Coming Soon! is getting a new look. Stay tuned for more details.
Login ID:
first time user
forgot password
Business Banking Registration
User Name:
Register Now

Forgot Password
Security Awareness

If you believe you are a victim of identity theft, you should place fraud alerts in your file at the nationwide consumer credit reporting companies as soon as possible.

You have the right to ask that nationwide consumer credit reporting companies place "fraud alerts" in your file to let potential creditors and others know that you may be a victim of identity theft. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you. It also may delay your ability to obtain credit.

You may place a fraud alert in your file by calling just one of the three nationwide consumer credit reporting companies. As soon as that agency processes your fraud alert, it will notify the other two, which then also must place fraud alerts in your file.

FDIC Consumer Education

The Federal Deposit Insurance Corporation provides news and information to help you protect against identity theft and steps to take if you become a victim. FDIC’s website 

The Federal Trade Commission developed in-depth information to help you minimize your risk by managing your personal information wisely and cautiously. We advise you to take the time to read this publication. Take Charge: Fighting Back Against Identity Theft

Don’t Be an On-Line Victim: How to Guard Against Internet Thieves and Electronic Scams

Free Credit Report

Mandated by the 2003 Fair and Accurate Credit Transactions Act (FACT), every consumer has access to one free annual credit report from each of the major credit reporting companies, Equifax, Experian and TransUnion. enables you to request your credit report online. We advise you to close your browser after obtaining your report to ensure that your personal information is not at risk.

Chatting with Kids About Being Online

Net Cetera, a publication from the Federal Trade Commission, provides guidelines and suggestions for parents to teach their children about "being online."
Even if you're not a parent, the guide contains basic information about socializing online, using mobile devices, and making computer security a habit.  

Net Cetera, Chatting with Kids About Being Online


E-mail Fraud

E-Mail fraud, sometimes referred to as spoofing, phishing, or imposter e-mail, is increasing at an alarming rate. It involves sending customers what appears to be a  legitimate e-mail request for account information, often under the guise of “helping” the customer by defining a potential security threat. The originator of the e-mail will ask for sensitive information like your social security number, account numbers, User ID, and passwords.
How’s it done? There are many varieties and versions of e-mail fraud. This describes the general theme.
  1. The perpetrator typically tries to convince customers that they are receiving a legitimate message from someone whom the customer may already be doing business with, such as a bank or credit card company. Techniques such as a false “from” address or the use of what appears to look like legitimate logos, web links, and graphics are used to mislead the customer. A simple matter of copy and paste.
  2. Next, after gaining the customer’s trust, the thieves will attempt to convince the customer to provide personal information and provides one or more methods for the customer to communicate that information back.
The email itself might contain a form for the customer to complete. Or, the e-mail might include a link to the perpetrator’s web site that contains a form for entering personal information. Like the e-mail, the web site is designed to trick the customer into believing it belongs to the bank.
In the end, the goal of the fraud is to use the customer’s information to gain unauthorized access to financial accounts or to engage in other illegal activities.

Identity Theft

Much has been written on the problem of Identity Theft. Our research led us to the Federal Trade Commission web site. Once again, we advise you to take the time to visit their website at

If you are a victim of identity theft, call the FTC’s Identity Theft Hotline toll-free at 1-877-IDTHEFT (438-4338).
The Federal Deposit Insurance Corporation (FDIC) has produced a multimedia presentation to help you protect yourself from identity theft. The presentation provides information on steps you should take to secure your computer and protect yourself from identity theft, as well as actions you should take if you become a victim of identity theft. The presentation is on the FDIC’s website at

Safety Tips

We cannot state enough how seriously we take the responsibility as caretaker of your accounts. It is important for you to be able to recognize an authentic email from us and follow safe internet practices.

1. Somerset Trust Company will NEVER request personal information from you via email. For that matter, no reputable organization should request personal information from you via public email. Likewise – DO NOT SEND an email to us that contains your personal information.
If you receive an email that looks like it came from us and requests your personal information, do not respond to it. Tell us about the email by calling 800-972-1651 or 814-443-9200.
Personal information includes:
  • Social Security Number
  • ATM or Debit Card PINs or access codes
  • Credit card numbers or expiration dates
  • User IDs and passwords
  • Bank account numbers
  • Mother’s maiden name
STC OnLine Banking provides for secure messaging after you login to online banking between you and the bank. This electronic messaging system is your one-to-one connection with us. It has nothing to do with any outside email service you may subscribe to. This assures you of full confidentiality and security of your messages. Please feel free to include as much detail as possible, including full account numbers, names, etc. in the messages you send Somerset Trust Company through STC OnLine Banking.
2. If a public email requests your personal information, don’t reply to it. Be wary of emails that ask you to submit any personal information or one that sends you personal information and asks you to verify or update it.
3. Access STC OnLine Banking, Trust Account Access, or Credit Card Access by typing Somerset Trust Company’s web site address into your web browser. Never go to a website from a link in an email and enter your personal details. Our web site address is
4. Review your bank account, credit card statements and phone bills as soon as you receive them to determine if there are any unauthorized charges. If your statement is late, call the appropriate business and confirm your billing address and account balances.
5. Look for the secure site symbol on your browser. Secure browsers employ secure sockets layer (SSL) technology to communicate with servers. This technology encrypts, or scrambles, your account information so it’s virtually impossible for anyone other than the Bank to read it.
You can identify that your online information is encrypted by locating a symbol of a closed lock or unbroken key displayed within your browser. Also, the website’s address should read https: for a secure website, not http:. Look for the ’s’. Again – https: indicates a secure website.
6. Change your passwords or PIN often. Use both letters and numbers and both upper and lower case letters if possible. Use a different password if you have multiple online account access points. 
Wired Access by Home Computer:
You will need a current anti-virus/anti-spyware scanning program, a current patched operating system, and a secure browser program. The Windows firewall should be activated, or another software firewall should be on the computer along with Intrusion Prevention or Intrusion Detection.
Access by Wireless Home Network:
You will need all of the security measures applicable to the wired home computers plus the wireless router should have strong password protection, and it is recommended the wireless network have at least WP A or WP A-2 PSK encryption rather than WEP encryption.