Security

Security

The F&M Bank & Trust Company understands that security is important. Security and trust are two of our most valuable assets and we have taken a number of steps to help protect these assets and enhance safety and confidentiality in the transmission of private information sent over the Internet.

Financial institutions, companies, and Internet users who conduct business on the Internet have become targets of viruses, e-mail scams, and other fraudulent activity. F&M Bank is dedicated to provide you information about these threats and the best ways to protect yourself against them.

Your Computer

  • Spyware, Malware
  • Viruses, Worms and Trojans
  • Firewalls, Anti-virus Software, Security Updates & Patches

Your Browser Software - Encryption

  • Security Updates & Patches

Your Identity - Phishing, Pharming

  • Passwords

Your Computer - Spyware, Malware

Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else.

(MALicious softWARE) Malware software designed to destroy, aggravate wreak havoc, hide potentially incrimination information, and/or disrupt and damage computer systems.

Spyware and Malware may be installed when you visit a web site that hosts a program, image, video file, music file or a program that you install. Occasionally these sites actually display a notification before they install the software, most other sites push the software to your computer without permission.

There are a number of programs available to find and remove Spyware and Malware. F&M Bank does not offer or endorse any one program. You are strongly encouraged to find a tool that works for you. Some of the most popular are developed by Symantec, ZoneAlarm, McAffee and Trend Micro.

We recommended that you research the products by the major anti-virus vendors and select the right product for you. In addition, it is strongly recommended that the software be configured to update automatically when new detection capabilities are released by the vendor.

Your Computer - Viruses, Worms and Trojans

The most common types of software threats to your home or business computer are: Viruses, Worms, and Trojans. Each is designed to attack a computer or group of computers in a different way. Your computer could be made unusable, or usable by someone else (referred to as a "zombie" system). Even the information it holds could be read by someone else.

Virus

A computer virus is a self-replicating program containing code that explicitly copies itself and can "infect" other programs by modifying them or their environment. Often 'social engineering' is the payload of the virus. Clever phrases or offers for free merchandise are used to trick the victim into trusting it and opening the message or clicking on a link. Typically delivered in an email message, it may appear to come from someone you know.

Worm

A computer worm is a self-replicating computer program, similar to a computer virus. Where a virus attaches itself to, and becomes part of, another program, a worm is self-contained and does not need to be part of another program to propagate itself. They are often designed to exploit the capabilities found on many computers such as email delivery, file transfer or requests from information on file shares.

Trojan

"Trojan horse"; a reference to the story of the Trojan War, a piece of malware (such as a virus program) contained within a legitimate program. The purpose of the Trojan can be wide, but the distribution approach is to attempt to have the user willingly install the host program to gain access to the victim's computer in the form of a "back door". Trojans do not install or run automatically, but may entice users into installing or executing by masquerading as another program altogether (such as a game or a patch) or they may be packaged with hacked legitimate programs that install the Trojan when the host program is executed. Trojan "key loggers" are very wide spread. These Trojan applications log every key stroke made on a computer and relay the information to a hacker. The intent is to collect information such as an access ID and password to an online banking system or other type of financial services web site. The hacker can then log in as the victim to steal funds or transfer funds.

Your Computer - Firewalls, Anti-virus Software, Security Updates & Patches

Your best defense is to have a layered security approach. The first layer of defense is a good firewall. A firewall shields your computer or network from intruders by blocking any or all traffic from the Internet attempting to gain access to your computer or network. The most common firewalls used by consumers are software programs that are installed onto your computer. Most companies use firewall systems or appliances. These firewall devices are computers with the sole purpose of defending a network. There are many firewall software vendors that offer very good firewall solutions that are bundled with anti-virus scanning software. Some of the most popular are developed by Symantec, ZoneAlarm, McAffee and Trend Micro.

As important is the practice of updating your computer with the latest security updates and patches. If you are using Microsoft Windows, use their Windows Update Service to keep your computer current. You can set up the system to automatically update your computer whenever a new patch is released. Go to Microsoft's website for more information.

Your Browser Software - Encryption

We require you to use Internet Explorer version 8.0 or higher or Firefox. Adobe Acrobat X (10) or higher is also required for viewing documents online. Internet Explorer and Firefox are accepted as industry standards while supporting the use of Secure Socket Layer (SSL) encryption technology. Secure Socket Layer encryption technology allows the highest level of browser data encryption available today.

Browser Security Requirements

NetBanc24 uses 256-bit strong encryption to ensure your account information remains safe and confidential while traveling over the Internet. You will need a 256-bit strong encryption web browser to access F&M Bank's Internet banking products NetBanc24 and DirectConnect. DirectConnect will not work with Apple Safari, you will need to use Internet Explorer 8.0 or higher or Firefox.

To learn your browser's current encryption level, please do the following:


  • Microsoft Internet Explorer users - in Internet Explorer, click the "Help" menu and select "About Internet Explorer." Look at the "Cipher Strength." If the Cipher Strength is anything lower than 256-bit, you'll need to upgrade your browser before using NetBanc24.

Your Browser Software - Security Updates & Patches

Software programs are increasingly more complicated. Software developers, system developers, manufacturers and hackers are constantly finding flaws in programs. These flaws can often be turned into exploits to remotely control or crash or control computers. To protect customers, software vendors constantly release updates to their software.

Your best protection is to keep your software current. If you are using Microsoft Windows, use their Windows Update Service to keep your computer current. You can set up the system to automatically update your computer whenever a new patch is released. Go to Microsoft's website for more information.

Your Identity - Phishing & Pharming

Phishing attacks use both social engineering and technical exploits to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' email to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites that are designed to trick the person accessing the sites into thinking they are on the legitimate web site.

Your best defense against this type of risk is to follow these suggestions:

  • Be suspicious of any email with urgent requests for personal financial information unless the email is digitally signed, you can't be sure it wasn't forged or 'spoofed' phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately they typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc. phisher emails are typically NOT personalized, while valid messages from your bank or e-commerce company generally are
  • Don't use the links in an email to get to any web page, if you suspect the message might not be authentic instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser
  • Avoid filling out forms in email messages that ask for personal financial information you should only communicate information such as credit card numbers or account information via a secure website or the telephone
  • Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser to make sure you're on a secure Web server, check the beginning of the Web address in your browsers address bar - it should be "https://" rather than just "http://"
  • Consider installing a Web browser tool bar to help protect you from known phishing fraud websites
  • Regularly log into your online accounts don't leave it for as long as a month before you check each account
  • Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate if anything is suspicious, contact your bank and all card issuers

Your Identity - Passwords

You have an integral role in the prevention of any wrongful use of your account. The password you use to access your online account should be protected and kept confidential. Anyone who obtains your password will have full access to all of your online accounts. As you are ultimately responsible for your password, you should not write your password down where anyone might find it or possibly figure out what it is. You should also change your password often, and avoid using easily guessed passwords such as common words in the dictionary or a series of numbers in sequence. A password using a combination of characters and numbers is highly recommended. As there are computer viruses that could be used to capture password keystrokes, you should take standard precautions to keep your computer free from viruses. Please log out when you end your session to prevent unauthorized access to your account when you are not at your computer.

As our customer it is your responsibility for to protect your password and all transactions conducted on your account through the use of your password. The F&M Bank & Trust Company will rely on your password as confirmation that you have authorized all transactions conducted during the online session.

Promptly examine any statement or correspondence you may receive. If you find your records and ours disagree, do not hesitate to call F&M Bank Customer Service at (918) 748-4100.

Customer Service and Account Information for all branches may be reached at 918-748-4100 or access account information anytime through PhoneBanc24 at 918-748-4300 and online through NetBanc24 at www.fmbankusa.com