: Create layers of firewalls, anti-malware software and encryption. One layer of security might not be enough. Install robust anti-malware programs on every workstation and laptop. Keep them updated.
  • Manage the security of online banking with a single, dedicated computer used exclusively for online banking and cash management. This computer should not be connected to your business network, should not retrieve any email messages, and should not be used for any online purpose except banking.
  • Educate your employees about cybercrimes. Make sure your employees understand that just one infected computer can lead to an account takeover. May them very conscious of the risk, and teach them to ask the question: “Does this email or phone call make sense?” before they open attachments or provide information.
  • Block access to unnecessary or high-risk websites. Prevent access to any website that features adult entertainment, online gaming, social networking and personal email. All such sites can inject files into your network.
  • Establish separate user accounts for every employee accessing financial information, and limit administrative rights. Many malware programs require administrative rights to the workstation and network in order to steal credentials. If your user permissions for online banking include administrative rights, don't use those credentials for day-to-day processing.
  • Use approval tools in cash management to create dual control on payments. Requiring two people to issue a payment – one to set up the transaction and a second to approve the transaction – doubles the chances of stopping a criminal from draining your account.
  • Review or reconcile accounts online daily. The sooner you find suspicious transactions, the sooner the theft can be investigated. 
Protect yourself from fraudulent transactions.

Consumers are protected in a number of ways against unauthorized electronic transactions, but it’s very important to do your part. These protections do not apply to business accounts:

  1. Report lost or stolen debit/ATM cards within two business days.  If you lose your debit/ATM card (or other access device) report it immediately.  By contacting your financial institution within two business days of discovering the loss, you limit your liability to $50. Waiting more than two business days to report the loss increases your liability up to $500.
  2. Important! Review your statement every month. If you find an unauthorized electronic transaction, you have 60 days to report it to your financial institution in order to limit the amount for which you are liable. If you wait more than 60 days you become liable for the unauthorized transactions. So review your statements every month and report any suspicious activity immediately.

The security of your money and identity is as important to us as it is to you. Let's work together to protect it.

To report suspicious activity, contact us at: 765-654-8731.

Social Engineering

“Social Engineering” is any method of theft that manipulates human nature in order to gain access to your online financial accounts. No business is immune to the risks of Social Engineering attacks, and thieves will go to great lengths to lower your guard. Here are a few ways you can protect yourself from thieves using Social Engineering techniques:

  • Don't allow unfamiliar visitors into any area with network access. Thieves often pose as vendors, service providers or even firefighters conducting an inspection, in order to gain physical access to your network. It only takes a few seconds for them to plug in a thumb drive that installs keystroke logging software. Legitimate technicians or officers will have I.D. beyond a logo shirt or uniform to back up their claim, and should be verified independently.
  • Be cautious about letting visitors use a workstation or plug into your network. A request to “check my email” or “download that sales brochure” might seem innocent enough. But, this is a favorite tactic of Social Engineers to gain access to your network and leave monitoring software or hardware behind.
  • Control access to your facility. Whatever type of business you are in, there should be barriers between public and private back office areas. Doors leading into back offices from public areas should be locked. Doors to outdoor smoking areas should be locked. Visitors to back office areas should always be accompanied by a trusted employee.
  • Don't assume that an unsolicited phone call or email is actually from a trusted source. Thieves can research your business relationships or donations, then pose as a vendor or charity you trust. They can even pose as another company employee needing help. Again, verify before providing any confidential information.
  • Remember, unexpected email attachments should be treated with great caution. Common and popular files like PDFs, JPGs and spreadsheets can provide a platform for installing viruses or keystroke-logging malware on your computer. If you aren't certain the file came from a legitimate business, charity or person, don't open it without verifying. Call them and ask if they sent an email with an attachment.
  • Verify, verify, verify. If you receive a phone call or email claiming there is a problem with a bank account, credit card account or any other network or finance related account, hang up the phone or delete the email and check those accounts directly through normal access channels. 

The best way to avoid Social Engineering schemes is to be cautious about any unknown visitor, and any request for money, passwords, account numbers or other confidential information – no matter where it seems to be coming from.

Helping you protect the security of information held by your company is as important to us as it is to you. Let's work together to protect it.

If you want to report suspicious activity in your account, or if you have questions about the security of your account, you can call us at: 765-654-8731.

Additional Resources

The following links are provided solely as a convenience to our visitors. The Farmers Bank neither endorses nor guarantees in any way the organizations, services or advice associated with these links. The Farmers Bank is not responsible for the accuracy of the content found on these sites.


Consumer

Learn to protect yourself from Identity Theft. The Farmers Bank can help.

Your identity is one of the most valuable things you own. It’s important to keep your identity from being stolen by someone who can potentially harm your good name and financial well-being. Identity theft occurs when someone uses your name, address, Social Security Number, credit card or financial account numbers, passwords, and other personal information without your knowledge to commit fraud or other crimes. While the words may sound like a foreign language -- Phishing, Pharming, Vishing, Spyware, Dumpster Diving — they are actually techniques used by thieves to put your identity and finances at risk. And their attacks grow more frequent and sophisticated every year. Identity theft is the fastest growing crime in the United States. According to US Department of Justice statistics, it’s now passing drug trafficking as the number one crime in America.

How to protect your identity

The simple fact is you can protect yourself against most forms of identity theft. The first step is education. To make it easier to understand, we’ve divided identity theft into the “Danger Zones.” Take a few moments to learn about each of the Danger Zones and the steps you can take to avoid being a victim.

Danger Zone: Email

Phishing is an email scam used to steal your personal information. Email similar to the one pictured may appear in your inbox, claiming to be from your financial institution, credit card company, or another source. It may appear authentic, but be careful - any email requesting personal information or to “verify” account information is usually a scam. Do not respond to this and do not click on any link from this email.

How to spot Phishing and other email scams 
  1. Any email requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.
  2. The email may instruct you to click on a link, or call a phone number to update your account or even claim a prize. 
  3. The message will often threaten a dire consequence if you don’t respond immediately, such as closing your account.

These are clear signs that someone is “Phishing” for your information.

Follow these steps to avoid email scams 
  1. Never respond to any email asking for confidential information, even if it appears urgent. Chances are it is a fraudulent email.
  2. Never click on a link from an email. Instead, type the known Website address into your Internet browser.
  3. Do not call any phone number provided in a suspicious email. It could be a fake phone number.
  4. Always use anti-virus and anti-spyware software on your computer, and keep them up-to-date. 

Remember, email is not a secure form of communication. So feel free to use your email, but don’t use it to send or receive confidential information. And if you follow the four basic steps listed, you can protect yourself from most phishing and other email scams.

Danger Zone: The Internet 

The Internet is a great place to browse and do business. But it can also be a Danger Zone for identity theft if you don’t know what to watch for or how to protect yourself.

There are several types of malware – which means malicious software – that can infect your computer as you surf the web including:

  • Viruses
  • Spyware
  • Trojan Horses
  • Keystroke Loggers

These programs are becoming more sophisticated and ingenious in their ability to infect your computer. Many are designed to steal your personal information.

Learn how to practice safe surfing

Follow these steps to protect your computer from the majority of Internet crime: 

  1. Make sure you have anti-virus and anti-spyware software installed on your computer, keep them updated, and run a full system scan at least weekly. 
  2. Keep your computer operating system up to date, and your firewall turned on. 
  3. Use strong passwords for secure sites. These should include eight or more characters with random numbers, and change your passwords every six months.
  4. If you download anything from the Internet such as music, movies, or pictures, make sure you do so only from trusted websites. Downloads can be infected with spyware attached to the file. 
  5. Watch for signs of spyware—frequent pop up ads, unexpected icons on your desktop, random error messages or sluggish computer performance are all signs of infection. Run a full system anti-virus and anti-spyware scan to safely remove. 
  6. Be careful when using public computers to perform any type of personal transactions. Just logging into a Website may give away passwords and other private information if spyware has been installed on that computer.

Following these steps will help protect you from the most common forms of identity theft while surfing the Internet.

Danger Zone: Telephone

The telephone is one of the most often used sources for criminal activity. Here’s how it works. Your phone rings. The caller claims to be from your financial institution, or any other source. They begin asking questions about you and your account. This could be a telephone scam called Vishing. Someone is attempting to steal your identity. And it happens to millions of Americans every year.

Protect yourself from telephone scams

Follow these steps to protect yourself from most types of identity theft telephone scams:

  • Never offer personal or account information over the phone without verifying the caller’s identity.
  • If you are uncertain of the identity of a caller, hang up and initiate the call yourself using a known phone number.
  • Do not call any phone number received in a voice message or email asking for personal information. It could lead you to a phony answering system.

As a general guideline, be highly suspicious anytime you are requested to provide personal information over the phone.

Danger Zone: Payments

Payment fraud happens when someone uses information from your checks, credit and debit cards, or any other form of payment without your knowledge to commit fraud or other crimes. But this, and other forms of identity theft, can be avoided, if you know how to protect yourself.

Avoid being a victim of payment fraud

Don’t make it easy for criminals to steal your personal information. Here are some common sense tips to protect your identity:

  1. Balance your checkbook, and verify all account and credit card statements as soon as they arrive.
  2. Keep all checks, credit and debit cards in a safe place.
  3. Don't leave outgoing checks or paid bills in your mailbox, and report lost or stolen items immediately.
  4. Don’t write PIN numbers on your credit or debit cards, or leave them in your wallet for a thief to find.
  5. Use a paper shredder to securely dispose of any documents containing personal information.
  6. Make online purchases only from trusted Web sites. If you have questions about a company, you can check them out with the Better Business Bureau.
  7. NOTE! Consider paying all your bills electronically with online bill pay. This method is considered more secure than mailing paper checks.

Reducing your risk of identity theft starts with protecting your personal information. Keep it from getting into the wrong hands. Always be diligent about protecting your identity.

Danger Zone: Home

The simple act of sending and receiving mail, and putting your trash out at night, can put your personal information at risk. Financial information, checks, account and credit card statements, and monthly bills can be stolen from your home, mailbox or even from your trash, and used to access your accounts and steal your identity.

Follow these steps to protect against identity theft in your home 
  1. Invest in a personal shredder. This is your first line of defense. Shred checking and credit card statements, cancelled checks, pre-approved credit card offers, or anything with your personal information on it before disposal.
  2. Place your garbage out on the morning of pickup rather than the night before. This gives dumpster divers less opportunity to go through your trash.
  3. Install a mailbox with a locking mechanism, or pick up your mail immediately after it is delivered each day.
  4. Change that old habit of placing mail in your mailbox for the carrier to pick up. Always place out-going mail in an official, secure mailbox.
  5. It’s good practice to store your mail, account statements, and other papers where they are out of sight and out of reach of anyone who might be in your home.

By following these steps you are on the right track to protecting your identity. Learning about all the identity theft danger zones and the simple steps you can take to avoid being a victim, is the best way to protect your good name.

Protect yourself from fraudulent transactions.

Consumers are protected in a number of ways against unauthorized electronic transactions, but it’s very important to do your part. These protections do not apply to business accounts:

  1. Report lost or stolen debit/ATM cards within two business days.  If you lose your debit/ATM card (or other access device) report it immediately.  By contacting your financial institution within two business days of discovering the loss, you limit your liability to $50. Waiting more than two business days to report the loss increases your liability up to $500.
  2. Important! Review your statement every month. If you find an unauthorized electronic transaction, you have 60 days to report it to your financial institution in order to limit the amount for which you are liable. If you wait more than 60 days you become liable for the unauthorized transactions. So review your statements every month and report any suspicious activity immediately.

The security of your money and identity is as important to us as it is to you. Let's work together to protect it.

To report suspicious activity, contact us at: 765-654-8731.

Social Engineering

“Social Engineering” is any method of theft that manipulates your human nature in order to gain access to your online financial accounts. Here are a few ways you can protect yourself from thieves using Social Engineering techniques:

  • Don't respond to ANY email or social network post or message that asks for money or confidential information. Thieves can hack email and social network accounts, and then pose as a friend or family member in order to gain your trust.
  • Don't assume that an unsolicited phone call or email is actually from a trusted source. Thieves can research your purchases or donations, then pose as a business or charity you trust. Or, they may pose as law enforcement, a bank officer or another trusted authority figure. Just because they have bits of information about you or your past activities doesn't mean they are legitimate.
  • Verify, verify, verify. If someone on the phone, or a message in your inbox, is telling you there is a problem with your online banking account, online auction account or credit card account, don't give them additional information to “fix” the problem. Instead, hang up the phone or delete the email and check those accounts directly by logging in normally or calling a published customer service number.
  • Be conscious what can be learned about you. Many kinds of online accounts, including online banking, use challenge questions as part of their security. Make sure you don't choose responses that can be found online. For example, don't use your mother's maiden name if it is mentioned on a social network profile; or the model of your first car, if you discussed it on a forum. Thieves are very good at digging out those details from online searches.
  • Remember, even the most innocent email attachments can be infected with computer malware. Common and popular files like PDFs, JPGs and spreadsheets can provide a platform for installing viruses or keystroke-logging malware on your computer. If you aren't certain the file came from a legitimate business, charity or person, don't open it without verifying. Call them and ask if they sent an email with an attachment.

The thieves are smart and very good at exploiting your honesty and natural cooperation. They can send email that looks like it came from a family member, or hijack your best friend's social network account. Don't let your good nature become your downfall.

The best way to avoid Social Engineering schemes is to be cautious and suspicious of ANY request for money, passwords, account numbers or other confidential information – no matter where it seems to be coming from.