Security Center


Quick Links: Online & Mobile Banking Alerts | Debit Card Alerts | Helpful Resources | Recent Scams | Additional Resources | Glossary

Online & Mobile Banking Security

  • Never share your MCT Online Banking username and password with anyone.
  • Never allow any unauthorized people to view your MCT Online or Mobile Banking accounts.

If you suspect or know that this has occurred, please call MCT immediately at 570-325-2265 or 877-325-2265, visit your nearest MCT Office, or Contact Us.

Online & Mobile Banking Alerts

We highly recommend you use the optional "Alerts" feature in our online and mobile banking to ensure you know about banking transactions and balance updates to your accounts the moment they occur. Notifications can be delivered by email, text message or mobile push notifications.

This can help you monitor your finances and detect fraudulent debit card use in real-time. Emails will be sent from "" and text messages will be sent from "31727." 

In MCT Online Banking, click "Alerts" in the top-right menu to explore & create your custom alerts:

Online Banking Alerts Menu 08-2021

In MCT Mobile Banking, click the "More" menu at the bottom-right to explore & create your custom alerts:

Mobile App More Menu 08-2021 Mobile App Alerts Menu 08-2021 Mobile App Account Alerts Menu 08-2021 Mobile App Security Alerts Menu 08-2021 

Note: Any alerts you create in either MCT Online or Mobile Banking are available in either system. For example, create an alert in our Mobile App, and you can change/delete it within Online Banking. 

Debit Card Alerts

This free fraud alert service allows you to identify potential fraudulent use of your debit card in real-time. You can register your debit card(s) to set up alerts for any of 4 unique types of transactions:

· High dollar transactions
· Declined transactions
· Card not present transactions (online or telephone transactions)
· International transactions

Debit card alert emails will be sent from "" and text messages will be sent from "26499."

Click here to Enroll

Helpful Resources

Some recent scams to be aware of:

Cyberspace is a virtual community. Within it, you chat with your neighbors, shop, get news updates, do research, seek medical advice, and perform banking functions.

As such, it’s prone to the same activities as your physical community. You need to perform routine cleaning of your computer files for increased performance. You need to exercise caution about who you communicate with. You must keep software patched and updated to protect against intrusion. And you absolutely must remain alert to potential threats.

Unlike your physical community, cyber-theft is not something you can see coming And the stakes are even greater. Your very identity is at risk, along with your good name and all you’ve earned over your lifetime.

Online safety has two key components:

  1. EDUCATION: Understand the various threats lurking in cyberspace. Learn how to detect and avoid them. Information is your first line of defense against cybercrime. But all those terms can be confusing. Learn more in our Education Center.
  2. AWARENESS: Most people today understand online safety. Yet they still risk becoming a victim. Why? Because our hectic lifestyle distracts us. Multi-tasking is a way of life. We’re trying to squeeze in just one more chore before moving on to a different project. We let our guard down for just an instant. And that’s all it takes. It’s just as important to know what to do if we become a victim as it is how to avoid becoming one. The quicker you respond, the less damage they can do. These resources will help you keep it to a minimum.
    Your first line of defense is a strong password. Use a minimum of eight characters containing a combination of upper and lower case characters, both alpha and numeric. If special characters are allowed, use them to make it even harder to crack. Don’t use the same password on multiple sites. If one site gets hacked, all of your accounts are compromised.

Despite our best efforts, our personal information can still be compromised. Someone can hack into a vendor’s database and steal their customer’s name, address, Social Security number, credit card number, even medical data.

Don’t think you’re safe if you avoid banking or shopping online. Cyber crooks can download malware onto Point-of-Sale terminals and swipe credit card information at brick-and-mortar store locations.

Contact Mauch Chunk Trust Company IMMEDIATELY if you suspect your account has been compromised so we can take immediate steps to prevent further theft.

Additional Resources

The following are just some of the resources available to you online to better educate yourself on the best ways to prevent identity theft and online theft.

  • Equifax offers Credit Lock service - find out more
  • Check your accounts regularly. This means bank accounts and credit card accounts. Report any unrecognized transactions immediately for prompt action.
  • Check your credit reports. All of the major credit reporting bureaus allow one free credit report each year. By spacing them out over the course of the year, you can recognize errors or inaccuracies in your statements. If you’re married, space out your spouse’s report in the mix and you can check a report for free every other month. Act Immediately and report any errors on your credit report to the bureau involved.
  • Visit FTC OnGuard Online for a wealth of consumer tips and resources on staying safe online.
  • The Federal Trade Commission (FTC) maintains up-to-date information on Identity Theft and recent scams - please visit their site regularly
  • The FBI and Homeland Security US-CERT both post new scams frequently on their websites.
  • Krebs on Security
  • AARP Fraud Watch has many resources for AARP members. Call the AARP Fraud Watch Alert Helpline at 877-908-3360 to report or receive assistance

What to do if you suspect fraud or scam

  • Notify us immediately: Contact Us / Locations
  • Checking and savings accounts must be closed and new accounts, with new account numbers, must be opened.
  • If your ATM or debit card was compromised, request a new card with a new account number and a new personal identification number (PIN).
    PIN/PW creation tips: when creating a new PIN, do not use your birthdate or the last four digits of your social security number. Do not record your PIN on any article or on your ATM/debit card. Keep it in a safe and secured place.
  • Add confidential passwords to every account, (including new accounts), name, and social security number that was exposed to the scammer.
  • Close your Online Banking account if your user name and password was compromised, or if your computer was remotely accessed by anyone.
  • Place an alert on all open lines of credit, including home equity loans and credit cards.
  • Credit Cards: report the fraud to the credit card issuers and get new credit cards with new account numbers. (Ask the issuer to process the card as “account closed at consumer’s request.” Follow-up in writing to protect yourself in case of a disputed transaction.
  • Report the scam to the police. Some police departments may refuse to write a police report, but be persistent. Provide a copy of the police report to banks, credit card issuers, insurance company, and others that may request it.
  • Change user names and passwords on all websites.
  • Hang up or block all calls from scammers. Quite often, they will continue to call a victim for more money.
  • Add your phone number(s) to the National Do Not Call Registry:
  • File a complaint with the Federal Trade Commission, (FTC), by completing an online complaint form OR If your computer has been hacked, call the FTC’s Identity Theft Hotline, 1-877-ID-THEFT (438-4338) to file a complaint.
  • If a caller is rude, abusive, or if scammed money has already been sent, call the FTC: 1-877-FTC-HELP.
  • Place a fraud alert on your credit report by notifying 1 of the 3 credit reporting agencies. (They must share the information with the other 2 companies). The initial fraud alert is free, but will expire after 90 days. The alert can be renewed, but it is up to you to do so. The alert will make it more difficult for a scammer to open accounts in your name.
    • TransUnion – 1-888-909-8872
    • Experian – 1-888-397-3742
    • Equifax – 1-800-685-1111

      By placing a fraud alert, you can order one free copy of your credit report from each of the three reporting agencies. Make sure the agencies have your current contact information.
  • Have a reputable computer repair shop remove any viruses on your computer. You may need to purchase or updated Anti-Virus protection software. Do not download free versions of this software, or you may be installing additional viruses to your computer.
  • If your social security number has become associated with bad checks and credit, because of fraud or identity theft, contact your local office of the Social Security Administration to request that your SSN is changed. This is used in rare and the most extreme situations only.
  • If your mail has been stolen or misdirected, notify the postal inspector in your area about suspected mail theft.
  • If you have a passport, notify the passport office to be on the alert for anyone ordering a new passport fraudulently.


BOTNET: A group of compromised computers infected with malicious software and controlled as a group without the owner's knowledge. Used to distribute spam or malware, or conduct DDoS attacks. If your computer runs sluggish or returns page errors when you visit an anti-virus site, you may have unknowingly become part of a botnet. If your IP address is detected as generating malware, you can be charged with a cybercrime whether or not you even knew about it. The best way to eliminate a botnet from an infected computer is to wipe the entire hard drive clean and perform a system restore. And hope that you have a good, clean backup dated prior to the compromise.

DISTRIBUTED DENIAL OF SERVICE (DDoS): Form of electronic attack involving multiple computers, which send repeated HTTP requests or pings to a server to load it down and render it inaccessible for a period of time.

MADWARE: Mobile malware. Security experts rank mobile threats as the fastest rising cybercrime faced today. Your mobile device needs the same level security used to protect your PC. Always,
ALWAYS, lock your phone with a password or code to prevent unauthorized access. Your favorite anti-virus software is available for download as an app for whatever type device you use.

MALWARE: Software designed to infiltrate or damage a computer system without the owner's knowledge or consent. It is a blend of the words "malicious" and "software." It includes computer viruses, worms, trojan horses, spyware, adware and other malicious and unwanted software. Keep your operating system and anti-virus software patched and updated to protect yourself against malware threats.

PHARMING: Or "domain spoofing" is an attack in which a user can be redirected from a legitimate site to a fraudulent site and then fooled into entering sensitive data such as a password or credit card number. The fraudulent site often looks like the legitimate site; e.g. your bank. It is different from phishing in that the attacker does not have to rely on having the user click a link in an e-mail to deceive the user. Even if the user correctly enters a Web address into a browser's address bar, the attacker can still redirect the user to a malicious Web site.

PHISHING: Fraudulent e-mails, appearing to be from a trusted source such as your bank or credit card carrier, direct you to Web sites. Once there, you are asked to verify personal information such as name, account and credit card numbers, passwords and the like. These sites are often designed to look exactly like the site they are imitating. The information you provide is used to hijack your accounts and your identity. E-mails that warn you, with little or no notice, that your account will be shut down unless you reconfirm certain information, are very likely to be phishing. A newer tactic is to "confirm" personal credentials they supposedly have in their file, displaying false information. You call to correct the erroneous data and unwittingly provide them with the tools they need to steal your identity. NEVER follow a link or phone number provided in an email. Use a phone number or Web site address you know to be legitimate to check the source.

SCAREWARE: Software with malicious payloads sold to consumers. Victims are lured by fake ads warning of an infected computer, etc. Pop up ads trying to sell you anti-virus products are typically scareware.

SMISHING: Phishing attacks conducted via text messaging.

SPEAR PHISHING: Phishing attacks targeting targets specific entities holding whatever valuable information they seek. Typically, the crooks are looking for inside access to an organization's internal network. The target will receive an email appearing legitimate and click the link or open the attachment to unleash the malware. Some appear to contain confidential information the recipient believes was sent to them in error, and can’t resist the temptation to learn what’s inside. Others may alert you to account upgrades and ask login credentials to confirm continued access. Be aware of these tactics and avoid them, no matter how tempted you may be to respond. Take the time to confirm legitimacy before acting on them.

SPYWARE: Software that captures information from your computer such as browsing habits, usernames and passwords or credit card information. Current anti-virus software is your best prevention against spyware download.

TROJAN: Software programs that masquerade as regular games or utilities but harm your computer. Keep your anti-virus software and operating system patched and updated for your protection.

VIRUS: Small programs or scripts that harm your computer, causing it to cease functioning properly. This is old school – more of a threat in the early days of the Internet. Cybercrime has become quite sophisticated over the years. Once again, updated anti-virus software virtually eliminates this threat.

VISHING: Phishing attacks conducted over the telephone. The scammer will try to trick you into divulging personal information over the phone. Never provide your Social Security number, account numbers or passwords to anybody who contacts you unexpectedly. No matter what form of contact they may use. If you believe the call could be legitimate, contact the agency or company they claim to represent using a phone number that is known to you. Do not call a number they provide.

WORMS: Type of virus that replicates itself. Does not destroy files but can take up all available memory or had disk space by multiplying itself. It can cause your computer to run slowly or crash.

ZERO-DAY ATTACK: An attack or threat that exploits a security hole before or immediately after the vulnerability is known.


If you have any questions regarding using any of our online services, please contact your local office.

Contact Us