Reminder from the FDIC – March 24, 2008

FDIC reminds consumers to be aware of advance fee loan scams that prey on individuals who desperately need money quickly. The scam involves false promises to arrange for a loan in return for fees paid upfront by the applicant. Scam artists may design Websites with online loan applications or fraudulently use logos and letterhead of legitimate companies to make the offer look legitimate.

Applicants are guaranteed approval as soon as the required fees are paid upfront usually by way of wire transfer money to an individual overseas.

Warning signs of advance fee loans include:

• Loan approval is "guaranteed." Lenders don't guarantee loans before analyzing the application.
• The loan applicant is required to pay upfront fees. Loan fees are normally paid after the loan is approved.
• The lender or loan processor is located outside of the United States.
• Payment of fees is requested to be sent by retail wire transfers.

Victims should report crimes to the Internet Crime Complaint Center at http://www.ic3.gov/. More information about fraudulent advance loan fee scams can be found at http://www.onguardonline.gov/topics/Email-scams.aspx#8.

E-mail Claiming to Be From the FDIC – March 14, 2008

The FDIC has received a number of reports of a phishing e-mail that has the appearance of being sent from the FDIC.

This e-mail asks "Who is FDIC?" and "What can FDIC do for you?" It warns against identity theft and states that the "FDIC is presenting a new card insurance which can restore you up to $500 if you are a victim of internet fraud." The e-mail directs recipients to click on a link to be redirected to "an online signup page for this program."

This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT access the link provided within the body of the e-mail and, under any circumstances, not provide any personal information through this media.

FBI Warning about Fraudulent Complaint e-mails

The Federal Bureau of Investigation (FBI) is warning consumers to be cautious of e-mails claiming that someone has filed a complaint against them or their company with a government agency or other organization against you or your company. The fraudulent e-mails state that a complaint has been filed with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau. The e-mails are likely an effort to collect personally identifiable information.

The e-mails address the recipients by name, and other personal information may be contained within the e-mail. Some of the fraudulent e-mails refer to a complaint that is in the form of an attachment. It is believed that the attachment actually contains virus software designed to steal passwords and other personal information from the recipient. Once downloaded, the virus is designed to monitor username and password logins and record the activity entered on the compromised machine.

Consumers and businesses should be wary of any e-mail received from an unknown sender. They should not open any unsolicited e-mail or click on any hyperlinks provided. If you receive a scam e-mail please notify the Internet Crime Complaint Center (IC3) by filing a complaint at www.ic3.gov.

E-Mails Claiming to Be From the FDIC

Con artists know that people trust the FDIC name. That's why they may use our name and seal in fraudulent e-mails trying to obtain valuable information from consumers and businesses. These types of scams are commonly referred to as "phishing." Con artists use fake Web sites and e-mails to obtain valuable personal information from consumers.

The FDIC does not send out unsolicited e-mails or ask for detailed personal information. Additionally, the FDIC does not ask people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts. If you get this sort of e-mail appearing to be from the FDIC, you should assume that it is fraudulent.

To report a fraud, send an e-mail to the FDIC financial crimes unit at alert@fdic.gov or call the FDIC toll-free at 1-877-ASK-FDIC (1-877-275-3342).

FDIC Consumer Alert – May 4, 2007

FDIC Special Alert: Fraudulent E-Mail Claims to Be From the FDIC

The FDIC has received a report of an e-mail, originally sent on September 11, 2006, that has the appearance of being sent from the FDIC. However, instead of a typical phishing e-mail that might ask the recipient to click on a hyperlink to a spoofed Web site, this e-mail appears to deliver malicious software on to the recipient's computer.

After describing the FDIC and deposit insurance, the e-mail describes "a small client utility" that bank customers are asked to install on home and business computers "which is used to open Online Banking sessions." The e-mail goes on to state that "[t}his utility only starts whenever an online session is opened with a Financial Institution insured by the FDIC, thus it will never interfere with any programs installed on your computer. Please help us combat fraud by installing, ProBank on any computer that is used to open an Online Banking session."

The e-mail also asks institutions to "advertise and market the ProBank's existence to employees, suppliers, third-party service providers and customers." It suggests channels, such as "bank newsletters, memoranda, written policy, and internal and external bank Web sites."

This e-mail is a fraudulent attempt to obtain personal information from consumers and businesses. Consumers and businesses should NOT click the link provided within the body of the e-mail or install any software on their computer which is unfamiliar.

Additionally, financial institutions should not "advertise and market the ProBank's existence" to anyone as the e-mail suggests.

FDIC Consumer Alert – February 21, 2007

The FDIC has received reports from financial institutions of a fraudulent e-mail that has the appearance of being sent by the FDIC. The e-mail is purportedly from "FDIC Legal Information Technology" (sometimes FDIC Information Security) and asks the institution to run a script on its severs to improve security. The e-mail includes an attached script (a file ending in .php) and detailed instructions for installing the script on Unix/Linux and Windows systems.

Institutions should not open or run the attached file. It is believed this is an attempt to install a malicious payload on the institution’s network.

FDIC Consumer Alert – February 8, 2007

The FDIC has received a number of reports by banks, businesses, and consumers of a phishing e-mail that has the appearance of being sent from the FDIC. This new phishing e-mail is very similar to a phishing attempt we saw in October 2006.

The fraudulent e-mails appear in "memo format," on FDIC Office of the Inspector General (OIG) letterhead, and is purportedly from "Russell A. Rau, Assistant Inspector General for Audits." The memo includes the recipient's name and address in the "To" line. The "Subject" line states, "Division of Supervision and Consumer Protection's Risk-Focused Compliance Examination Process for [name inserted] (Report No. 05-038)." Note: The fraudulent e-mail use some genuine language obtained from an actual OIG audit report.

The fraudulent memo includes a hyper link called, "Take the Corrective Action -- Implement the LinkBank System." When clicked, the link takes the user to a spoofed FDIC Web page that uses text and logos from FDICconnect pages. Once on the page, users are asked to "certify" that they "will provide correct information in order to implement the LinkBank System."

This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT access the link provided within the body of the e-mail and, under any circumstances, not provide any personal information through this media.

FDIC Consumer Alert – February 5, 2007 & February 14, 2007

The FDIC has learned of fraudulent e-mails claiming to be from "ViewPoint Bank Financial Solutions in association with The Federal Deposit Insurance Corporation (FDIC), " and "Community America Credit Union Financial Solutions in association with The Federal Deposit Insurance Corporation (FDIC)." They state that, either institution "and FDIC, in collaboration with some of the most important credit card providers has launched a new service dedicated for those who wish to secure their credit cards against fraud and to be part of a Secure Online Network (SON)." The e-mails further state that "...the FDIC has signed several agreements with the most important online shopping stores, such as Yahoo!, eBay, Amazon and Half.com" and that consumers will be "...awarded with a shopping coupon code, giving discounts up to 15%," if they complete the suggested process.

Although the e-mails look like they originate from a ViewPoint Bank e-mail address, they are signed by "Henry James, Consumer Protection Director, son@fdic.gov." Also, the e-mails state that the "FDIC is currently in the process of expanding its partnerships with other banks and consumers will be notified via e-mail of any updates." This may be an indication that we will see other similar e-mails with different bank names on them.

This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT access the link provided within the body of the e-mail and, under any circumstances, not provide any personal information through this media.

FDIC Consumer Alert – November 20, 2006

The FDIC has received inquiries and complaints from bankers and consumers who have received an e-mail that has the appearance of being sent from the FDIC. Like previous phishing incidents in January 2004 (SA-5-2004) and in June 2006 (SA-163-2006), this e-mail informs the recipient that Department of Homeland Security Director Tom Ridge has advised the FDIC to suspend all deposit insurance on the recipient's bank account due to suspected violations of the USA PATRIOT Act.

The e-mail asks recipients to verify their accounts through a system referred to as "IDVerify." The e-mail further indicates that deposit insurance will be terminated and that all records of the recipient's account history "will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials."

The e-mail claims to be from "Donald E. Powell, Chairman Emeritus FDIC;" "Comptroller of the Currency;" and "Michael E. Bartell, Chief Information Officer."

This e-mail was NOT sent by the FDIC and is a fraudulent attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.

FDIC Consumer Alert – October 19, 2006

The FDIC has received reports by businesses and consumers of a phishing e-mail that has the appearance of being sent from the FDIC. This phishing e-mail, similar to that sent on September 29th, appears to be from the FDIC and ask recipients to click on a hyperlink titled "Take the Corrective Action – Implement the LinkBank System." The fraudulent e-mails are purportedly from "Russell A. Rau, Assistant Inspector General for Audits." The e-mails typically include a "Subject" line that states: "Compliance Examination for [recipient's name inserted]."

However, this is a new variation that includes a new and more dangerous hyperlink. When accessed, the hyperlink downloads an executable file to your computer. FDIC is currently analyzing the executable file; however, it is likely installing a keylogger or similar piece of malicious software. DO NOT click on the link provided in the phishing e-mail.

FDIC Consumer Alert – September 29, 2006

The FDIC has received reports by businesses and consumers of a phishing e-mail that has the appearance of being sent from the FDIC. The fraudulent e-mails appear in "memo format," on FDIC Office of the Inspector General (OIG) letterhead, and is purportedly from "Russell A. Rau, Assistant Inspector General for Audits." The memo includes the recipient's name and address in the "To" line. The "Subject" line states, "Division of Supervision and Consumer Protection's Risk-Focused Compliance Examination Process for [name inserted] (Report No. 05-038)." Note: The fraudulent e-mail use some genuine language obtained from an actual OIG audit report.

The fraudulent memo includes a hyper link called, "Take the Corrective Action -- Implement the LinkBank System." When clicked, the link takes the user to a spoofed FDIC Web page that uses text and logos from FDICconnect pages.

Once on the page, users are asked to "certify" that they "will provide correct information in order to implement the LinkBank System." The "LinkBank System" is described as:

"…a protocol developed by the FDIC and other federal agencies as a way to ensure that the standards for Online Banking security are met. This protocol is based on a client utility, safeConnect, that was developed to be installed on business computers which are used to open Online Banking sessions. This utility only interacts when an online session with a Financial Institution insured by the FDIC is opened, thus it will never interfere with any other applications."

After clicking on the certification radio button, another page is opened that asks for bank name, username, and password.

This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT to access the link provided within the body of the e-mail and, under any circumstances, not to provide any personal information through this media.

FDIC Consumer Alert – September 13, 2006

FDIC Special Alert: Fraudulent E-Mail Claims to Be From the FDIC

The FDIC has received a report of another new e-mail that has the appearance of being sent from the FDIC. This one is similar to the incident reported on September 11, 2006 (see below). However, this e-mail asks the recipient to click on a hyperlink to a spoofed Web site where the recipient is asked to enter confidential information.

After starting out with the same description of the FDIC and deposit insurance as Monday's reported phishing e-mail, the new e-mail states that "GoldLeaf Financial Solutions and the FDIC, in collaboration with the leaders in consumer payments processing systems launched SON - Secure Online Network." The e-mail goes on to describe "SON." It also tells the recipient that their "...personal information did not match any SON code..." and asks them to "...follow the link below where you will be redirected to your bank's Initiate-SON website. Once the application is processed, the SON code will be mailed to your bank-statement address."

This e-mail contains various subject lines on the e-mails, such as:

• Online Access Agreement Update
• Urgent Notification - Security Reminder
• SON Registration

Some of the e-mails are "personalized." For example:

"As your personal information did not match any SON code, to confirm that this is your personal information:" and then it includes the person's name, and address.

FDIC Consumer Alert – September 11, 2006

FDIC Special Alert: Fraudulent E-Mail Claims to Be From the FDIC

The FDIC has received a report of a new e-mail that has the appearance of being sent from the FDIC. However, instead of a typical phishing e-mail that might ask the recipient to click on a hyperlink to a spoofed Web site, this e-mail appears to deliver malicious software on to the recipient's computer.

After describing the FDIC and deposit insurance, the e-mail describes "a small client utility" that bank customers are asked to install on home and business computers "which is used to open Online Banking sessions." The e-mail goes on to state that "[t}his utility only starts whenever an online session is opened with a Financial Institution insured by the FDIC, thus it will never interfere with any programs installed on your computer. Please help us combat fraud by installing, ProBank on any computer that is used to open an Online Banking session."

The e-mail also asks institutions to "advertise and market the ProBank's existence to employees, suppliers, third-party service providers and customers." It suggests channels, such as "bank newsletters, memoranda, written policy, and internal and external bank Web sites."