Security Center

Security Center

• ATM/ITM Safety

   

  For ATM/ITM safety, use a common sense approach.
  
  

  • Notify us immediately - If your ATM access card or PIN is lost or stolen, call us as soon as possible at 877-647-5050. Promptness is very important.
    
    
  • Be prepared - Have your card out and ready before you get to the ATM/ITM site (don't go through your wallet or purse while at the machine). Also have the necessary paperwork (i.e. deposit envelope, loan payment slips, etc.) filled out and ready. The less time you spend at the ATM/ITM the better!
    
    
  • Check out the general area of the ATM/ITM - Be sure to look for any unusual situations; anything out of the ordinary, a suspicious person, or persons. Again, use common sense, avoid the area for now and come back later or go to a different ATM/ITM if anything does not look right to you. Cancel your transaction and leave as quickly as possible if, while conducting a transaction, you see anyone or anything suspicious.
    
    
  • Safeguard the privacy of your transaction - Keep the keypad from anyone else's view by blocking it with your body or other hand to prevent anyone from learning your PIN. Your transaction is personal and private. No part of your transaction is anyone else's business.

  
  Show no sign that you did anything more than check your balance and leave the machine quickly. Never count your money until you are out of the area. Avoid having cash showing as you leave the ATM/ITM; this is an invitation for foul play. Put it out of sight in your pocket or purse. Be sure to take your card and receipt from the machine.
  
  Your Personal Identification Number (PIN) is private and should not be given to anyone. It's best to memorize your PIN, but if you must write it down, use a code that only you understand. Never give out your PIN to anyone, under NO circumstances. Never give out account information over the telephone. Be suspicious of any person asking for your account number. You should routinely check your account statements carefully to ensure all charges and withdrawals were authorized by you and you have not become a victim of fraud.

   

• Keep Your Information Safe

  Securing your identity and protecting your information involves a collaborative effort between you, your bank, and other establishments you do business with who have access to your personal information. We are strongly committed to protecting your information and remain constantly aware of new fraud trends so that we can protect you as a customer. During the last several years, fraud trends have shifted towards targeting bank customers more so than banks. Because of this, your understanding of the risks and how to avoid them is key to keeping you and your assets safe. Below are some common examples of methods used to steal your identity.

   

  P2P (Person-to-Person Payment) Scams

  
  

  Be on the lookout for some of these common P2P (Person-to-Person) Scam scenarios:

  
  

  Scammers impersonating your bank may call to alert you about “suspicious activity” on your account and direct you to send money to yourself or “the bank’s address” to reverse a transaction or to verify the account is not frozen. However, your bank will never tell you to send money to anyone, not even yourself. Criminals try to make you believe you’re sending money to yourself, but you’re actually sending money to the impostor. 

  
  

  Fraudsters may reach out claiming to represent a fraud department or merchant and ask you to confirm information such as your bank account username and password, credit card or debit card data, or Social Security numbers. But do not share this information — scammers want to create a P2P account with your information, steal your identity, and gain access to your accounts. 

  
  

  Scammers posing as a legitimate business may request a P2P payment for a product or service. Once they receive your money, you never receive what you paid for and they disappear. Treat P2P payments like cash — don’t pay until you receive the product.

  
  

  You accept a work-from-home position and the new company sends you a check to deposit, then asks you to send all or part of the funds to someone else using a P2P service. Do not deposit the check — the company is a scam and the check will bounce, leaving you on the hook for the amount of the fake deposit. 

  
  

  A scammer “accidentally” sends you money on a P2P service and asks you to send the money back. Never send back the money, and instead contact the P2P service about the error. Criminals’ accounts usually use stolen funds that the P2P payment service will eventually flag as a fraud. If you send money back to the scammer, the P2P service could take funds out of your account or hold you responsible. 

  
  

  Con artists may ask to borrow your phone for a contrived emergency. Do not hand over your phone to strangers, as they could make financial transfers using your payment apps and accounts.

   

  Phishing

  
  Phishing is the term that describes fake emails that claim to be from a legitimate business such as a bank. Scam artists recreate web pages that they copy from real websites to try to fool consumers into providing their personal information. Even though the email has a bank’s logo on it, or name on it, and looks like it comes from the bank, it may be a fraud. The email may ask you to “validate” information by filling in items such as your log-in information, ID, password, debit card number, security codes, or PINS. Watch out for emails that are marked “Urgent” or say that your account may be closed if you do not respond – those are typical strategies to try to get information. Watch out for emails that provide only a general greeting and do not identify you by name. Be careful of emails that have spelling or typing errors.
  
  MNB will NEVER ask you for your personal information or account information via email. If you ever receive such an email, or any request that seems suspicious, contact us by calling our toll-free number at 877-647-5050 so that we can investigate immediately.
  
  

  Pharming

  
  Pharming involves sending internet users to a fake website, even when they entered the correct address. These fake sites often look real, but secretly collect any personal information and passwords entered. Users end up at fraudulent sites by having spyware or a virus loaded on their computer, or by sophisticated hacking tricks.
  
  Beware of any changes to the logon screen. If you are asked for anything out of the ordinary, do not enter any information. Contact us by calling our toll-free number at 877-647-5050 so that we can investigate immediately.
  
  

  Vishing

  
  Vishing is a combination of the words “voice” and Phishing”. The person committing the fraud sends an email asking for personal or account information, but then says “we know you are concerned about safety, so please call this number”. When you call, the person at the other end is part of the scam. This scheme is trying to get your debit card or credit card number. Always be highly suspicious of any call that asks for account numbers or card numbers.
  
  Contact us directly to verify the validity of any message you might receive. Do not use the number given to you via any email or phone call – call our toll-free number at 877-647-5050, look our number up in the phone book or via an online directory.
  
  

  Fake Check Scams

  
  Common checks that are fake:

  • You’ve won a sweepstakes, lottery or grant – here’s your check, send us a wire transfer to pay the taxes. FAKE
  • Here’s a payment for you to start working from home – deduct a small amount of money and then wire the rest to us, your new employer. FAKE
  • Here’s a check for something you have for sale; it’s a little more than you asked, just wire us that difference to pay for your shipping costs. FAKE

  If you find yourself in any type of situation as just described, consult your consumer protection agency, the Federal Trade commission, the Postal Inspection Service to learn more.
  
  

  Social Networking

  
  Reconnecting with old friends or classmates, playing games, exchanging ideas are all great benefits of online social networking. Just remember to use common sense and control the amount of personal information that you post online or share online with others.

  • Do not include email addresses or phone numbers in your profiles
  • Keep your address private
  • Understand who can access your information when you sign up for any social networking site. Is it private, or is it public?
  • Use a password that is at least eight to ten characters long, use a combination of upper and lower case letters, plus numbers, plus symbols
  • Keep in mind, while online, think before you respond. Guard your personal information.

• Out-Of-Band Authentication for Added Security

  Scams are on the rise, and chances are you’ve heard of one recently. One way that MNB is working to protect you against scammers is by offering Out-Of-Band Authentication (OOBA) for your online banking accounts. 

   

  What is OOBA?

   

  Out-of-band authentication is a type of multifactor authentication that requires you to use another method of verification through a different channel along with your user ID and password. So, say you go to log in to your online banking with your username and password via the internet, that’s the first channel. The second channel in OOBA is to use your mobile device to receive a call or text or use an authentication app to get a code or notification to log in to your online banking. OOBA helps to keep your account safe in the instance that a scammer gets a hold of your user ID and password by sending a code to your phone that only you would have access to.

   

  MNB’s online banking offers users a chance to download the Duo Mobile app which is a type of OOBA app. Duo Mobile would take the place of receiving a verification code via call or text; rather, you would receive a notification on your mobile device from the Duo Mobile app and then verify that you are or are not trying to log into your online banking. Downloading the Duo Mobile app is optional. If you choose not to download the app, you will continue to receive your verification codes via call or text. If you choose to download the app, once you select that option in your OOBA setup, you will receive two text messages containing links to first download Duo Mobile and second to verify the app with your online banking account.

   

  How does OOBA work with MNB?

   

  All online banking users have the option to request OOBA. Once OOBA is enabled, online banking will walk you through the following steps. Use steps 1-2 if you choose not to download the Duo Mobile app. Use steps 1-4 if you do choose to download the app.

   

  1. Set up your device by entering your phone number and nickname for your device and choosing your device’s operating system, e.g. Android, Apple, Windows, or Blackberry.
  2. Verify your device by opting to receive a verification code via call or text and enter your code into the appropriate box.
  3. (Optional) Select “Use Duo Mobile” if you wish to use the OOBA app.
  4. (Optional) Use the links in your text message to download Duo Mobile and to verify the app with your online banking account.

   

  Once you set up OOBA on your accounts, you will be asked to verify your identity each time you log in to online banking. This will add an extra step of security to keep you and your accounts safe from scammers trying to gain access to your account.

   

  If you want to set OOBA up on your online banking account, give us a call at 877-647-5050 or stop in and speak with one of our Customer Service Representatives today!

   

  Written by Andrea Klinedinst, Compliance Assistant

• Cybersecurity Tips

  Protect your computer. Install software that protects against malware, or malicious software, which can access a computer system without your consent to steal passwords or account numbers. Also, use a firewall program to prevent unauthorized access to your PC. While protection options vary, make sure the settings allow for automatic updates.
  
  Use the strongest method available to log into financial accounts. Use the strongest authentication offered, especially for high-risk transactions. Use passwords that are difficult to guess and keep them secret. Create “strong” passwords or passphrases for your computers, mobile devices, and online accounts by using combinations of upper- and lower-case letters, numbers, and symbols that are hard to guess and then change them regularly. Although using the same password or PIN for several accounts can be tempting, doing so means a criminal who obtains one password or PIN can log in to other accounts. Use Multi-Factor Authentication (MFA) when possible. If you would like to use MFA for your MNB Online and Mobile Banking, please call our Customer Service Department at 877-647-5050.
  
  Understand Internet safety features. You can have greater confidence that a website is authentic and that it encrypts (scrambles) your information during transmission if the web address starts with “https://.” Also, ensure that you are logged out of financial accounts when you complete your transactions or walk away from the computer. To learn about additional safety steps, review your web browser’s user instructions.
  
  Be suspicious of unsolicited e-mails & texts asking you to click on a link, download an attachment, or provide account information. It’s easy for cyber criminals to copy the logo of a reputable company or organization into a phishing email. When responding to a simple request, you may be installing malware. Your safest strategy is to ignore unsolicited requests, no matter how legitimate or enticing they appear.
  
  Be careful where and how you connect to the Internet. Only access the Internet for banking or for other activities that involve personal information using your own laptop or mobile device through a known, trusted, and secure connection. A public computer, such as at a hotel business center or public library, and free Wi-Fi networks are not necessarily secure. It can be relatively easy for cyber criminals to intercept the Internet traffic in these locations.
  
  Be careful when using social networking sites. Cyber criminals use social networking sites to gather details about individuals, such as their place or date of birth, a pet’s name, their mother’s maiden name, and other information that can help them figure out passwords — or how to reset them. Don’t share your ‘page’ or access to your information with anyone you don’t know and trust. Cyber criminals may pretend to be your ‘friend’ to convince you to send money or divulge personal information.
  
  Take precautions with your tablet or smartphone. Consider opting for automatic updates for your device’s operating system and “apps” (applications) when they become available to help reduce your vulnerability to software problems. Never leave your mobile device unattended and use a password or other security feature to restrict access in case your device is lost or stolen. Make sure you enable the “time-out” or “autolock” feature that secures your mobile device when it is left unused for a certain period of time. Research any app before downloading it. Consult your financial institution’s website to confirm where to download its official mobile application. 

• Resources

  Identity theft continues to be one of the fastest growing crimes in the United States, and has ranked as one of the top consumer concerns for the past several years. MNB is committed to helping its customers avoid becoming victims of identity theft. If you learn or suspect you are a victim of identity theft, contact us by calling 877-647-5050. We advise calling during business hours and speaking directly to our Customer Service Department. In addition, contact the Federal Trade Commission (FTC) and follow the instructions at www.identitytheft.gov for more information about reporting fraud and recovering your identity.

   

  Get scam smart with these tips at www.banksneveraskthat.com.

   

• Important Reminder

  MNB will never call you or send you an email message requesting any personal information. If you receive a request for this information, it is a scam referred to as phishing. Do not provide this information and notify us immediately!

• FDIC Insurance Coverage

  Each depositor is insured up to at least $250,000 by the Federal Deposit Insurance Corporation (FDIC).
  
  By operation of federal law, beginning January 1, 2013, funds deposited in a non-interest bearing transaction account (including IOLTA Accounts) will no longer receive unlimited deposit insurance coverage by the Federal Deposit Insurance Corporation (FDIC). Beginning January 1, 2013, all of a depositor’s accounts at an insured depository institution, including all non-interest bearing transaction accounts, will be insured by the FDIC up to the standard maximum deposit insurance amount ($250,000) for each deposit ownership category.
  
  For more information or to calculate your coverage, visit www.fdic.gov.