Security

Merchants National Bank cares deeply about our customers and the security of your private information. Please take some time to read through our in depth information regarding identity theft, tips to reduce your risk, phishing, and our security statement.

 

Identity Theft

If you suspect misuse of your personal information to commit fraud, take action immediately. Keep a record of all conversations and correspondence when you take the following suggested steps:

Contact your bank(s) & credit card issuers.

Contact your bank(s) & credit card issuers immediately so that the following can be done: Access to your accounts can be protected; stop payments on missing checks; personal identification numbers (PINs) and online banking passwords changed; and a new account opened, if appropriate. Be sure to indicate to the bank or card issuer all of the accounts and/or cards potentially impacted including ATM cards, check (debit) cards and credit cards. Customer service or fraud prevention telephone numbers can generally be found on your monthly statements. Contact the major check verification companies to request they notify retailers using their databases not to accept these stolen checks, or ask your bank to notify the check verification service with which it does business.

Three of the check verification companies that accept reports of check fraud directly from consumers are:

  • Telecheck: (800)710-9898
  • International Check Services: (800)631-9656
  • ChexSystems: (888)478-6536
  • Equifax: (800)437-5120

File a police report with your local police department.

Obtain a police report number with the date, time, police department, location and police officer taking the report. The police report may initiate an investigation into the loss with the goal of identifying, arresting and prosecuting the offender and possibly recovering your lost items. The police report will be helpful when clarifying to creditors that you are a victim of identity theft.

Contact the three major credit bureaus.

Contact the three major credit bureaus & request a copy of your credit report. Review your reports to make sure additional fraudulent accounts have not been opened in your name or unauthorized changes made to your existing accounts. Check the section of your report that lists “inquiries.” Request the “inquiries” be removed from your report from the companies that opened the fraudulent accounts. In a few months, order new copies of your reports to verify your corrections and changes to make sure no new fraudulent activity has occurred. Request a “fraud alert” for your file and a victim’s statement asking creditors to call you before opening new accounts or changing your existing ones. This can help prevent an identity thief from opening additional accounts in your name.

The major credit bureaus and their phone numbers are:

Check your mailbox for stolen mail.

Make sure no one has requested an unauthorized address change, title change, PIN change or ordered new cards or checks to be sent to another address. If a thief has stolen your mail to get credit cards, bank and credit card statements, pre-screened credit offers or tax information, or if an identity thief has falsified change-of-address forms, that’s a crime. Contact your local post office and police.

Maintain a written chronology of what happened.

What was lost and the steps you took to report the incident to the various agencies, banks and firms impacted. Be sure to record the date, time, contact telephone numbers, person you talked to and any relevant report or reference number and instructions.

Reduce Your Risk of ID Theft

  • Shred and destroy unwanted documents that contain personal information.
  • Immediately report lost or stolen credit cards.
  • Review and monitor your consumer credit reports regularly.
  • Do not carry your social security card or your birth certificate. Keep these tucked away in a safe place.
  • Be aware and note when your monthly financial statements arrive in the mail. Notify your financial institutions if they don’t arrive when expected.
  • Watch your financial statements and ensure all charges made are yours.
  • Keep your ATM and Debit Card receipts, do not leave these behind.
  • Never reveal your bank account, credit card, mother’s maiden name or social security number over the phone (unless dealing with a trusted business or organization). Ask the caller to send information by mail.
  • Keep a list of all your financial accounts such as account numbers, expiration dates, and customer help telephone numbers. Ensure this list is kept in a safe place & use to contact in case of lost or stolen cards.
  • When creating passwords or PINs, do not use digits of your social security number, mother’s maiden name, your birth date, any part of your name (first, middle, last).
  • Watch your credit card expiration dates, if you don’t receive a replacement card prior to the date - contact the issuer.
    Sign all new credit cards immediately to prevent someone else from doing so.
  • Beware of mail or telephone contacts informing you of prizes and awards - especially if they ask for personal or financial account information.
 

Spoofing and Caller ID

"Spoofing" occurs when a caller deliberately falsifies the information transmitted to your caller ID display to disguise their identity. Spoofing is often used as part of an attempt to trick someone into giving away valuable personal information so it can be used in fraudulent activity or sold illegally. U.S. law and FCC rules prohibit most types of spoofing.

Caller ID lets consumers avoid unwanted phone calls by displaying caller names and phone numbers, but the caller ID feature is sometimes manipulated by spoofers who masquerade as representatives of banks, creditors, insurance companies, or even the government.:

    • Be cautious of calls from entities spoofing Merchants National Bank's organization name and phone number.
    • If you receive a call appearing on your Caller ID to be from Merchants National Bank, but the caller and/or the content of their information delivery seems strange, it is possible that someone is spoofing. Please read on for additional information and suggested steps to take.
    • What you can do if you think you're being spoofed.
      •      You may not be able to tell right away if an incoming call is spoofed. Be careful about responding to any request for personal identifying information.
      •      Never give out personal information such as account numbers, Social Security numbers, mother's maiden names, passwords or other identifying information in response to unexpected calls or if you are at all suspicious.
      •      If you get an inquiry from someone who says they represent Merchants National Bank seeking personal information, hang up and call the phone number on your account statement, in the phone book or on the Merchants National Bank website to verify the authenticity of the request.
      •      Use caution if you are being pressured for information immediately.
    • How do I report suspected spoofing?
    • If you receive a call and you suspect caller ID information has been falsified, or you think the rules for protecting the privacy of your telephone number have been violated, you can contact the Federal Communications Commission at https://consumercomplaints.fcc.gov

Phishing

Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients.
Here are some tips to help you avoid getting hooked by a phishing scam:

      • Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser. Phishers produce convenient links to seemingly legitimate websites where you enter the information the fraudster wants to steal but in reality the website will be redirected to a “spoofed” website that is a fake and now the “Phisher” has your information.
      • Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.
      • Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
      • Don't email personal or financial information.
      • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
      • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.
      • Forward phishing emails to spam@uce.gov – and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems. You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
      • If you believe you've been scammed, file a complaint with the Federal Trade Commission at www.ftc.gov/complaint, and then visit the FTC's identity theft website at ftc.gov/idtheft. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit reporting companies. See http://www.annualcreditreport.com for details on ordering a free annual credit report.

Security Statement

Merchants National Bank is pleased to offer Internet Banking services, including but not limited to Personal Online Banking, Business Banking Online, and Online Bill Pay services. Delivering these services requires a solid security framework that protects data from outside intrusion. We are committed to providing the safest operating environment possible for our customers. The information below summarizes our security framework, which incorporates the latest proven technology. We also encourage you to refer to our Online Security Tips and Identity Theft to access additional information and recommendations for your safety.

User Level security ensures the confidentiality of information sent across the public Internet. You are required to use a fully (Secure Sockets Layer) SSL-compliant 128 bit encrypted browser such as Mozilla Firefox or Microsoft Internet Explorer. SSL allows a user’s browser to establish a secure channel for communicating with our Internet server. SSL utilizes highly effective cryptography techniques between your browser and our server to ensure that the information being passed is authentic, cannot be deciphered, and has not been altered en route. SSL also utilizes a digitally signed certificate which ensures that you are truly communicating with the Internet Banking server and not a third party trying to intercept the transaction.

After a secure connection has been established between your browser and our server, you then provide a valid Access ID and Password to gain access to the services. This information is also encrypted. Although SSL utilizes proven cryptography techniques, it is important to protect your Access ID and Password from others. You must follow the Access ID and Password parameters we specify at the time you sign up for Internet Banking services. We also recommend changing your Password periodically. Session time-outs and a limit on the number of logon attempts are examples of other security measures in place to ensure that inappropriate activity is prohibited at the User Level.

The Banking Server is protected using the latest firewall platform. This platform defends against system intrusions and effectively isolates all but approved customer financial requests. The platform secures the hardware running the Internet Banking services and prevents associated attacks against all systems connected to the Banking Server. The system is monitored 24 hours a day, seven days a week for a wide range of anomalies to determine if attempts are being made to breach our security framework.

Once authenticated, the customer is allowed to process authorized Internet Banking services transactions using host data. In addition, communication time-outs ensure that the request is received, processed, and delivered within a given time frame. Any outside attempt to delay or alter the process will fail. Further password encryption techniques are implemented at the host level, as well as additional security logging and another complete physical security layer to protect the host information itself.

 

Back to Top