|
Consumer Alerts
E-mail Claiming to Be From the FDIC – March 25, 2009
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.
The subject line of the e-mail states: "Inquiry about your bank account." The e-mail tells recipients that, "due to many fraud and money laundering attempts made by non-US residents the past 2 months using fake information to open US bank accounts, and using them for illegal purposes, we require all FDIC member's banks customers to update some information on their bank accounts as soon as possible in order to confirm their identities."
The e-mail then asks recipients to follow a hyperlink and then to click on their bank’s logo. It then informs recipients that they will be redirected to their bank’s Web site "through a specialized link" and that, once logged in, they will need to "fill some information."
This e-mail is fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to on-line banking services or to conduct identity theft.
The FDIC does not issue unsolicited e-mails to consumers. Financial institutions and consumers should NOT follow the link in the fraudulent e-mail.
|
E-mail Claiming to Be From Federal Reserve Bank – January 7, 2009
Fraudulent e-mails claiming to be from the Federal Reserve Bank warning of a phishing attack on the Fedwire system are reportedly in circulation. The fraudulent e-mails claim that a phishing attack has affected the Fedwire system and that restrictions are in place. The e-mails further instruct recipients to click on links within the e-mail for additional information.
The fraudulent e-mails have included various spoofed names and addresses in the “From:” line of the messages, including “Bank System Administration,” “System Administration,” and “Federal Reserve Bank.” The e-mails contain the following message (including shown grammatical errors):
“FEDERAL RESERVE BANK
Important:
You're getting this letter in connection with new directives issued by U.S. Treasury Department. The directives concern U.S. Federal Wire online payments.
On On January 1, 2009 a large-scaled phishing attack started and has been still lasting. A great number of banks and credit unions is affected by this attack and quantity of illegal wire transfers has reached an extremely high level.
U.S. Treasury Department, Federal Reserve and Federal Deposit Insurance Corporation (FDIC) in common worked out a complex of immediate actions for the highest possible reduction of fraudulent operations. We regret to inform you that definite restrictions will be applied to all Federal Wire transfers from January 6 till January 16.
Here you can get more detailed information regarding the affected banks and U.S. Treasury Department restrictions:”
The message contains links to two Web pages that attempt to load malicious Trojan horse programs onto end users’ computers.
Consumers, businesses, and financial institutions should be aware that Fedwire operations are not restricted and are operating as normal and should take the following precautions.
- If an end user received the e-mail and clicked on any of the links, fully scan the computer using updated anti-virus software. If malicious code is detected on the computer, consult with a computer security or anti-virus specialist to remove the malicious code or re-install a clean image of the computer system.
- Be aware that phishing e-mails frequently have links to Web pages that host malicious code and software. Do not follow Web links in unsolicited e-mails from apparent Federal banking agencies. Instead, bookmark or type the agency’s Web address.
- Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software applications security patches are installed.
- Do not open unsolicited or unexpected e-mail attachments because of the risk of malicious code or software in the attachments. Instead, call the agency using a known and appropriate telephone number to verify the legitimacy of the message and attached file.
- Be alert for different variations of the fraudulent e-mails.
|
E-mail Claiming to Be From the FDIC – October 9, 2008
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.
The subject line of the e-mail states: "Funds wired into your account are stolen." The e-mail tells recipients that the proceeds of identity theft crimes have been wire-transferred into their bank account. The e-mail then directs recipients to open and review an attached copy of their bank account statement. The attached file is actually an unknown executable file.
Recipients should consider the intent of the executable file as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to on-line banking services or to conduct identity theft.
The FDIC does not issue unsolicited e-mails to consumers. Financial institutions and consumers should NOT open the executable file attached to the fraudulent e-mail.
|
Reminder from the FDIC – March 24, 2008
FDIC reminds consumers to be aware of advance fee loan scams that prey on individuals who desperately need money quickly. The scam involves false promises to arrange for a loan in return for fees paid upfront by the applicant. Scam artists may design Websites with online loan applications or fraudulently use logos and letterhead of legitimate companies to make the offer look legitimate.
Applicants are guaranteed approval as soon as the required fees are paid upfront usually by way of wire transfer money to an individual overseas.
Warning signs of advance fee loans include:
- Loan approval is "guaranteed." Lenders don't guarantee loans before analyzing the application.
- The loan applicant is required to pay upfront fees. Loan fees are normally paid after the loan is approved.
- The lender or loan processor is located outside of the United States.
- Payment of fees is requested to be sent by retail wire transfers.
Victims should report crimes to the Internet Crime Complaint Center at http://www.ic3.gov/. More information about fraudulent advance loan fee scams can be found at http://www.onguardonline.gov/topics/Email-scams.aspx#8.
|
E-mail Claiming to Be From the FDIC – March 14, 2008
The FDIC has received a number of reports of a phishing e-mail that has the appearance of being sent from the FDIC.
This e-mail asks "Who is FDIC?" and "What can FDIC do for you?" It warns against identity theft and states that the "FDIC is presenting a new card insurance which can restore you up to $500 if you are a victim of internet fraud." The e-mail directs recipients to click on a link to be redirected to "an online signup page for this program."
This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT access the link provided within the body of the e-mail and, under any circumstances, not provide any personal information through this media.
|
FBI Warning about Fraudulent Complaint e-mails
The Federal Bureau of Investigation (FBI) is warning consumers to be cautious of e-mails claiming that someone has filed a complaint against them or their company with a government agency or other organization against you or your company. The fraudulent e-mails state that a complaint has been filed with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau. The e-mails are likely an effort to collect personally identifiable information.
The e-mails address the recipients by name, and other personal information may be contained within the e-mail. Some of the fraudulent e-mails refer to a complaint that is in the form of an attachment. It is believed that the attachment actually contains virus software designed to steal passwords and other personal information from the recipient. Once downloaded, the virus is designed to monitor username and password logins and record the activity entered on the compromised machine.
Consumers and businesses should be wary of any e-mail received from an unknown sender. They should not open any unsolicited e-mail or click on any hyperlinks provided. If you receive a scam e-mail please notify the Internet Crime Complaint Center (IC3) by filing a complaint at www.ic3.gov.
|
E-Mails Claiming to Be From the FDIC
Con artists know that people trust the FDIC name. That's why they may use our name and seal in fraudulent e-mails trying to obtain valuable information from consumers and businesses. These types of scams are commonly referred to as "phishing." Con artists use fake Web sites and e-mails to obtain valuable personal information from consumers.
The FDIC does not send out unsolicited e-mails or ask for detailed personal information. Additionally, the FDIC does not ask people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts. If you get this sort of e-mail appearing to be from the FDIC, you should assume that it is fraudulent.
To report a fraud, send an e-mail to the FDIC financial crimes unit at alert@fdic.gov or call the FDIC toll-free at 1-877-ASK-FDIC (1-877-275-3342).
|
FDIC Consumer Alert – May 4, 2007
FDIC Special Alert: Fraudulent E-Mail Claims to Be From the FDIC
The FDIC has received a report of an e-mail, originally sent on September 11, 2006, that has the appearance of being sent from the FDIC. However, instead of a typical phishing e-mail that might ask the recipient to click on a hyperlink to a spoofed Web site, this e-mail appears to deliver malicious software on to the recipient's computer.
After describing the FDIC and deposit insurance, the e-mail describes "a small client utility" that bank customers are asked to install on home and business computers "which is used to open Online Banking sessions." The e-mail goes on to state that "[t}his utility only starts whenever an online session is opened with a Financial Institution insured by the FDIC, thus it will never interfere with any programs installed on your computer. Please help us combat fraud by installing, ProBank on any computer that is used to open an Online Banking session."
The e-mail also asks institutions to "advertise and market the ProBank's existence to employees, suppliers, third-party service providers and customers." It suggests channels, such as "bank newsletters, memoranda, written policy, and internal and external bank Web sites."
This e-mail is a fraudulent attempt to obtain personal information from consumers and businesses. Consumers and businesses should NOT click the link provided within the body of the e-mail or install any software on their computer which is unfamiliar.
Additionally, financial institutions should not "advertise and market the ProBank's existence" to anyone as the e-mail suggests.
|
FDIC Consumer Alert – February 21, 2007
The FDIC has received reports from financial institutions of a fraudulent e-mail that has the appearance of being sent by the FDIC. The e-mail is purportedly from "FDIC Legal Information Technology" (sometimes FDIC Information Security) and asks the institution to run a script on its severs to improve security. The e-mail includes an attached script (a file ending in .php) and detailed instructions for installing the script on Unix/Linux and Windows systems.
Institutions should not open or run the attached file. It is believed this is an attempt to install a malicious payload on the institution’s network.
|
FDIC Consumer Alert – February 8, 2007
The FDIC has received a number of reports by banks, businesses, and consumers of a phishing e-mail that has the appearance of being sent from the FDIC. This new phishing e-mail is very similar to a phishing attempt we saw in October 2006.
The fraudulent e-mails appear in "memo format," on FDIC Office of the Inspector General (OIG) letterhead, and is purportedly from "Russell A. Rau, Assistant Inspector General for Audits." The memo includes the recipient's name and address in the "To" line. The "Subject" line states, "Division of Supervision and Consumer Protection's Risk-Focused Compliance Examination Process for [name inserted] (Report No. 05-038)." Note: The fraudulent e-mail use some genuine language obtained from an actual OIG audit report.
The fraudulent memo includes a hyper link called, "Take the Corrective Action -- Implement the LinkBank System." When clicked, the link takes the user to a spoofed FDIC Web page that uses text and logos from FDICconnect pages. Once on the page, users are asked to "certify" that they "will provide correct information in order to implement the LinkBank System."
This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT access the link provided within the body of the e-mail and, under any circumstances, not provide any personal information through this media.
|
FDIC Consumer Alert – February 5, 2007 & February 14, 2007
The FDIC has learned of fraudulent e-mails claiming to be from "ViewPoint Bank Financial Solutions in association with The Federal Deposit Insurance Corporation (FDIC), " and "Community America Credit Union Financial Solutions in association with The Federal Deposit Insurance Corporation (FDIC)." They state that, either institution "and FDIC, in collaboration with some of the most important credit card providers has launched a new service dedicated for those who wish to secure their credit cards against fraud and to be part of a Secure Online Network (SON)." The e-mails further state that "...the FDIC has signed several agreements with the most important online shopping stores, such as Yahoo!, eBay, Amazon and Half.com" and that consumers will be "...awarded with a shopping coupon code, giving discounts up to 15%," if they complete the suggested process.
Although the e-mails look like they originate from a ViewPoint Bank e-mail address, they are signed by "Henry James, Consumer Protection Director, son@fdic.gov." Also, the e-mails state that the "FDIC is currently in the process of expanding its partnerships with other banks and consumers will be notified via e-mail of any updates." This may be an indication that we will see other similar e-mails with different bank names on them.
This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT access the link provided within the body of the e-mail and, under any circumstances, not provide any personal information through this media.
|
FDIC Consumer Alert – November 20, 2006
The FDIC has received inquiries and complaints from bankers and consumers who have received an e-mail that has the appearance of being sent from the FDIC. Like previous phishing incidents in January 2004 (SA-5-2004) and in June 2006 (SA-163-2006), this e-mail informs the recipient that Department of Homeland Security Director Tom Ridge has advised the FDIC to suspend all deposit insurance on the recipient's bank account due to suspected violations of the USA PATRIOT Act.
The e-mail asks recipients to verify their accounts through a system referred to as "IDVerify." The e-mail further indicates that deposit insurance will be terminated and that all records of the recipient's account history "will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials."
The e-mail claims to be from "Donald E. Powell, Chairman Emeritus FDIC;" "Comptroller of the Currency;" and "Michael E. Bartell, Chief Information Officer."
This e-mail was NOT sent by the FDIC and is a fraudulent attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
|
FDIC Consumer Alert – October 19, 2006
The FDIC has received reports by businesses and consumers of a phishing e-mail that has the appearance of being sent from the FDIC. This phishing e-mail, similar to that sent on September 29th, appears to be from the FDIC and ask recipients to click on a hyperlink titled "Take the Corrective Action – Implement the LinkBank System." The fraudulent e-mails are purportedly from "Russell A. Rau, Assistant Inspector General for Audits." The e-mails typically include a "Subject" line that states: "Compliance Examination for [recipient's name inserted]."
However, this is a new variation that includes a new and more dangerous hyperlink. When accessed, the hyperlink downloads an executable file to your computer. FDIC is currently analyzing the executable file; however, it is likely installing a keylogger or similar piece of malicious software. DO NOT click on the link provided in the phishing e-mail.
|
FDIC Consumer Alert – September 29, 2006
The FDIC has received reports by businesses and consumers of a phishing e-mail that has the appearance of being sent from the FDIC. The fraudulent e-mails appear in "memo format," on FDIC Office of the Inspector General (OIG) letterhead, and is purportedly from "Russell A. Rau, Assistant Inspector General for Audits." The memo includes the recipient's name and address in the "To" line. The "Subject" line states, "Division of Supervision and Consumer Protection's Risk-Focused Compliance Examination Process for [name inserted] (Report No. 05-038)." Note: The fraudulent e-mail use some genuine language obtained from an actual OIG audit report.
The fraudulent memo includes a hyper link called, "Take the Corrective Action -- Implement the LinkBank System." When clicked, the link takes the user to a spoofed FDIC Web page that uses text and logos from FDICconnect pages.
Once on the page, users are asked to "certify" that they "will provide correct information in order to implement the LinkBank System." The "LinkBank System" is described as:
"…a protocol developed by the FDIC and other federal agencies as a way to ensure that the standards for Online Banking security are met. This protocol is based on a client utility, safeConnect, that was developed to be installed on business computers which are used to open Online Banking sessions. This utility only interacts when an online session with a Financial Institution insured by the FDIC is opened, thus it will never interfere with any other applications."
After clicking on the certification radio button, another page is opened that asks for bank name, username, and password.
This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT to access the link provided within the body of the e-mail and, under any circumstances, not to provide any personal information through this media.
|
FDIC Consumer Alert – September 13, 2006
FDIC Special Alert: Fraudulent E-Mail Claims to Be From the FDIC
The FDIC has received a report of another new e-mail that has the appearance of being sent from the FDIC. This one is similar to the incident reported on September 11, 2006 (see below). However, this e-mail asks the recipient to click on a hyperlink to a spoofed Web site where the recipient is asked to enter confidential information.
After starting out with the same description of the FDIC and deposit insurance as Monday's reported phishing e-mail, the new e-mail states that "GoldLeaf Financial Solutions and the FDIC, in collaboration with the leaders in consumer payments processing systems launched SON - Secure Online Network." The e-mail goes on to describe "SON." It also tells the recipient that their "...personal information did not match any SON code..." and asks them to "...follow the link below where you will be redirected to your bank's Initiate-SON website. Once the application is processed, the SON code will be mailed to your bank-statement address."
This e-mail contains various subject lines on the e-mails, such as:
-
Online Access Agreement Update
-
Urgent Notification - Security Reminder
-
SON Registration
Some of the e-mails are "personalized." For example:
"As your personal information did not match any SON code, to confirm that this is your personal information:" and then it includes the person's name, and address.
This e-mail is a fraudulent attempt to obtain personal information from consumers. Consumers should NOT to access the link provided within the body of the e-mail and, under any circumstances, not to provide any personal information through this media.
|
FDIC Consumer Alert – September 11, 2006
FDIC Special Alert: Fraudulent E-Mail Claims to Be From the FDIC
The FDIC has received a report of a new e-mail that has the appearance of being sent from the FDIC. However, instead of a typical phishing e-mail that might ask the recipient to click on a hyperlink to a spoofed Web site, this e-mail appears to deliver malicious software on to the recipient's computer.
After describing the FDIC and deposit insurance, the e-mail describes "a small client utility" that bank customers are asked to install on home and business computers "which is used to open Online Banking sessions." The e-mail goes on to state that "[t}his utility only starts whenever an online session is opened with a Financial Institution insured by the FDIC, thus it will never interfere with any programs installed on your computer. Please help us combat fraud by installing, ProBank on any computer that is used to open an Online Banking session."
The e-mail also asks institutions to "advertise and market the ProBank's existence to employees, suppliers, third-party service providers and customers." It suggests channels, such as "bank newsletters, memoranda, written policy, and internal and external bank Web sites."
This e-mail is a fraudulent attempt to obtain personal information from consumers and businesses. Consumers and businesses should NOT click the link provided within the body of the e-mail or install any software on their computer which is unfamiliar.
Additionally, financial institutions should not "advertise and market the ProBank's existence" to anyone as the e-mail suggests.
|
Consumer Alert – August 15, 2006
FDIC Special Alert: Consumer Alert – Fraudulent E-Mail Claims to Be From the FDIC
The FDIC is aware of a phishing e-mail that has the appearance of being sent from the FDIC. The name "Federal Deposit Insurance Corporation" appears on the "From" line and the subject is, "IMPORTANT: Notification of Federal Deposit Insurance Corporation."
This e-mail claims that the FDIC has received an application from the receipt's bank to insure their checking or savings account against fraud, phishing and identity theft. The e-mail further instructs the recipient to enroll in "the FDIC protection system" by clicking on a link to a spoofed FDIC Web page. The spoofed Web page requests the following information:
First Name, Last Name, Phone Number, Social Security Number, Mother's Maiden Name, Driver License/Issued State, Date of Birth, E-mail Address, Street Address, City, State, Zip/Postal Code, Name on Credit Card, Credit/Debit/ATM Card Number, Card Expiration Date, Card Verification Number, Personal Identification Number, FDIC-Insured Institution (Bank Name), Bank Routing Number, and Bank Account Number.
This e-mail was not sent by the FDIC and is a fraudulent attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and the location of the Web site in order to disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.
|
|