2016 Calendar Photography Contest Winners

Farmers & Merchants Bank is proud to announce the winners of its 2016 Calendar Photography Contest. This year, 108 photographs were entered that went through two rounds of judging. All photographs were judged by peers on social media first, and the top twenty-four photographs were then judged by F&M Bank employees.

The winners are as follows:

Grand Prize-Kay Wright of Penn Laird

January-Adam Gunther of Edinburg

February-Tina Pangle of Harrisonburg

March-Emily Leary of Grottoes

April-Joy Beaman of Harrisonburg

May-Kristee Trumbo of Broadway

June-Emily Yankey of Timberville

July-Robert Williams of Broadway

August-Cheryl McClure of Bridgewater

September-Larry Painter of Elkton

October-Debbie Price of Luray

November-Jesse Judy of Luray

December-Donna Nesselrodt of Bergton

Honorable Mention-Marc Gunther of Edinburg

Photographers were tasked with capturing the natural beauty of the Shenandoah Valley, and the results are stunning.  Selections were difficult, as F&M received numerous breathtaking photographs.  We would like to thank the public for their participation and support.

Calendars will be available to the public in our branches beginning December 1, 2015.


2015 Christmas Club Dates

2015 Christmas Club Dates

The holidays will be here again before you know it. Get a head start on shopping with your F&M Bank Christmas Club savings.

2015 dates for deposits and savings disbursement:

Monday, October 5th The last day to make deposits for 2015 disbursement
Wednesday, October 7th  Direct Deposit customers will see a credit to their designated account
Friday, October 16th  Paper disbursement checks will be available for pickup at F&M branches
Tuesday, October 13th  Customers may begin to make deposits for 2016

Not a Christmas Club member? Contact us to get started for 2016.


Over 950 Students Reached through Online Financial Education

Farmers & Merchants Bank Reaches Shenandoah Area Students through Online Financial Education Program

Over 950 students reached during the 2014-2015 school year

Local high schools took advantage of My Money, My Future a free, online financial literacy program sponsored by Farmers & Merchants Bank, at no cost to the schools, during the 2014-15 school year. Farmers & Merchants Bank has partnered with leading education technology company EverFi, Inc., to bring this interactive, web-based financial management program to over 2,000 students since the program’s inception in 2011. In the 2014-2015 school year alone, the program reached more than 950 students.

“Farmers & Merchants Bank is very proud of the number of students we have reached with critical financial education, as it is just one of the many indicators of our commitment to the community,” Dean Withers, President, said. “We are proud of these statistics and prouder yet of the students’ efforts to understand important aspects of personal finance like what a credit score means and how to save for college.”

The 957 students reached through My Money, My Future completed 7,901 individual modules of learning during the 2014-15 school year.  The average overall knowledge gain of My Money, My Future students, according to pre- and post-assessment surveys, was 75 percentage points. Among the valuable topics covered were saving, banking, investing, renting versus owning, credit scores, taxes and insurance, and consumer fraud. Area students showed the most gain on the Financing Higher Education module, indicating improved knowledge about their future options.

“The program is engaging, interactive, practical, and 'real world',” said a high school teacher using the program. “I can't tell you how many times my students have made comments to the effect that they really appreciate learning things that they will actually use in the real world.”

Farmers & Merchants Bank has partnered with EverFi, Inc. to bring the program to local students at no cost to the schools or the taxpayer. The web-based program uses the latest in new media technology to bring complex financial concepts to life for today’s digital generation. The course offers over six hours of programming covering a variety of financial topics such as savings and investments, credit cards, and student loans. The platform uniquely tracks the progress and performance of every student and provides students who successfully complete the course with Certification in Financial Literacy, a valuable mark of distinction on college applications and resumes. EverFi’s curricula is highlighted in the CFPB’s April report, Policy Guide for Advancing K-12 Financial Education, for it’s innovative approach to teaching financial education and cutting-edge technology.

“EverFi strives to help today’s generation prepare for a lifetime of difficult financial decisions”, said EverFi CEO and Founder, Tom Davidson. “We are grateful for our partnership with Farmers & Merchants Bank which provides the critical tools students need to be informed and responsible consumers.”


F&M Bank serves the Shenandoah Valley with ten full-service branches, a network of ATMs, and a wide variety of financial services. Both individuals and businesses find the organization's local decision-making, and up-to-date technology provide the kind of responsive, knowledgeable, and reliable service that only a progressive community bank can. Farmers & Merchants Bank has grown to over $600 million in assets — celebrating its most successful year in history in 2014 — and boasts over 160 full and part-time employees. Its conservative approach to finances and sound investments, along with excellent customer service, has made F&M Bank profitable and continues to pave the way for a bright future.

About EverFi

EverFi, Inc. is the leading education technology company focused on teaching, assessing, and certifying K-12 and college students in the critical skills they need for life. The company teams with major corporations and foundations to provide the programs at no cost to K-12 schools. Some of America’s leading CEOs and venture capital firms are EverFi investors including Amazon founder and CEO Jeff Bezos, Twitter founder Evan Williams, Rethink Education, New Enterprise Associates, Inc. (NEA), and Tomorrow Ventures (the investment arm of Google Chairman Eric Schmidt).  Learn more at www.everfi.com.

The Harm in Password Reuse

Every day malicious cyber-actors compromise websites and post lists of usernames, email addresses, and passwords online. While this can be embarrassing, such as when thousands of government employees email addresses and passwords were exposed during the recent Ashley Madison breach, it also leaves users open to follow-on potential attacks due to password reuse.

Every day malicious cyber-actors compromise websites and post lists of usernames, email addresses, and passwords online. While this can be embarrassing, such as when thousands of government employees email addresses and passwords were exposed during the recent Ashley Madison breach, it also leaves users open to follow-on potential attacks due to password reuse.

Password reuse is when someone reuses the same password on multiple websites or accounts.  This is a vulnerability when the password is exposed in coordination with other information that identifies who is using the password, such as first and last names, login names, or email addresses.

How Password Reuse is a Threat

NEVER use your work email address when signing up for and accessing personal web sites.

Password reuse is a threat because malicious actors can take advantage of a reused password if there is other associated information that identifies you. This typically occurs through one of two potential scenarios:

In the first, and most common  scenario, the malicious actors can search for other accounts you use and try to login with the same password. In some cases the actors might try to find personal accounts such as Facebook, Twitter, or banking websites. If they can identify those accounts, and you reuse your password, they can login as you. In other instances the malicious actors may try to determine where you are employed and attempt to use for remote access, such as through a remote email or timecard access.

A second scenario involving a malicious website is much less common, but still poses a threat. In this scenario the malicious cyber-actor sets up a website that spoofs a legitimate web site, which requests you enter an email address, password, and potentially other information to gain access. Once you have done that, they know who you are and can search for your other accounts where you used the same password.

Avoiding Password Reuse

Avoiding password reuse can be challenging because of the number of websites and accounts that require passwords, some of which require updating your password every 30 days.  There are two ways to both avoid password reuse and to ensure any password meets the recommended password complexity requirements.

The first technique is to use a password manager to remember each unique password. Password managers are applications that can be stored on a computer, smartphone, or in the cloud, and will securely track passwords and where they are used. Most password managers can also generate complex random passwords for each account if you choose to do so. As long as the password to access the password manager is sufficiently complex, this technique can be affective. However, if the company running the password manager is compromised (which does happen!) it is possible that all your passwords will also be compromised. If you choose a password manager that is local to your computer or smartphone, that information may be compromised if malware gets on your computer or you lose your smartphone.  When choosing a password manager, ensure it is from a known, trustworthy company.

The second technique is to choose a repeatable pattern for your password, such as choosing a sentence that incorporates something unique about the website or account, and then using the first letter of each word as your password. For example the sentence: “This is my August password for the Center for Internet Security website.” would become “TimAp4tCfISw.” Since a strong password is complex, and includes upper and lower case letters, numbers, and a symbol, this password keeps the capitalization within the sentence, translates the word “for” to the number “4,” and adds the period to include to add a symbol. The vulnerability in this technique is that if multiple passwords from the same user are exposed it may reveal the pattern.

Regardless of how a unique password is chosen, it is critically important that every password is unique. Some companies, such as Facebook, have begun programs to identify password reuse. Facebook’s program to identify password reuse involves monitoring for lists of compromised usernames, emails, and passwords, and attempting to match those to the usernames or email addresses of existing Facebook users. If a match is found Facebook asks the user to reset their Facebook password.

Article sourced from the Desk of Thomas F. Duffy, Chair, MS-ISAC. Republished with permission.

Further advice on choosing a strong, complex password is available in the MS-ISAC Security Primer available at: http://msisac.cisecurity.org/documents/SecuringLoginCredentials.cfm