FDIC logo

FDIC-Insured – Backed by the full faith and credit of the U.S. Government

FDIC logo

FDIC-Insured – Backed by the full faith and credit of the U.S. Government

Menu
Username:
Password:
Register - Consumer
Register - Business
Forgot Password

Fraud & Cybersecurity

Cybersecurity Awareness

Technology continues to evolve, and with it, so do the ways we connect, communicate, and manage our finances. At Farmers & Merchants Bank, we’re committed to helping you stay one step ahead when it comes to protecting your personal information online.

Whether you’re logging into your online banking, opening an email, or browsing the web, it’s important to be mindful of how cybercriminals may try to gain access to your sensitive information. That’s why we’ve put together practical, up-to-date security tips to help safeguard your identity and your accounts.

Your digital security is a shared responsibility. We’re here to provide the tools and knowledge you need to bank with confidence every time you log in.

Visa Debit Cardholder 24 Hour Lost/Stolen Reporting

Contact FIS Payments at 1-833-933-1681 (U.S.) or 1-812-647-9794 (International).

Table of Contents

Our Commitment To Your Privacy

At Farmers & Merchants Bank, protecting your personal information is a top priority. Our privacy policies are designed to meet strict federal banking regulations and ensure the security of your non-public personal information. We follow robust procedural, physical, and electronic safeguards to keep your data safe and to uphold your trust.

Scammers are on the rise and asking for personal or financial information.

Farmers & Merchants Bank will NEVER ask for your PIN, security codes, username, password, or account information by phone, text, or email.

If someone pressures you to act, transfer money, or buy bitcoin or gift cards, do not respond. Hang up and contact your local Farmers & Merchants Bank branch directly or 410-517-3065.

Why Our Website Uses a .BANK Domain

Farmers & Merchants Bank uses the web address www.fmb1919.bank to give our customers a more secure and trusted online experience.

The .BANK domain is a verified, restricted space on the internet—available only to legitimate U.S. banks, bank regulators, trade associations, and approved service providers. This means that any website ending in .BANK has been carefully vetted and validated before being published.

  • Eligibility Verification: Only verified financial institutions and banking entities can obtain a .BANK domain. Registrars like EnCirca and Symantec ensure that every .BANK domain is registered by a legitimate and authorized organization.
  • Stronger Security Standards: .BANK domains are required to meet higher cybersecurity standards than traditional .com domains. This includes mandatory encryption (HTTPS), email authentication to prevent spoofing, and routine security compliance checks.
  • Protection from Impersonation: Unlike .com or other domain types, scammers cannot register look-alike .BANK domains. This significantly reduces the risk of phishing websites pretending to be your bank.
  • Trust and Confidence: When you visit www.fmb1919.bank, you can be confident that you are on our official website and connected to a secure, encrypted platform. You do not need to worry about cybercriminals creating a copycat site under a similar address.

We are committed to protecting your information and providing a secure digital banking experience. The .BANK domain is one of the many steps we take to help ensure your trust and safety online.

  • To help keep your online banking session secure, our system uses encrypted cookies to identify your device while you’re logged in. This allows you to perform multiple transactions during your session without needing to re-enter your credentials for each one.

    The cookie does not contain any personal information. It’s simply a tool used to recognize your device and provide an added layer of security.

    The cookie is stored on your computer’s hard drive for the duration of your session. If you access online banking from more than one device or browser, you may need to reset your session. For assistance, please contact our Client Services team at 410-517-3065.

General Online Safety

Good cyber hygiene is essential for keeping your personal information and finances safe. Simple habits can make a big difference:

  • Keep your devices and software up to date.
    Regular updates for your computer, smartphone, and apps often include security patches that protect against new threats. Turn on automatic updates, when possible, to stay protected without extra effort.
  • Use antivirus and security tools.
    Reliable antivirus software helps detect and remove malware, viruses, and other threats before they can cause harm. Consider using additional security tools like firewalls and anti-spyware programs for added protection.
  • Monitor your accounts and credit reports regularly.
    Frequently review your bank and credit card statements for any unauthorized transactions. Checking your credit reports at least once a year helps you spot signs of identity theft early. You can obtain free credit reports from the three major credit bureaus annually through AnnualCreditReport.com.

By practicing good cyber hygiene, you strengthen your defenses against fraud and keep your financial life secure.

Staying safe while shopping online in today’s digital world is more important than ever. Use the following tips to keep your information and your money safe when making purchases online:

  • Shop only on trusted websites.
    Stick to well-known retailers or verify unfamiliar sellers by checking reviews and looking for clear contact information. Be cautious of deals that seem too good to be true — they often are.
  • Look for secure website indicators.
    Before entering personal or payment information, make sure the website URL begins with https:// and shows a padlock icon in the address bar. These indicate a secure, encrypted connection.
  • Avoid shopping on public Wi-Fi.
    Public Wi-Fi networks are often unsecured and can be a hotspot for cybercriminals. If you must shop on the go, use a VPN (Virtual Private Network) to encrypt your connection or wait until you’re on a secure, private network.
  • Use credit cards instead of debit cards.
    Credit cards typically offer better fraud protection and limit your financial liability if your information is compromised.
  • Don’t save payment info in browsers or retailer accounts.
    While convenient, storing card details can be risky. Instead, enter payment information manually or use secure digital wallets like Apple Pay or Google Pay.
  • Watch for phishing scams during holiday or sale seasons.
    Fraudsters often mimic popular stores to trick you into entering sensitive data. Double-check website URLs and be cautious of unexpected emails or texts offering major discounts.

By following these practices, you can enjoy the benefits of online shopping while reducing your risk of fraud or identity theft.

Safe Online Banking Practices

Protecting your money and personal information starts with safe habits when using online banking services. Here are important tips to help keep your accounts secure:

Create passwords that are long and combine letters, numbers, and symbols. Avoid using the same password across multiple sites. Whenever possible, enable MFA—this adds an extra step to verify your identity, making it much harder for unauthorized users to access your account.

Cybercriminals often use phishing emails to trick you into clicking malicious links or opening infected attachments. Always verify the sender before clicking any link or downloading files. If an email asks for personal information or login details, do not respond—contact your bank directly using a trusted phone number or website.

Make sure the website URL begins with https:// and includes a lock icon in the address bar. Look for trusted domain names like .BANK, which are reserved for verified financial institutions. Avoid logging into accounts from unfamiliar or suspicious websites.

Public Wi-Fi networks can be insecure, allowing hackers to intercept your data. If you must use public Wi-Fi, avoid logging into your bank account or entering personal information. Using a Virtual Private Network (VPN) can add an extra layer of protection.

Following these safe online banking practices helps you maintain control of your accounts and reduces the risk of fraud or identity theft.

Understanding Common Cyber Security Threats

Imagine someone getting their hands on your personal information—like your Social Security number or bank account—and pretending to be you. They might open credit cards, drain your bank account, or take out loans in your name. The worst part? You’re left cleaning up the mess.

Fixing the damage can take time, money, and a whole lot of paperwork—not to mention the stress of repairing your credit.

Identity theft happens when someone uses your personal information—like your name, Social Security number, or account number—without your permission. It can lead to unauthorized charges, drained accounts, and long-term credit damage. Here’s how to protect yourself:

  • Never share personal or financial info unless you started the conversation or know exactly who you’re talking to.
  • Be suspicious of emails or texts asking you to “verify” your account—even if they look official.
  • Watch out for messages with misspellings, bad grammar, or urgent requests—they’re common signs of a scam.
  • Shred old account statements, receipts, and credit card offers before throwing them away.
  • Choose strong, unique passwords and avoid obvious info like birthdates or parts of your Social Security number.
  • If a bill or statement doesn’t arrive on time, contact your bank. Thieves often reroute mail to hide their activity.
  • Check your account statements closely for any charges you don’t recognize.
  • Don’t leave outgoing bill payments in an unlocked mailbox—drop them off directly at the post office.
  • Review your credit reports at least once a year to catch anything unusual.
  • Keep your devices protected with up-to-date antivirus and anti-malware software.
  • Avoid using public Wi-Fi for financial transactions, anyone nearby could be watching.

Every year, millions of people get tricked by messages that look totally legit. You might get an email, a text, or even a voicemail that sounds like it’s from your bank, a government agency, or a company you trust. They’ll ask you to:

  • Confirm your account info
  • Click a link to “verify” something
  • Visit a website that looks real—but isn’t

Once they have your info, they can use it for all kinds of fraud.

The bottom line? If you didn’t expect it, don’t click it. And if it feels off, it probably is.

Fraudsters are always coming up with new tricks—but the good news is, a little caution goes a long way. Here are some smart habits to help protect your personal and financial information:

  • Think before you click. Emails or texts with links could contain malware that allows scammers to spy on your device or steal your info.
  • Don’t take the bait. Be skeptical of any message—email, phone call, or text—that asks you to update or verify personal information. Real companies don’t ask for sensitive details through unsecured channels.
  • Verify before you trust. If something seems off, contact the business directly using contact information you find—not what’s in the message.
  • If it sounds too good to be true, it probably is. Sweepstakes, miracle deals, and guaranteed returns are common scam tactics.
  • Watch out for check scams. If someone sends you a check and asks you to send part of the money back, it’s likely a fraud—even if the check looks official.
  • Don’t be rushed. Scammers often pressure you to act fast. Take your time, especially if money or personal info is involved.
  • Lock down your social media. Check your privacy settings and limit what strangers can see about you online.
  • Be picky with apps. Always research apps before downloading—just because it has your bank’s name doesn’t mean it’s legit.
  • Never wire money to strangers. If someone wants you to send money quickly, especially with secrecy, it’s a red flag.

Watch out after disasters. Scammers often pose as charities or relief organizations after major events. Always verify before donating or giving out personal information.

Malware, short for “malicious software,” is any type of software designed to infiltrate, damage, or gain unauthorized access to a device, system, or network. Common forms of malware include viruses, ransomware, spyware, and trojans. Once installed—often without your knowledge—malware can steal personal information, monitor your online activity, lock you out of your files, or even allow criminals to remotely control your device.

Malware infections often start with a click: a suspicious email attachment, an unfamiliar website, or a pop-up offering something “too good to be true.” Once it’s on your device, it can be difficult to detect and even harder to remove without the help of security tools or professionals.

The impacts of malware can be severe. Victims may face financial loss, unauthorized transactions, stolen personal or banking information, and even identity theft. In some cases, malware can also be used to launch broader attacks on businesses or networks, leading to widespread disruption and data breaches.

Protecting yourself from malware starts with safe habits and smart technology use. Here are key steps to reduce your risk:

  • Keep your software and devices updated. Regular updates patch security vulnerabilities that malware can exploit.
  • Use reputable antivirus and anti-malware tools. Keep them active and set to update automatically.
  • Avoid clicking on suspicious links or downloading unknown attachments. Be especially cautious with unexpected emails, texts, or pop-ups.
  • Download apps and software only from trusted sources. Use official app stores and verified websites.
  • Don’t ignore browser security warnings. If your system flags a site or downloads as dangerous, trust the alert.
  • Be careful with USB drives or external devices. Malware can spread through infected hardware.
  • Enable firewalls and disable file sharing when not needed. These settings can block unauthorized access.

Staying alert and informed is the best defense against malicious software.

Phishing is one of the most common ways scammers try to trick people into giving up personal or financial information. It typically involves a fake email, text message, or phone call that appears to come from a legitimate source—like your bank, a government agency, or a company you trust.

The goal? To get you to click a link, download an attachment, or share sensitive information like login credentials, account numbers, or Social Security numbers.

Once scammers have that information, they can:

  • Access your bank accounts
  • Steal your identity
  • Make unauthorized purchases or transfers
  • Install malware on your device
  • “Urgent Account Alerts” telling you your account has been locked or compromised
  • Fake invoices or payment requests from services you use (or don’t)
  • Links to spoofed websites that look like your bank or a retailer you trust
  • Messages with typos or poor grammar, often pressuring you to act quickly

Phishing messages often include logos, email signatures, and wording that look official—but they’re carefully designed traps.

  • Never click suspicious links or open unexpected attachments, especially if the message is asking for account or personal info.
  • Don’t respond to messages asking for passwords, PINs, or verification codes—your bank will never ask for these by email or text.
  • Look closely at sender addresses, scammers often use addresses that are slightly misspelled or off by a character.
  • If you’re unsure, call us directly. Don’t use the contact information in the message—go to our website or use the number on the back of your debit card.
  • Keep your devices secure with updated antivirus and anti-malware protection.
  • Enable multi-factor authentication wherever possible for added security.

Social engineering is when a scammer manipulates people into giving away confidential information or performing actions that compromise their security. Unlike hacking that targets computers, social engineering targets people—and it’s often surprisingly effective.

These scams can happen through phone calls, emails, texts, social media, or even in person. The goal is to earn your trust by pretending to be someone you know or a representative of a trusted organization—like your bank, a coworker, a tech support agent, or a government agency.

Once they gain your confidence, they might:

  • Ask for account numbers or login credentials
  • Request you wire or transfer money
  • Trick you into installing malware
  • Convince you to bypass security procedures
  • “I’m from IT” or “tech support” scams asking you to install remote access tools
  • “Urgent business requests” pretending to be from your employer or a company executive
  • Romance or friendship scams developed over time through social media or dating apps
  • Fake customer service contacts on social media that ask for your account info
  • Pretexting, where someone creates a believable backstory to get you to share personal data

Scammers rely on urgency, fear, flattery, or trust. Their methods vary, but the end goal is the same: get you to do something you normally wouldn’t.

  • Slow down. Scammers want you to act fast—don’t give them the satisfaction.
  • Verify independently. If someone contacts you asking for sensitive info or action, confirm their identity using a known phone number or website.
  • Don’t overshare online. Scammers can use personal details from social media to craft convincing stories.
  • Be cautious with unknown callers. Just because a caller knows your name or job title doesn’t mean they’re legitimate.
  • Never share passwords, MFA codes, or PINs. No legitimate company or government agency will ask for this.
  • Use layered security. Enable multi-factor authentication on your accounts and keep software updated.

How To Report Frauds And Scams

If you think you’ve been the target of a scam or fraud, don’t wait—report it right away. Acting quickly improves your chances of recovering lost funds and helps law enforcement stop similar crimes.

State Consumer Protection Offices

Start with your state’s consumer protection agency. You can find contact information for your state using: usa.gov/state-consumer

Federal Agencies for Consumer Protection

Federal Trade Commission (FTC)
File a complaint at ftc.gov. The FTC tracks internet, phone, and identity theft scams in a database used by law enforcement agencies nationwide.

Consumer Financial Protection Bureau (CFPB)
If your issue involves a financial product or service, visit consumerfinance.gov to submit a complaint.

Federal Deposit Insurance Corporation (FDIC)
For issues involving banks or deposit accounts, reach out to the FDIC at fdic.gov.

Mail or Delivery Service Fraud

If the scam involved mail or an interstate delivery, report it to the U.S. Postal Inspection Service at postalinspectors.uspis.gov. It is illegal to use the mail to misrepresent, defraud, or steal.

Local Law Enforcement

Your local police department can help document the fraud and may be able to assist with recovery, especially if a crime occurred in your area.