Privacy and Security Alerts
How to keep your accounts safe
We want to help you keep your personal and banking information as safe and secure as possible. We’ve provided the following resources to help keep you informed on how to protect yourself against fraudulent activity, and instructions for what to do if you do discover fraud on your account.
Recent Security Alerts
Due to increased fraudulent activity, we will be blocking all future transactions made to Airbnb.
If you plan to travel and use Airbnb, please contact our Customer Service Center and they will lift the block for individual reservations.
Text Message Scam Alert
UPDATE: The illegitimate page that was being used to scam consumers has been taken down. If you receive anything that looks suspicious via text, email or phone, please contact us at 800-455-2275. Please be sure you do not click on any links sent to you or call any numbers other than the ones listed on our bank website montgomerybank.com.
A scam text is currently circulating asking users to go to our “website” and call the number listed or log in. Please do not click on any links from any texts that you receive asking you to do so and never enter your log in and password on any site that you receive a link from.
Please pay close attention to the correct Montgomery Bank website which is montgomerybank.com and our Customer Service Center number is 800-455-2275.
Please remember that you should never follow instructions to go to a branch and take out money and send it anywhere to get more money.
A survey scam has been brought to our attention that includes passing counterfeit Montgomery Bank official checks as payment for completing a survey. The suspects are significantly overpaying the unsuspecting individual and then asking them to send a portion of the money back.
If you have taken part in this survey or have received a check from anyone asking you to send back a portion of the funds sent to you, please contact us immediately.
If you should have any questions, please contact our Customer Service Center at 1-800-455-2275.
In recent years, the FBI has seen a significant increase in fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts. In a typical scenario, the targeted entity receives a “spear phishing” e-mail which either contains an infected attachment, or directs the recipient to an infected website. Once the recipient opens the attachment or visits the website, malware is installed on their computer. The malware contains a key logger which will harvest each recipient’s business or corporate bank account login information. Shortly thereafter, the perpetrator either creates another user account with the stolen login information or directly initiates funds transfers by masquerading as the legitimate user. These transfers have occurred as both traditional wire transfers and as ACH transfers.
Further reporting has shown that the transfers are directed to the bank accounts of willing or unwitting individuals within the United States. Most of these individuals have been recruited via work-at-home advertisements, or have been contacted after placing resumes on well-known job search websites. These persons are often hired to “process payments,” or “transfer funds.” They are told they will receive wire transfers into their bank accounts. Shortly after funds are received, they are directed to immediately forward most of the money overseas via wire transfer services such as Western Union and Moneygram.
Customers who use online banking services are advised to contact their financial institution to ensure they are employing all the appropriate security and fraud prevention services their institution offers.
If you have experienced unauthorized funds transfers from your bank accounts, or if you have been recruited via a work-at-home opportunity to receive transfers and forward money overseas, please notify the Internet Crime Complaint Center by filing a complaint at: http://www.ic3.gov.
For a detailed analysis of this scam please visit http://www.ic3.gov/media/2009/091103-1.aspx
If suspicious activity occurs on your account, we make every attempt to notify you promptly. If we are unable to reach you, your Montgomery Bank debit card will be hot carded so no further activity can be made until we hear from you.
If this occurs, please call us at 1-800-455-2275.
To legally report the loss of your Montgomery Bank Debit Card you must call Montgomery Bank at 1-800-455-2275.
Under federal law, you can reduce your financial liability for unauthorized use of your Montgomery Bank, ATM Card or Debit Card by reporting the loss of your card immediately after you are able to detect that the card is lost.
Debit card transaction restrictions have been lifted within the US. The restrictions stated below remain in place:
International (anything outside of US):
- All transactions are blocked (Signature and PIN) – unless a card is listed as an exception
- International: All transactions are blocked
- Domestic: No limits / No restrictions
Auto Bill Pay with card
- International: All transactions are blocked
- Domestic: No limits / No restrictions
Signature (Credit) Based = No PIN used
- PIN (Debit) Based = PIN used
Before you travel outside of the United States, please contact a Personal Banker or our Customer Service Center at 800-455-2275 to schedule travel notes on your account.
All international transactions are restricted by default. If you plan to travel outside of the United States, please contact your local branch or our Customer Service Center at 1-800-455-2275.
- NY Gas Stations
- Magnetic Stripe Transactions in Michigan and any Magnetic Stripe Transactions over $149.99 in Missouri.
- Air BnB over $149.99
- Cash App
Debit card transactions at chip capable machines when the chip is not used over $149.99.
International transactions are restricted.
If you plan to travel outside of the United States, please contact your local branch or our Customer Service Center at 1-800-455-2275
Last Update: 05/29/2020
A technique used to gain personal information for purposes of identity theft, using fraudulent e-mail messages that appear to come from a legitimate retailer, bank, organization, or government agency. Phishers attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card or bank account details. These emails can look authentic with company logos and banners copied from Web sites.
One of the fastest-growing types of financial fraud. Without stealing your wallet, a crook can steal your financial identity with as little information as your social security number. Identity theft involves crooks’ assuming your identity by applying for credit, running up huge bills and stiffing creditors – all in your name.
Using human interaction (social skills) to obtain or compromise sensitive information about an individual or an organization. This social engineering could be used to gather personal information on you or other family members. An attacker may seem unassuming and respectable. They may even offer “credentials” to support their identity. By asking seemingly harmless questions, they may be able to piece together enough information to steal your identity or to infiltrate your computer.
Avoiding Social Engineering and Phishing Attacks
Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution such as Montgomery Bank. In this email they will request account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts. It is important to note: MONTGOMERY BANK WILL NEVER ASK FOR PERSONAL INFORMATION IN AN EMAIL OR PHONE CALL TO YOU!
Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year.
- natural disasters (i.e., Hurricane Katrina, Indonesian tsunami, Joplin tornado)
- epidemics and health scares (i.e., H1N1)
- economic concerns (i.e., IRS scams)
- major political elections
How do you avoid being a victim?
Do not give sensitive information to anyone unless you are absolutely sure that they are indeed who they claim to be and that they should have access to the information.
Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company. Do not provide personal information unless you are absolutely certain of a person’s authority to have the information. Do not reveal personal or financial information in an email and do not respond to email solicitations for this information. This includes following links sent in email. Don’t send sensitive information over the Internet before checking a website’s security (see Protecting Your Privacy for more information). Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a slight variation in spelling or a different domain (i.e., .com vs. .net). If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information.
Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org).
Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic over your personal computers. (see Understanding Firewalls, Understanding Anti-Virus Software, and Reducing Spam for more information). Take advantage of any anti-phishing features offered by your email client and web browser.
What do you do if you think you are a victim?
If you believe your personal financial accounts may be compromised, contact your financial institution such as Montgomery Bank immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
Watch for other signs of identity theft (see Preventing and Responding to Identity Theft for more information).
Consider reporting the attack to the police, and file a report with the Federal Trade Commission (http://www.ftc.gov/).
Used with permission and available at http://www.us-cert.gov/, the United States Computer Emergency Readiness Team, a service of the U.S. Department of Homeland Security.
Online security you can count on.
Montgomery Bank is committed to protecting your online banking information from evolving threats on the internet. We have teamed up with IBM to offer Trusteer Rapport online fraud protection software FREE to our customers!
- Protect your personal information and bank accounts against identity theft and fraud.
- Works with your antivirus software stopping additional virus and malware threats traditional antivirus software can’t.
- Trusteer Rapport is effective, easy-to-use, and won’t slow down your computer.
What is Trusteer Rapport?
A security software that works alongside your existing firewall and antivirus solutions to provide added protection to your online banking session with Montgomery Bank. Trusteer Rapport creates a secure tunnel between your keyboard and Montgomery Bank to minimize the risk of your information being captured by an outside party.
For more information on Trusteer Rapport visit https://www.ibm.com/security/fraud-protection/trusteer or contact our eBanking department at 800-455-2275.
With the increase in fraudulent activities and e-mail scams, Montgomery Bank has taken another step to ensure your information is secure by providing a secure email service.
Our secure email service has recently changed. A link will be available to our new service soon. In the meantime, to send a secure email to Montgomery Bank, please contact our customer service center at 1-800-455-2275 for assistance.
Caution: Email is not a secure method of communication. We ask that you NOT include confidential information including account numbers, passwords, social security numbers, etc., in the emails you send to us. To discuss confidential information, please stop by any Montgomery Bank location or call us at 1-800-455-2275 between 8:00 a.m. to 5:00 p.m., Central Time. The bank assumes no responsibility for interception of confidential information you send in an unsecured (unencrypted) email message.
The security of your private information is very important to us. Montgomery Bank will never provide your confidential information to any source not affiliated with the bank. We will never ask you for your personal information through an email so be aware of the phishers who try to gain this information via email.
The security of your personal and account information is important to us.
We understand that our continued success as a leading financial institution relies on both our ability to offer banking services to you in a secure manner as well as your responsibility in keeping any access codes, passwords or PINs secure. To assist us in offering these Web-based banking services in a secure manner, we employ a number of measures which are described below. These measures allow us, among other benefits, to properly authenticate your identity when you access these services and protect your information as it traverses the Internet between your PC and Montgomery Bank.
Montgomery Bank is proud to deliver the highest level of security for our Internet banking customers. An additional layer of security has been added to our log in process. This will help ensure that your information is secure, protecting you from fraud and identity theft.
Enhanced online security is provided for our Internet banking customers that verifies your identity in two ways. Every time you log in to Internet banking, the bank identifies you, and it lets you identify the bank using a private image and pass phrase that is unique to each individual Internet banking user. This level of security is used for routine Internet banking services such as balance inquiries, transfers and eBill Pay.
Security Tokens are provided to our commercial Internet banking customers that verify your identity in two ways. Every time you log in to business Internet banking, the bank identifies you using a one-time password generated by the security token, and it lets you identify the bank. This enhanced level of security is provided to our commercial customers that utilize more complex Internet banking services such as wire transfers and ACH origination.
Many of the financial services we provide on this web site utilize access codes (e.g., ID and password/PIN). For further details about a particular service’s access codes, follow the links to the discussion of that service’s security specifics.
To further protect you, a timeout feature is often used. This feature will automatically log you out of your current financial service session after an extended period of inactivity on our site.
Montgomery Bank also requires the use of secure browsers to protect you while you access our online financial services. More specifically, the personal and account information that flow back and forth between your PC and Montgomery Bank must be encrypted while in transit – secure browsers are how we achieve this level of protection. Encryption is the process of scrambling information (typically for data transmission) so that it can only be reassembled in its original clear text format by someone who has the correct encryption key to do so. Likewise, when we send personal or account information to you, this technology encrypts it, which then only you can decrypt.
Montgomery Bank employs an additional protection mechanism known as a firewall to protect our computer systems and your information. Firewalls can be thought of as selective barriers that only let authorized traffic (i.e., you, our Online Banking customer) through to Montgomery Bank’s systems.
System and application activity logs are another mechanism Montgomery Bank uses to protect our systems and your information. These logs are reviewed regularly and any anomalies or discrepancies are investigated thoroughly.
Montgomery Bank’s Online Banking product provides additional security measures.
The browsers that Montgomery Bank’s Web-based financial services currently support are listed below. Some versions of these browsers provide 128-bit encryption while other versions support only 40-bit encryption. 128-bit browsers provide strong encryption capability. The U.S. government does not allow the export of secure browsers with strong encryption anywhere outside the U.S., with Canada being the only exception. Montgomery Bank requires its financial service customers to use browsers with 128-bit encryption. Use of 40-bit browsers for accessing Montgomery Bank’s services will not be permitted.