Security Center

Please be aware of fraudulent phone calls. Fraudulent calls are being received instructing customers that their account is frozen and information must be verified. Customers are being instructed to contact 1-877-xxx-xxxx. Upon returning the call, the customer is then instructed to provide their 16-digit debit card number. Under no circumstances, should you disclose your FULL account number, FULL debit card number or social security number.

First Community Bank of Mercersburg does work with a fraud analysis company. You may, on occasion receive a phone call from First Community Bank of Mercersburg to verify the legitimacy of a transaction, but you will never be asked to disclose your full account number, card number or social security number. If you should receive a call from our bank but you don’t feel comfortable disclosing information with the Call Center, please contact your local branch immediately.

If you have fallen victim to this scam, please contact our Customer Service immediately at 1-717-328-3121 or your local branch office.

Easy Ways to Keep Your Online Life Safe
With work, school, social media, gaming, mobile devices, and more people are online for almost every part of their day. Connecting to the Internet to do a variety of tasks has become second nature, so much that people can forget about the risks of leading such digital lives. To protect yourself, follow these simple tips from the Stop.Think.Connect. Campaign™:

1. Keep your private information private. Avoid sharing your full name, address, telephone number, and other personal information when online. Frequently check a website’s privacy options to ensure you have enabled the highest level of privacy as options may get updated or changed completely.

2. Consider what you share. Have a fun weekend? You may want to share your pictures on social media, but remember it’s not just your friends who are looking. Employers, future employers, schools, and peers may be able to see what you post – including pictures, tweets, opinions, and even events you attended – and may use this information to decide whether or not to hire or admit you.  Your sharing choices now can impact your future.

3. Take care when connecting. Although it’s great to network and connect with others, be careful who you befriend. Simply because someone with mutual friends wants to add you on a website or app does not mean they are trustworthy. Only add people you personally know and have met before on your personal pages. Think about the information you share online about yourself or your family and if you really want a person you don’t know well seeing that information too.

4.  Set strong passwords. Setting strong passwords that are long, unique and hard to guess is one of the most important things you can do to protect your online accounts. Changing passwords regularly, and using different passwords for different accounts, goes a long way to protecting your online information.


The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access to it until a ransom is paid to unlock it.  Users are encouraged to review the FBI article "Ransomware on the Rise" for details

Tax identity theft awareness week is January 26, 2015 - January 30, 2015, please visit the Federal Trade Commission website for more information.  See also current Imposter scams that are on the rise.



On December 3, 2014, our Online Banking provider will disable SSLv3 as the protocol has potential for vulnerabilities. If you have issues access Internet Banking, verify you are on the latest browser version (IE, Firefox or Chrome). For IE, if it’s a supported version of IE, check Internet Options -> Advanced Tab -> Under Security and verify they have checked all of the Use TLS 1.0, 1.1, and 1.2.


October is National Cyber Security Awareness Month (NCSAM).  The Department of Homeland Security (DHS) in their commitment to assist the industry in protecting the cyber networks of our Nation’s critical infrastructure, has listed the following ways consumers on an individual basis can also play a role in cyber security:

  • Read the privacy policy of a company or vendor before purchasing a product or service.
  • Beware of requests to update or confirm personal information online.  Most organizations – banks, universities, companies, etc. – do not ask for  personal information over e-mail.       
  • Make sure websites that ask for personal information (to pay a utility bill, for example) use encryption to secure their sites.
  • Learn about steps to enhance security and resilience in local businesses and communities, and how to handle certain events.
  • If you run a business, make a plan to help keep your employees and community safe during an emergency and enhance your ability to recover operations quickly.  If you are an employee, ask your management whether there are plans in place and request a copy.
  • Report suspicious activity.
  • Understand what kind of information is being shared and use any security controls available to increase privacy.
  • Make sure your devices are operating on the latest software.
  • Be aware of product recalls for devices you own.

More information regarding cyber security and the above tips can be found on the DHS website.

Password Hints

  • Five passwords you should never use

             o   Password - common password don't use it
             o   Letmein - Recommend that you use passphrases that are memorable.  Just don't use this one. It ranks high on several lists of the most-used passwords.
             o   Monkey - this is very common and it is too short.
             o   Don't use any passwords that are easily guessed, this includes your name, children's name, spouse's name, Date of Birth, address, etc.
             o   12345678 - avoid any sequence of numbers or letters this is easily guessed

  • Don't use the same password for multiple sites. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking sites.
  • Change your passwords frequently.
  • Use strong passwords - these should be no less than 8 characters and  include capitals, special characters and numbers.  The longer the password the harder it is to guess or use algorithms to guess.


The same password should not be used on multiple websites and payment networks.  A security breach was recently announced by eBay and they are requesting their users to change their password.  If you are an eBay user and use the same password for your Online Banking access, we recommend that you change your Online Banking password as soon as possible.


Lost or stolen access device

Report a lost or stolen First National Bank of Mercersburg Debit or ATM card - call 1-800-472-3272

Report a lost or stolen First National Bank of Mercersburg Elan Visa credit card- call 1-866-234-4691


Beware of Fraudulent Phone Calls

Beware of fraudulent phone calls asking for personal or account information. The First National Bank of Mercersburg will never call you to ask for personal or other identifying information.  Please feel free to call any of our community office locations to verify any requests for your financial information.

Technology Safety

The Internet = A World of Opportunities

Look what's at your fingertips

  • A way to communicate with friends, family, colleagues
  • Access to information and entertainment
  • A means to learn, meet people and explore

Online Security Versus Online Safety


We must secure our computers with technology in the same way that we secure the doors to our offices


We must act in ways that protect us against the risks and threats that come with Internet use

Primary Online Risks and Threats

To PC Security

To Personal Information


Online fraud and phishing



Trojan Horses

Identity theft



Primary Threats to Computer Security


Software programs designed to invade your computer, and copy, damage or delete your data

Trojan Horses

Viruses that pretend to be programs that help you while destroying your data and damaging your computer


Software that secretly watches and records your online activities or sends you endless pop-up ads

Primary Threats to Personal Online Safety


Unwanted e-mail, instant messages, and other online communication


Fraudulent e-mails, appearing to be from a trusted source such as your bank, or a government agency, direct you to websites. Once there, you are asked to verify personal information such as name, account and credit card numbers and passwords. These sites are often designed to look exactly like the site they are imitating.

  • Never click on the e-mail link that is provided, type in the known URL.
  • Before submitting any financial information look for the "lock" icon on the browser status bar or look for "https" in the web address.
  • Your bank does not need to call you for personal information such as username, or passwords.

Identity Theft

A crime where con artists get your personal information and access your cash and/or credit


E-mail sent by online criminals to trick you into giving them money


Web spoofing allows an attacker to create a "shadow copy" of any legitimate website. Access to the shadow website is funneled through the attacker's machine, allowing the attacker to monitor all of the victims activities, including any passwords or account numbers the victim enters. Phishing and spoofing often go hand-in-hand in Internet fraud.

  • Be aware of all unsolicited or unexpected e-mails from all sources.
  • If an unsolicited e-mail arrives, treat it as you would a phishing source.

Steps You Can Take

Your computer

  1. Turn on an Internet firewall.
  2. Keep your operating system up to date.
  3. Install and maintain antivirus software.
  4. Install and maintain antispyware software.


  1. Practice Internet behavior that lowers your risk.
  2. Manage your personal information carefully.
  3. Use anti-phishing and anti-spam technology built into Windows 8, Windows 7, Windows Vista, Windows XP, SP2, Windows Live, Microsoft Outlook.

Four Steps to Protect Your Computer

Turn on an Internet Firewall

An Internet firewall is like a moat around a castle, creating a barrier between your computer and the Internet

Keep Your Operating System Up-to-date

Install all security updates as soon as they are available. Automatic updates provide the best protection.

Install and Maintain Antivirus Software

Antivirus software can detect and destroy computer viruses before they can cause damage. Just like flu shots, for antivirus software to be effective, you must keep it up to date, don't let it expire.

Install and Maintain Antispyware Software

Use antispyware software so unknown software cannot track your online activity and potentially steal your information.

Other Ways to Protect Your PC

Back Up Your Files

Save to external device regularly
Use a Web-based backup service

Think Before You Click

Don't open e-mail attachments unless you know what they contain and who sent them.
Only download files from websites you trust.

Read Privacy Statements

Understand what you are getting before you agree to download or share your personal information.

Close Pop-ups Using the Red "X"

Always use the red "X" in the corner of a pop-up screen. Never click "Yes," "Accept," "No," or "Cancel" because it could be a trick that installs software on your computer.

Take Steps to Help Protect Your Personal Information

Practice Internet Behaviors that Help Reduce Your Risk

Delete spam, don't open.
Be on the lookout for online scams.
Use strong passwords.

Manage Personal Information Carefully

Do not share personal information in e-mail or instant messages.
Use only secure and trusted Web sites. Make sure you are where you think you are: Web sites can be faked.
Avoid financial transactions over wireless networks.
When in public, stay private.

Use Anti-Phishing and Anti-Spam Technology

Most e-mail providers and many e-mail programs contain Spam Filters. Many browsers include Phishing Filters to help identify and block suspicious sites.

Protect Your Identity

Ways Thieves Steal Your Information:

  • Stealing your purse or wallet looking for driver's license, medical insurance card, credit cards or other items that reflect personal information.
  • Stealing personal mail looking for bank statements, credit card statements, checks and other items that reflect personal information..
  • Dumpster diving by going through your trash cans in search of personal information.
  • Tricking you into providing personal information via email, mail, or phone
  • Posing as someone else or by misusing the name of a legitimate business to obtain personal information
  • Eavesdropping and shoulder surfing by listening to private conversations or watching over your shoulder while entering your PIN number or revealing personal information.
  • Skimming by running an unsuspecting customer's credit card through a bogus reader designed to copy the card number.
  • Pretexting, phishing, scamming, and spoofing thieves pretending to be from businesses with a seemingly good reason for needing your social security number and/or mother's maiden name.
  • Family theft relatives who have access to your financial records, social security number, etc.
  • Corporate data theft thieves hacking their way into corporate and banking databases, and steal physical files.  One method to gain access to account information, thieves will often fill out a change of address form in the victim's name.

Ways To Prevent Your Information From Being Stolen

  • Review your credit report periodically. To order call 1-800-322-8228 or go to website
  • Read your bank, credit card or other statements for mistakes. Contact the business immediately when mistakes are detected or mail has not been received.
  • Shred documents that contain account or personal information.
  • Monitor and be alert for emails, texts, mail or phone calls requesting personal information.
  • Change passwords periodically. When changing or creating a password use a combination of alpha, numerical and special characters.
  • Look for websites that begin with "https" when buying on line. Encryption is used to help protect your financial information.
  • Install anti-virus and anti-spyware software on your computer for added protection.

What To Do If Your Identity Has Been Stolen

  • Contact a nationwide credit reporting company and request a fraud alert to be placed on your credit report.
    • Equifax 1-800-525-6285
    • Experian 1-888-397-3742
    • TransUnion 1-800-680-7289
  • Order your credit report and review for signs of fraud.
  • File a complaint with the FTC at or call 1-877-438-4338 and contact your local police department.


If you have any security questions or concerns, please contact us at 717-328-3121 or 877-328-3121.