row of credit cards with padlock lying on top

Fraud Prevention

Debit Card Safety

At Monticello Banking Company, safeguarding your account is an important part of our business. We're taking every step to make sure you are the one authorizing the use of your card.

In our continuing efforts to provide superior protection to your accounts, we are empowering you with new tools to react to potential fraud quicker and more efficiently than ever before! Falcon, our new fraud alert system, offers you the peace of mind that comes with 24/7 monitoring and three ways to communicate with us - Talk, Text and Email!
***Update your telephone numbers and email addresses with us!***

What you need to know:

  1. The Fraud Center has a new Phone Number.
    1. When contacted by the Fraud Center, you will have the option to speak to a live fraud analyst.
  2. An automatic text message will be sent to each text capable contact number you have on file.
    1. All text messages from the Fraud Center are free! No cost to you. Ever.
    2. You will be prompted to confirm whether the detailed transaction is legitimate.
      • If fraudulent, a specialist will call you and your card will be stopped.
      • If legitimate, your card is unblocked and you can resume using the account.
  3. An automatic email message will be sent to the email address you have on file.
    1. All email messages will come from
    2. You will be prompted via hyperlink to confirm whether the detailed transaction is legitimate.
    3. You will receive a confirmation email once you have responded to the initial communication.
***Remember Fraud Center messages or telephone calls will never ask for PINs or account numbers.***

We are excited to offer you these complimentary enhancements and look forward to working with you. If you would like more information about Falcon, our new debit fraud alert system, or have any questions please contact your local office during regular business hours or call us toll free at (800)909-3420.

To activate or report a debit card lost or stolen call toll-free 888-399-0976, option 4.
Learn how to manage your cards directly from your smartphone!

Online Security

Monticello Banking Company is dedicated to providing the greatest level of security possible to customers and potential customers utilizing our website and online services while maintaining ease of use and accessibility. To ensure privacy and security, customers may access account information online from the Monticello Banking Company website only if the customer has registered for access to myMBC. The Bank’s myMBC product uses Secure Socket Layer (SSL) technology to encrypt customer personal information such as User IDs, Passwords, and account information over the internet. Not enrolled? Enroll in myMBC now! If a customer has not enrolled and wishes to review account information, they may send a written request to the address listed on their account statement, call 1-800-909-3420 or visit one of our offices

The Internet provides customers and businesses a great opportunity to streamline everyday tasks and take advantage of new services and products. Those who will be the most successful with these new opportunities will be those who use them wisely. Although the information below is not exhaustive, it contains some key points that will help you use the internet in a more secure manner. Use these points with caution and good judgment.

Protecting Your Computer

Monticello Banking Company takes extreme caution in protecting customer information and access points to this information that are within the Bank’s control. However, there are still access points that Monticello Banking Company does not control. The main point of access outside of the Bank is customer PCs and other electronic devices used to access online banking information such as myMBC. While not all inclusive, customers are recommended to follow the below guidelines to help ensure their protection while Banking online:
  1. Anti-virus should be downloaded and active on the PC. Free versions are usually better suited for home environments and are still generally not as complete as others. Anti-virus should include, at a minimum: real-time protection, anti-spyware, install regular updates and scan email attachments.
  2. When security patches are released for the operating system and Internet Browser being used they should be downloaded and kept up to date.
  3. Internet Security Level settings should be set as high as possible while allowing the computer to function logically.
  4. Internet Browsers should never be allowed to remember passwords. These are stored as cookies and easily accessed if the computer is compromised.
  5. Passwords should be changed at least every 90 days.
  6. Passwords should never be shared with anyone.
  7. myMBC tells each customer when they last logged into their online banking. This can be viewed at the bottom of the screen. Customers should always check this information to ensure no one else has been logged into their account.
  8. If a problem is ever suspected promptly notify the bank by calling 877-253-5981 or visit one of our offices.

Submitting Forms Online

Information provided via electronic forms on the Monticello Banking Company’s website is secure and encrypted in most instances. This means it is scrambled en route and decoded once it reaches Monticello Banking Company’s servers. You may check that your web session is secure by looking for a small lock symbol usually located in the upper right corner of your web address bar. You may also look for the letters "https://" at the beginning of your website URL in your web browser. The "s" means that the web connection is secure.

Sending E-mail to Monticello Banking Company

E-mail sent within myMBC is secure. However, email sent from Monticello Banking Company’s main website or by any other means may not be secure unless Monticello Banking Company advises that security measures will be in place prior to transmitting the information. Therefore, customers should not send confidential information such as social security or account numbers to Monticello Banking Company via an unsecured email. Such information should be sent by postal mail or you may call 1-800-909-3420 or visit one of our offices.

General E-mail Security

Turn off the “Preview Pane” in email software. Some viruses execute as soon as an email message is opened. The preview pane automatically opens all messages. Customers should be extremely cautious with email from any unknown sender. If a customer is in doubt and cannot confirm the origin of the email, serious consideration should be given to deleting the email without opening. Any links embedded within an email should not be clicked. It is generally best to type the URL in the Internet browser yourself or use a link that is known to be legitimate. Many viruses are embedded in attachments such as word or PDF files. Extreme caution should be used when opening any email attachment.

Links to Third Party Websites

Monticello Banking Company is not responsible for the information practices employed by sites linked to or from our website. In most cases, links to outside websites are provided solely as pointers to information on topics that may be useful to the users of the Monticello Banking Company website. Third party websites may have different privacy policies and/or security standards governing their sites.

Financial Elder Abuse

Elderly adults are a prime target for financial exploitation. This exploitation can be perpetrated by caregivers and family members as well as other outside parties. While not all elders are victims of financial abuse, it is important to be aware of the signs of financial elder abuse in order to prevent it from happening to you or a loved one.

What is Financial Elder Abuse?

It is when an elderly person’s money or property is being used in an unauthorized way. Often they are frail physically and their mental state is not what it once was, so they may not know that they are being abused or they may be too scared to manage the situation.

Elder financial abuse spans a broad spectrum of conduct, including:
  • Taking money or property.
  • Forging a signature.
  • Getting an elderly individual to sign a deed, will, or power of attorney through deception, coercion, or undue influence.
  • Using the elderly individual’s property or possessions without permission.
  • Promising lifelong care in exchange for money or property and not following through on the promise.
  • Confidence crimes ("cons") are the use of deception to gain victims' confidence.
  • Scams are fraudulent or deceptive acts.
  • Fraud is the use of deception, trickery, false pretense, or dishonest acts or statements for financial gain.
  • Telemarketing scams. Perpetrators call victims and use deception, scare tactics, or exaggerated claims to get them to send money. They may also make charges against victims' credit cards without authorization.

Caregiver Exploitation

Exploitation by caregivers is the most common type of elder financial abuse. This is due to the unlimited access caregivers often have to an elderly adults' funds and property as they care for them. Caregiver exploitation is recognized when a caregiver wrongly uses an elderly adult's cash, bank accounts, checks, income or personal items. For example; you notice that the caregiver is using funds for their personal benefit instead of for the elderly adult.

Other ways that caregivers might financially exploit elderly adults is via identity theft or forged signatures. If you notice that a caregiver is not providing for the personal needs of an elder, financial abuse may be occurring.

Outside Party Exploitation

Elderly adults are a leading target for exploitation by outside parties. Many con-artists target the frailty of elderly adults through various methods. The following list is a few of the ways they attempt to con the elderly.
  • Taking donations for fake charities.
  • Investment fraud.
  • Jackpot prize winnings (elderly have to pay money in order to claim prize.)
  • Emergency Scams (my child is in the hospital and I don’t have money for gas, etc.)
  • Work Scams (is there some work I can do for you, and then charging an excessive amount for the work.)

How do I report elder abuse?

The exploitation of the elderly happens daily. If you suspect elder abuse, you are legally required to report it. Kentucky is a mandatory reporting state. You can report abuse at the 24 hour toll free hotline 1-800-752-6200 (calls can be made anonymously.)

Identity Theft

Identity Theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes.

How can I keep this from happening to me?

  • Shred your mail, financial documents, or any paperwork with your personal information listed on them instead of tossing them in the waste basket.
  • Protect your Social Security Number (SSN) – Don’t write your SSN on a check or carry your Social Security card in your purse or wallet. Give out your SSN only when necessary and ask if they would take some other type of identifying information instead.
  • For personal information that you need to keep, make sure you store it in a secure area at home.
  • Do not use obvious passwords like your mother’s maiden name, your date of birth, or the last four digits of your SSN.
  • Do not give out personal information over the phone, through mail, or over the Internet unless you are certain you are dealing with a secure entity.
  • Never click on links sent in unsolicited emails!! Instead, type in a known web address from your browser. Use anti-virus software on your home computer and be sure to keep this software up-to-date.

How do I know if I’ve been a victim?

Alerts that require your immediate attention:
  • A bill does not arrive as expected.
  • You receive credit card or account statements that you were unaware of.
  • Call or letters about purchases you did not perform.
  • Denial of credit for no obvious reason.
  • Check your credit report
    1-877-322-8228 – Annual Credit Report
    or mail Annual Credit Report Request Service
    PO Box 105281, Atlanta, GA 30348-5281
  • Review your Financial Statements
    • Review your financial accounts and billing statements regularly to look for charges that you’ve not made.

What if I become a victim of ID Theft?

  • Place a fraud alert on your credit reports.
    • EQUIFAX 1-800-525-6285
    • EXPERIAN 1-888-EXPERIAN (888-397-3742)
    • TRANSUNION 1-800-680-7289
  • Placing a fraud alert entitles you to free copies of your credit reports. Review these reports carefully, look for inquiries from companies you haven’t contacted, accounts you know you didn’t open, and debts that you have no information on.
  • Close any account that has been fraudulently tampered with.
    • Contact the security or fraud department of each company where there was an account opened or changed without your consent.
    • Ask for verification that the disputed account has been closed.
    • Keep copies of documents and records of your conversations about your ID theft.
  • File a Police Report
    • File a report with the police to give to creditors who may want proof of the crime.

Social Media Security

Social media are computer-mediated tools that allow people to create, share or exchange information, ideas, and pictures/videos in virtual communities and networks. Let’s face it in today’s fast paced world who doesn’t love to communicate with friends and family via social media. According to the eMarketer estimates in 2013, 67.7 percent of internet users worldwide will use a social network at least once a month. The proportion will increase to more than three out of four users in 2016.
Social media, being as wonderful as it is, still poses risks to users. According to the FBI, there are primarily two tactics used to exploit online social networks, and these tactics are often combined.
  • Computer savvy hackers who specialize in writing and manipulating computer code to gain access or install unwanted software on your computer or phone.
  • Social or human hackers who specialize in exploiting personal connections through social networks. Social hackers, sometimes referred to as “social engineers,” manipulate people through social interactions (in person, over the phone, or in writing).
Social manipulators / hackers know that humans are a weak link in cyber security. With this knowledge, they design their actions to appear harmless and legitimate while trying to trick people into getting past their security walls. Falling for these scams can be detrimental for the victim as an individual, as well as the organization in which the victim works for.

Once information is posted to a social networking site, it is no longer private. The more information you post, the more vulnerable you may become. Even when using high security settings, friends or websites may inadvertently leak your information.

Predators, hackers, business competitors, and foreign state actors troll social networking sites looking for information or people to target for exploitation.

Information collected from social networking sites may be used to design a specific attack that does not come by way of the social networking site.

Preventative Measures

  • Do not store any information you want to protect on any device that connects to the Internet.
  • Always use high security settings on social networking sites, and be very limited in the personal information you share. Monitor what others are posting about you on their online discussions.
  • Use anti-virus and firewall software. Keep them, and your browser, and operating systems patched and updated.
  • Change your passwords periodically, and do not reuse old passwords. Do not use the same password for more than one system or service. For example, if someone obtains the password for your email, can they access your online banking information with the same password?
  • Do not post anything that might embarrass you later, or that you don’t want strangers to know.
  • Verify those you correspond with. It is easy for people to fake identities over the Internet.
  • Do not automatically download or respond to content on a website or in an email. Do not click on links in email messages claiming to be from a social networking site. Instead go to the site directly to retrieve messages.
  • Only install applications or software that come from trusted, well-known sites. “Free” software may come with malware. Verify what information applications will be able to access prior to enabling them. Once installed, keep it updated. If you no longer use it, delete it.
  • Disable Global Position System (GPS) encoding. Many digital cameras encode the GPS location of a photo when it is taken. If that photo is uploaded to a site, so are the GPS coordinates, which will let people know that exact location.
  • Whenever possible, encrypt communications with websites. It may be a feature social network sites allow you to enable.
  • Avoid accessing your personal accounts from public computers or through public WiFi spots.
  • Beware of unsolicited contacts from individuals in person, on the telephone, or on the Internet who are seeking corporate or personal data.
  • Monitor your bank statements, balances, and credit reports.
It is unwise to share usernames, passwords, social security numbers, credit cards, bank information, salaries, computer network details, security clearances, home and office physical security and logistics, capabilities and limitations of work systems, or schedules and travel itineraries.

Information courtesy of

mbc Debit and Credit Card Travel Guidelines

Debit Card

  1. Contact your local office before traveling so we know to expect out-of-town or out-of-state charges. We will alert our Fraud Monitoring Service to help ensure your card(s) will work appropriately while traveling.
  2. If you are traveling outside Kentucky, please remember you will need to use your card as a Debit card – using your PIN – at all merchants, excluding gas stations and restaurants.
  3. Due to fraud, we have placed debit card restrictions in certain states. Please contact your local office if you have any concerns.

mbc MasterCard®

  1. Contact your local office before traveling so we know to expect out-of-town or out-of-state charges. We will alert our Fraud Monitoring Service to help ensure your card(s) will work appropriately while traveling.
  2. You can also log into or register your account online and click the Customer Service tab at the top. Select Set a Travel Notice and enter contact information you can be reached at while on vacation, the dates you will be traveling, the travel area and any other useful details.
Please contact your local office if you have any questions.

Zelle® Safety

A common scam being used by fraudsters to gain access to victims' finances helps them bypass the DFA (Dual Factor Authentication) on the victims' financial accounts. Once access is gained, the fraudsters then use Zelle and other financial tools to steal the victims' money. Please remember, no Monticello Bank representative will ever ask you for your one-time passcodes or PINs.