Protect Yourself and Your Accounts

Tips and Tricks

Providing Your Personal Information

MCNB will never call you and ask for information regarding your accounts – we already have it!  You provided it as part of the account opening process.

• Never click on a link from an unknown person.
• Don't reply to a possible phishing email.
• Verify email senders by confirming the “Sent From” email address.
• If an email or phone call seems suspicious, contact the company directly via regularly used phone number, email address, or website.
• Shop with merchants you know and trust.
• Check account statements promptly and report suspicious transactions.
• Report lost or stolen debit/credit cards immediately.
• Shred paper documents, including receipts, containing unmasked account information before discarding them.
• Be aware of your surroundings when entering your PIN.
• Don't leave receipts at the ATM, on shop counters, or at the gas pump.

Keep your password and PIN safe

Do not share your iBank password or ATM/Debit Card PIN with anyone. Giving your password or PIN to another person or company places your finances and privacy at risk.

Change your password regularly and use a different password than you use for other websites. Make it difficult for others to guess your password by using at least 8 characters and a combination of letters and numbers in your password. If you think someone knows your password, change it immediately.

Password management software provides a secure way to manage many passwords.

Check your statements

It is important to check your statements regularly.  A quick check will help identify any unusual or criminal transactions that might have been performed on your account without your knowledge.

Report Fraud

Direct Deposit and Online Banking

Arrange with your employer to have your salary deposited directly into your MCNB account to prevent lost or stolen checks. You can also set up recurring transfers and payments from your MCNB account so that your obligations are met safely and securely.

Look for the lock icon

Before entering personal information on a website, look for the "lock" icon in your browser. A closed lock or padlock indicates that the website you are on is secure. You can also confirm a website is secure by looking for "https" in the website address. This indicates the communication is happening over a secure connection.

Clear your browser's cache

If you use a public or shared computer with iBank, it is vital that you log out when you are finished. Once you have logged out, you should delete the browser's cache. The cache maintains a copy of web pages that have been viewed recently.

Protect your computer from viruses

Protect your computer by ensuring you have an anti-virus program installed and that you update it regularly. Most anti-virus programs offer automatic updates to help ensure you are always up-to-date. Viruses can damage your computer, lead to the loss of your files, and some can capture information from your computer and send it to other computers via the Internet.

Do not open e-mail attachments unless you trust the person or company that sent you the e-mail. Ensure your anti-virus program automatically scans your e-mail attachments for viruses.

Only download files from websites you trust. Unsafe sites often provide files which are infected with viruses in an attempt to steal your personal information.

Use a firewall

When your computer is connected to the Internet, it is vulnerable to "attack" through the Internet connection. Although this is a problem for all types of Internet connections, DSL and cable modem connections are more vulnerable because they offer an "always on" capability. You can help protect your computer from attack by using a personal firewall. Personal firewalls can be software, hardware, or both, and create a barrier to attacks.

Microsoft Windows and Apple MacOS both include basic personal firewalls. Be sure they are enabled for your protection.

Install security updates

Most personal computers use the Microsoft Windows and Apple MacOS operating systems. The makers of these systems regularly issue security updates to protect against new and emerging threats. You should download and install security updates regularly or configure your operating system to automatically check for new updates. It is important to use up-to-date anti-virus software and a personal firewall. Ensure you also regularly patch other software on your computer, such as Java and Adobe products. Unpatched software can allow hackers to use those vulnerabilities to install malware on your computer.

Consider using a single computer for your online banking and restrict other users on it.

Beware of e-mail fraud

Be wary of e-mails that ask for personal information and never provide your personal passwords, personal information numbers or login information.

Beware of identity fraud

Take steps to protect yourself against identity fraud, including protecting your personal information, memorizing your passwords and reporting thefts and losses immediately.

Look for privacy policies on other websites

The MCNB website provides links to other websites that are not operated or governed by MCNB's privacy policy or security standards. If you visit one of these websites, you should read their unique privacy and security policies before entering data on those sites.

 Achieve more financial success.  Watch videos and find tips for personal and business.

Report Online Fraud: What You Can Do

If you think you have been a victim of fraud (e-mail fraud, identity theft, phishing, etc.), please contact us immediately via phone 800-532-9553 or contact your nearest MCNB location.

If you believe someone has obtained your card number and PIN, please call us immediately at 800-532-9553 to report the incident and help prevent fraudulent transactions.

We may ask you for the following information so we can investigate:

• Description of the fraudulent incident.
• Any fraudulent e-mails you received or anti-virus/anti-spyware scan logs.

Anytime you are a victim of fraud or identity theft, it is important to review and monitor your credit report. You can request a copy of your credit report at www.annualcreditreport.com. You may call 877-322-8228 or write to Annual Credit Report Service, PO Box 105283, Atlanta GA 30348-5283. (If electing to request it by mail, the Federal Trade Commission (FTC) has a form available. Each credit reporting agency allows for a credit report once per year, obtain 1 report from one agency, and every 4 months obtain another report from another agency. This allows you to view your credit report every 4 months, rather than just once time a year.

Email Security and Phishing Scams

How does phishing work?

Phishing e-mails are often sent out as spam to numerous recipients and appear to come from legitimate businesses, sometimes even duplicating legitimate logos and text. Within the message, you may be requested to click on a link that takes you to a fraudulent site or pop up window where you are asked to submit personal and financial information. Messages may imply a sense of urgency or immediate risk to bank accounts or credit cards if you fail to answer, increasing the chances of a response. Special offers and prizes may also be promoted as incentives.

What phishers do with your personal information?

Phishers can access your accounts using your passwords and other information to withdraw money or make purchases. Personal information can also be used by phishers to open new bank or credit card accounts in your name.

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC. Learn more about email scams.

What should I look for in a valid message from MCNB?

A valid MCNB message:

• Personalized Name
• We will never ask for your account number, usernames, or passwords
• You will never be asked to fill out a form with your Bank information
• If you are asked to call a phone number, check the phone number with directory information (411) before dialing the number you were given, or check our website.
• Emails will not convey a sense of urgency, we will call you for any account issues

Signs that your message may be a phishing e-mail:

The message below illustrates some of the e-mail components that are not acceptable in a MCNB e-mail. In this example, phishers used a valid e-mail name "MCNB Contact," but the actual e-mail address itself did not belong to MCNB.

• Email address in the "From" field does not contain a valid email address from mcnbbanks.com
• MCNB would never ask for you to reactivate your account through an email
• Misspellings
• Branding is poor
• Poor use of grammar
• Wrong URL:
• Even though it looks like the URL ("link") displays http://www.mcnbbanks.com, if you right click on the link with your mouse and choose "Properties," it will show you the true link
  • Some scam artists will integrate the brand name into a URL such as http://mcnbbanks.bankingsecurelinks.org - this makes it look like it is from MCNB but is actually going to www.bankingsecurelinks.org which could be a scam site.

If it sounds too good to be true...

It probably is. Don't be conned by convincing emails offering you the chance to make some easy money. As with most things, if it looks too good to be true, it probably is. Be cautious of unsolicited emails from overseas - it is much harder to prove the legitimacy of the organizations behind the emails.

How MCNB Protects You

MCNB Banks is continuously working to ensure your online security against phishing schemes.

If you receive an unsolicited e-mail that appears to be from MCNB Banks or any company with which you do business and the e-mail requests that you click a link and re-enter your personal information or password, you should contact the company directly. Type www.mcnbbanks.com or the business' website address directly, instead of clicking the link in the e-mail. If you are unsure of the authenticity of an e-mail, delete it.

If you ever doubt the legitimacy of any e-mail claiming to originate from MCNB Banks, call us at 800-532-9553

MCNB E-mail Best Practices

MCNB Banks sends:

• solicited e-mails that respond to customer requests and interests
• welcome e-mails
• e-mails that contain information about Bank or Community events

MCNB Banks does not send e-mails:

• asking the customer to provide, confirm or update personal records
• from a third party address or link to a third party site
• containing no information about why a customer is receiving e-mail
• requiring an urgent response

 Achieve more financial success.  Watch videos and find tips for personal and business.

What You Can Do

• Report your abuse.
• MCNB wants to help you stay informed. By knowing how to protect yourself, you can avoid becoming a victim of online scams.
• The United States Department of Justice recommends these three steps to defend against phishing schemes: Recognize it, Report it, and Stop it.