Online Banking Login

Protect Yourself

Phishing

You receive a suspicious or unexpected email with an attachment or hyperlink. You click on the link or download the attachment & your system becomes infected with malware. During your next online banking transaction, the malware is triggered into action and steals your login credentials and your money

What is Phishing?

Phishing occurs when a fraudster impersonates a legitimate company or organization using e-mail, faxes, and/or Web sites in an attempt to lure recipients into revealing confidential information. This is the "bait." The messages are well crafted and often difficult to distinguish from those of the companies they impersonate.

How do Phishing, Vishing and SMiShing Work?

A typical "phishing attack" begins with a fraudster sending thousands or millions of e-mails impersonating a company. Quite often, the tone of the e-mail is urgent, leading recipients to believe there is something wrong with their account. They are urged to take immediate action, which often includes opening an attachment or clicking on an embedded link to go to the "company's" Web site to update, verify, or review account information.

Although the link may appear to be legitimate, computer code may direct the user to an imposter Web site designed to be nearly indistinguishable from the legitimate site. When the victim logs in or enters confidential information, they are actually giving it directly to the criminals.

Phishers engage in these practices for pure financial gain. They like to impersonate financial services companies, Internet service providers (ISPs), and online retailers. The Internal Revenue Service has even been impersonated (typically during tax season) in the hopes of gaining Social Security numbers. Phishers have also pretended to be the Better Business Bureau and the Department of Justice.

Phishers are most interested in obtaining credit card numbers, online banking credentials, Social Security numbers, and other confidential information that will allow them or another criminal party to steal money, assume identities, and/or fraudulently apply for credit.

Vishing (voice phishing using the phone) and SMiShing (phishing via text messages) are two newer, but just as dangerous, forms of phishing that consumers and businesses need to be aware of. The scams are the same, but the technology used is different.

  • Vishing requires the potential victim to respond by phone to either an e-mail or telephone message.
  • SMiShing requires the potential victim to respond by accessing a Web site or calling a particular telephone number - neither of which are legitimate.

What Should You be Looking for?

Although these forms of attack are designed to be nearly impossible to distinguish from legitimate e-mails, telephone messages or text messages, there are some common signs you can look for:

  • Attackers urge the recipient to click on the link (phishing & SMiShing) or call a telephone number (vishing & SMiShing) to update or verify account information, re-activate an account or cancel an order.
  • Attackers convey a sense of urgency and often mention negative consequences for failing to respond.
  • Attacks are not consistent with other e-mails, telephone messages or text messages from the business.
  • Messages do not contain any personalization that shows the sender knows something about the recipient's account (e.g. the recipient's name, the last four digits of their account number, or other information).
  • Attacks often contain spelling errors and bad grammar.
  • Attacks using SMiShing often indicate the message came from the number "5000" instead of displaying an actual telephone number.
  • Messages often claim the user has ordered something that they never ordered.

What Should You do if You Receive a Suspicious E-mail, Telephone Message or Text?

  • Do not respond.
  • If you are unsure of the authenticity of the message, call the company to verify they actually sent it or inquire about why they need your information. Use a telephone number you know is legitimate (e.g. one on your most recent statement). Do NOT call the one in the e-mail, telephone message or text message..
  • If it appears to be from another company or financial institution, you can forward it to the Anti-Phishing Working Group at reportphishing@antiphishing.org.
  • Once you have reported the message, delete it from your Inbox or mobile device.

How can I protect myself/my business

  • Education is your best defense. Know what to look for and what to do. It is very important to note that no financial institution, including Farmers Deposit Bank, will ever send you an e-mail asking you to verify or supply personal information, such as:
    • User ID
    • Password
    • Social Security Number
    • Card or Account Number
    • Credit Card Security Code (CCV)
  • Never open unsolicited e-mails from unknown e-mail addresses.
  • Never send personal information via e-mail unless it is to a trusted source and you use some type of encryption.
  • Install a firewall and both antivirus and anti-spyware software. Keep your virus definitions and browser and security software current.
  • Exercise reasonable care when downloading software and opening e-mail attachments. Never download or open an e-mail attachment from an unknown e-mail address.
  • Have your computer analyzed by a qualified technician if you suspect your computer is running abnormally, you are receiving an unusual amount of "pop-up" pages, or you notice that you are being redirected to other Web pages.
Back to Top

Malware

The primary transmission method for malware is phishing.
You click on the link or download the attachment & your system becomes infected with malware. During your next online banking transaction, the malware is triggered into action and steals your login credentials and your money.

What is Malware?

Malware or "malicious software" is designed to infiltrate or damage a computer system without the owner's knowledge or informed consent. Software is considered Malware based on the creator's perceived intent rather than any particular features the software may include. The term Malware covers a host of software including computer viruses, worms, Trojan horses, spyware, and other malicious software.

How does Malware work?

Malware is a significant problem. Malicious programs are now considered aggressive and sophisticated, often using a combination of techniques to accomplish their objective. Malware that combines exploitation of a flaw in operating system, browser software, or other applications (e.g., iTunes, Adobe, etc.) with viruses and other Malware is quickly growing in popularity.

Malware for personal digital assistants (PDAs), smart phones and other portable computer-based tools has now entered the market as well. As portable devices continue to grow in popularity, so too will this form of Malware.

Spyware, Trojan horses, and key loggers are becoming increasingly popular with criminals, including organized crime. These programs can be used to obtain confidential information about the user of the infected computer, such as account numbers and PINs, login credentials, the contents of e-mail, even Internet habits, and the resulting data can easily be sold or used directly to perpetrate fraud.

As a result of Malware, users may find that their computers have become part of a botnet. A botnet is a collection of software robots, or bots, that run autonomously and automatically. While the term "botnet" can be used to refer to any group of bots, this word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via worms, Trojan horses, or backdoors, under a common command-and-control infrastructure. If you take the necessary steps to limit your exposure to Malware, your computer will be less likely to become part of a botnet.

What should I be looking for?

Although the phishing attacks that lead to Malware are designed to be nearly impossible to distinguish from legitimate e-mails messages, there are some common signs you can look for:

  • Attackers urge the recipient to click on the link to update or verify account information, re-activate an account, or cancel an order.
  • Attackers convey a sense of urgency and often mention negative consequences for failing to respond.
  • Attacks are not consistent with other e-mail messages from the business.
  • Messages do not contain any personalization: the recipient's name, the last four digits of their account number, or other information that shows that the sender knows something about the recipient's account.
  • Attacks often contain spelling errors and bad grammar.
  • Messages often claim the user has ordered something that they never ordered.

What should you do if you receive a suspicious e-mail?

  • Do not respond.
  • If you are unsure of its authenticity, call a phone number you trust such as the one on your most recent statement, NOT the one in the e-mail to verify the company actually sent it and to inquire about why they need your information.
  • If it appears to be from another company or financial institution, you can forward it to the Anti-Phishing Working Group at reportphishing@antiphishing.org.
  • Delete the message from your Inbox.

How can I protect myself/my business?

  • Don't open attachments from unsolicited e-mails at work or at home. This is the most common way computers become infected with malware.
  • Install a firewall to prevent unauthorized access.
  • Install and run anti-virus and anti-spyware software on your computer and keep them up-to-date.
  • Try to avoid spyware altogether by taking the following steps before loading software onto your home computer:
    • Read the license agreement. Learn what to look for at http://grc.com/oo/fineprint.htm.
    • Search the Internet for spyware reports. Use the software's name and the word 'spyware' as your search keywords.
  • Do not allow anyone to access your computer without your knowledge. Keep your computer turned off or locked when you're not using it.
  • Never use the "save ID and password" option.
  • Never write your user ID and/or password on a piece of paper and leave it near your computer.
  • Install updates and patches for your home computer's operating system and all of your installed applications (e.g., iTunes, etc.).
Back to Top

Identity Theft

You lose your wallet or purse or it gets stolen. Your driver's license and social security card are in it.

The thief now has enough information to assume your identity.

The thief has successfully opened up new credit cards in your name and is on a shopping spree.

Your trust in Farmers Deposit Bank is important to us – and we want to help you guard against disclosure of your personal information that could lead to identity theft.

Farmers Deposit Bank does not contact customers via text, e-mail, telephone or mail to request or verify security information about passwords or personal identification numbers (PINs). For your protection and privacy, Farmers Deposit Bank representatives will ask for certain information to verify your identity.

What is Identity Theft?

Identity theft (ID theft) occurs when someone assumes another person's personal identifying information (e.g. a name, social security number or date of birth) with the intent of committing fraud. Identity theft is often characterized as the largest growing crime in America. Experts estimate it takes fourteen months for an average victim to discover an identity theft and approximately two years to correct credit information.
Your identity can be stolen in a variety of ways:

  • Loss or theft of your wallet, purse, or credit card
  • Mail theft
  • Skimming information from the magnetic strip on credit or debit cards
  • "Dumpster diving" through the trash
  • "Shoulder surfing" -- looking over your shoulder when you are entering a PIN or password
  • Eavesdropping
  • Scam phone calls where a stranger asks for personal or financial information
  • Phishing [LINK TO new Phishing page] and spyware
  • Computer hacking

How Does Identity Theft Work?

Using one or more of the methods identified above, the fraudster obtains key pieces of personal information (e.g. Social Security number, driver's license number, home address, etc.) that is then used to open new bank accounts in your name, apply for mortgages, apply for credit, etc.

What Should You be Looking for?

  • Unauthorized charges that appear on your checking account or credit card statement
  • Accounts appearing on your credit report that you did not open
  • Calls from collection agencies asking why you have not paid a bill
  • Calls from financial institutions regarding accounts you did not open
  • Missing bills or credit card statements that don't arrive when they are supposed to
  • Unauthorized transfers or withdrawals on your bank statements

What Can You do to Try to Prevent Identity Theft?

There are several preventative steps you can take to reduce your risk of identity theft:

  • Do not carry your Social Security card in your wallet.
  • Don't have your Social Security number or driver's license number printed on your checks.
  • Beware of giving information to anyone over the telephone or the Internet unless you initiate the call.
  • Shred any documents with account numbers or other personal data you are throwing out, preferably with a cross-cut shredder.
  • Watch for regular monthly bills that aren't delivered. Stolen mail is one way to obtain sensitive information.
  • Don't leave mail for pickup at an unlocked mailbox.
  • Check your credit report at least once a year to identify accounts that may have been opened in your name without your knowledge. You can get a copy of your credit report at www.annualcreditreport.com every twelve months.
  • Monitor your online financial accounts frequently.
  • Sign your new debit and credit cards promptly.
  • Do not keep PIN numbers attached to credit, debit or ATM cards.

If you are a member of a military service unit who is on active duty, consider placing an active duty alert on your credit report. The active duty alert can prevent pre-screened offers of credit and insurance being sent while you are away on active duty.

What Should You do if You Become a Victim of Identity Theft?

  • Contact the financial institution(s) or the companies where the information about you has been used and let them know you are a victim of identity theft.
  • Contact the credit reporting agencies to report the identity theft and request they place a fraud alert on your account. You only need to contact one. The first agency you contact will contact the other two. The credit reporting agencies are:
    • www.equifax.com - 1-800-525-6285
    • www.experian.com - 1-888-397-3742
    • www.transunion.com - 1-800-680-7289
  • Contact the police department to report the crime. Be sure to request a copy of the report.
  • Contact the Federal Trade Commission at www.consumer.gov/idtheft to make a report and review their helpful hints for dealing with identity theft.
  • Keep good records of who you talk to, summaries of conversations and documentary evidence of the crime.

For additional information about account fraud and identity theft, visit the Identity Theft Resource Center at www.idtheftcenter.org.

Tools to Protect Yourself

Security Technology for Consumers
Having the right tools on your computer will go a long way towards helping you to protect your personal and financial information. Every computer you own should have:

  • A personal firewall that is not only installed but turned on at all times.
  • An up-to-date operating system. The best way to ensure your operating system is current is to turn on automatic updates.
  • Antivirus software. After installing your antivirus software, be sure to run and update it regularly. Perform a complete system scan at least weekly.
  • Anti-spyware software. After installing your anti-spyware software, be sure to run and update it regularly.
  • An updated and current browser.
  • Up-to-date versions of all other software on your system.
  • Strong passwords on all critical Internet applications that are changed at least every 90 days.
Back to Top

Consumer Payments Fraud

A skimmer has been installed on your neighborhood ATM. You go to this ATM to withdraw cash for the weekend.

The skimmer copies your card information and the hidden camera captures your PIN as you enter it.

Using the captured information, the fraudster clones your credit card and begins paying bills using that cloned credit card.

What is Payments Fraud?

Payments fraud occurs when an individual uses one of several payment devices (e.g., checks, credit cards, etc.) to conduct fraud and steal your money. The most common types of payments fraud include:

  • Check Fraud
  • Wire Fraud
  • ACH Fraud
  • Card Fraud

How Does Check Fraud Work?

There are several different types of check fraud that consumers need to be aware of. They include:

  • Counterfeit checks – Checks are reproduced, utilizing information from legitimate accounts, usually by means of high quality copiers, scanners or desktop publishing software. Counterfeit checks have varying degrees of quality, with some instances being almost identical replicas to the original check, including the check stock itself.
  • Altered checks – Checks that have been altered in some way with chemicals or other means so that the valid information can be erased and the checks can be re-written.
  • Forged signatures – Typically blank checks that have been obtained by the fraudster and then signed with a false signature or valid checks that have been endorsed and cashed by someone other than the payee .

What Can You Do To Protect Yourself From Check Fraud?

  • Keep your checks, deposit slips and bank statements in a secure location.
  • Review your statements closely and report any discrepancies to your bank immediately.
  • Do not share your account number with anyone who does not need it.
  • Destroy old checks, statements, ATM receipts, etc., before discarding.
  • If you pay bills using checks that will be put in the mail, put them in a U.S. Postal Service blue box or bring them to the Post Office.
  • Never sign a blank check.
  • Do not endorse a check until you are ready to cash or deposit it.
  • Do not put your Social Security number, driver’s license number, telephone number, or credit card number on your checks.
  • Use a Uniball 207 gel pen (available at office supply stores, discount department stores, and some grocery stores) to write checks. The gel gets trapped in the paper and makes it much harder to wash than regular ink.

How Do Wire and ACH Fraud Work?

Both wire and ACH (automated clearing house) transactions are forms of electronic fund transfers (EFTs). The primary difference is that wire transfers are done in real-time and ACH transfers are not. Wire transfers typically involve larger sums of money, are transferring money from one bank to another bank, and are more expensive to do. ACH transfers typically involve smaller amounts of money, take longer to process, and are less expensive to do. Payroll deposits and online bill payments are examples of ACH transactions.

Wire and/or ACH fraud occur when a fraudster uses one of these transfer methods to obtain money based on false representation or promises. For example, you may purchase an item on an online auction site, wire the money to the seller and either never get the item or receive an item of a lower value than was advertised/promised. Another common type of wire/ACH fraud involves what appears to be an email from a friend stranded in a foreign country after being robbed. This “friend” ask you to wire them money so they can get home. Phishing and malware are often used to obtain your bank logon credentials. Once the fraudster has these, he/she can use them to wire money out of your account and into his/hers or use your money to initiate payments for his/her own bills.

What Can You Do To Protect Yourself From Wire/ACH Fraud?

  • Monitor your accounts regularly for unauthorized transactions. Report any unauthorized transactions to your bank immediately.
  • Do not share your online banking logon credentials (user ID and password) with anyone.
  • Do not share your account number with anyone who does not need it.
  • Never access your bank account using a public computer (e.g., at the library or a hotel business office).
  • Install a firewall on your computer to prevent unauthorized access.
  • Install and run anti-virus and anti-spyware software on your computer and keep them up-to-date.

How Does Card Fraud Work?

Card fraud is theft and fraud committed using a credit or debit card. The fraudster may use the card to obtain products or services or to withdraw money from your account. Credit and debit card information is most often obtained through phishing (all forms) and skimming. You may click on a link in an email that downloads malware onto your computer. The malware will then enable the fraudster to steal your logon credentials the next time you log into online banking.

What Can You Do To Protect Yourself From Card Fraud?

  • Sign the back of your card as soon as you get it.
  • Check your statements as soon as you get them.
  • Be sure any sites you put your card information into (e.g., online shopping sites) are secure. The URL should start with https, not http.
  • Protect your cards like you would cash – try not to let them out of your sight.
  • If your card is lost or stolen, notify your bank immediately.
  • Shred credit card applications you may receive in the mail.
  • Keep a record of account numbers, expiration dates, phone numbers and addresses for each credit card in a secure place.
  • Never give your credit card number over the phone unless you initiated the call and are dealing with a trusted source.
  • Do not store your PIN with your credit/debit card.
Back to Top

Security of Accounts and Information

Farmers Deposit Bank values your business and the trust you have placed in us. We take the security of your accounts and confidential information very seriously and employ a variety of tools, techniques, and processes to help protect them and make your online banking experience as secure as possible:

  • Encryption - Farmers Deposit Bank uses the highest standards of encryption available, including the use of Secure Sockets Layer (SSL) technology, which prevents data from being read, if intercepted during transmission.
  • Automatic Time Out - If you are logged into Farmers Deposit Online Banking and fifteen minutes pass with no activity, your session will automatically time out and you will need to log back in.
  • Enhanced Authentication - Farmers Deposit Bank has technology in place that tracks the characteristics of your login session and determines if it is high risk. Depending upon the particular scenario, denial of access may be appropriate to safeguard your information. If access is denied, you will need to use a computer to access Internet banking.

Secure Communications

In addition to securing our systems and the information that flows into and out of them, Farmers Deposit Bank understands the need to communicate with our clients in a secure manner. Farmers Deposit will NEVER send you an e-mail asking you to click a link to verify or supply personal information, such as:

  • User IDs
  • Passwords
  • Social Security Numbers
  • Credit Card Security Code (CVV)
  • Mother's maiden name or other user-defined challenge information (e.g., place of birth, etc.)

If you are unsure about an e-mail or a Web site that appears to be from Farmers Deposit Bank, take the following precautions:

  • Type our Web site address (www.farmersdepositbankky.com) into your browser to visit our Web site instead of relying on links in e-mails or an entry in your Favorites. Farmers Deposit is committed to providing a secure online banking experience.
Back to Top