The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.
The subject line of the e-mails state: "Just for your time." The e-mail tells recipients that, "The Federal Deposit Insurance Corporation Online department kindly asks you to take part in our quick and easy 5 questions survey." It attempts to entice recipients to take the "survey" by telling them "In return we will credit $50.00 to your account - Just for your time!" The e-mail then directs recipients to click on a link to take the survey (a fraudulent link is provided).
This e-mail and associated Web site are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers.
The FDIC does not issue unsolicited e-mails. Consumers should NOT follow the link in the fraudulent e-mail.
Recently on social networking Web sites, such as Facebook, Twitter, etc., online merchants have been targeting consumers with e-mails, pop-ups, and advertisements for free trial offers of products like diet pills, teeth whiteners, vitamins, credit monitoring, etc. When consumers enroll for these offers, they are required to give a debit or credit card number agreeing to be billed and receive similar products and services. Many times, the unaware consumer has agreed to be charged for those other products and services. Put a stop to needless charges to your debit or credit card. Approach each of these offers with caution. If the free-trial you are interested in requires a debit or credit card number, the first thing you should do is thoroughly read the fine print and carefully consider the offer.
The Federal Deposit Insurance Corporation (FDIC) is reminding financial institutions, businesses and consumers that fraudulent correspondence claiming to be from the FDIC continues to be mailed, faxed and e-mailed in the United States and other countries. The correspondence uses various techniques to gain the trust of recipients in hopes they will provide sensitive personal information, including bank account numbers, that can be used to steal money and other assets. Recipients should NOT, under any circumstances, respond to the fraudulent requests. Institutions also are encouraged to inform customers that fraud artists may use the names of the FDIC and other government agencies and to take appropriate precautions.
The criminals, knowing that people trust the FDIC name, have duplicated the official logo and seal in fraudulent letters, forms, certificates and other correspondence. Recent examples have included invoices, bills, transfer forms, guarantees, endorsements, and confirmations of stock and investment purchases. In some cases, recipients were asked to complete fraudulent forms and return them by fax or e-mail. In other cases, recipients were asked to remit funds via check or wire transfer service.
The FDIC rarely sends unsolicited bills or other similar documents to financial institutions, businesses and consumers. In particular, the FDIC does not send unsolicited correspondence asking for sensitive personal information, including bank account information. Anyone receiving such correspondence should contact the FDIC immediately by calling toll-free at 1-877-ASK-FDIC (1-877-275-3342) or by e-mailing to alert@fdic.gov. Do not use contact information listed for the FDIC in the correspondence because it is likely to be falsified.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-3054, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Questions related to fraudulent correspondence, deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.
The following email is being circulated. It is a scam and does NOT come from NACHA. If you receive this email, please just delete. Never click on the link.
________________________________________
From: nacha.org [mailto:reports@nacha.org] Sent: Thursday, November 12, 2009 8:32 AM To: Subject: Rejected ACH transaction, please review the transaction report Dear bank account holder, The ACH transaction, recently initiated from your bank account (by you or any third party), was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below: Unauthorized ACH Transaction Report
------------------------------------------------------------------
Copyright ©2009 by NACHA - The Electronic Payments Association
October 20, 2009—“The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails appearing to be sent from the FDIC that are asking recipients to download and open a "personal FDIC insurance file" to check their deposit insurance coverage. These e-mails are fraudulent and were not sent by the FDIC. The FDIC is attempting to identify the source of the e-mails and disrupt the transmission.
Currently, the subject line of the fraudulent e-mails includes the wording "check your Bank Deposit Insurance Coverage." The e-mails state: "You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets."
The e-mails ask recipients to "visit the official FDIC website" by clicking on a hyperlink provided, which appears to be related to the FDIC and directs recipients to a fraudulent Web site. The Web site includes hyperlinks that appear to open forms. However, it is believed that clicking on the hyperlinks will cause an unknown executable file to be downloaded. While the FDIC is working with the United States Computer Emergency Readiness Team (US-CERT) to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to online banking services or to conduct identity theft. Financial institutions and consumers should NOT access the Web site or download the executable files provided on the Web site.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-3054, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov
February 18, 2009 -- The U.S. Small Business Administration issued a scam alert today to small businesses, warning them not to respond to letters falsely claiming to have been sent by the SBA asking for bank account information in order to qualify them for federal tax rebates.
The fraudulent letters were sent out with what appears to be an SBA letterhead to small businesses across the country, advising recipients that they may be eligible for a tax rebate under the Economic Stimulus Act, and that SBA is assessing their eligibility for such a rebate. The letter asks the small business to provide the name of its bank and account number.
These letters have not been sent by or authorized by the SBA, and all small businesses are strongly advised not to respond to them.
The scheme is similar in many ways to e-mail scams often referred to as “phishing” that seek personal data and financial account information that enables another party to access and individual’s bank accounts or to engage in identity theft.
The SBA is working with the SBA Office of Inspector General to investigate this matter. The Office of Inspector General asks that anyone who receives such a letter report it to the OIG Fraud Line at 1 (800) 767-0385, or e-mail at OIGHotline@sba.gov
January 16, 2009 -- The Federal Deposit Insurance Corporation (FDIC) is warning consumers, businesses and financial institutions to be aware of fraudulent e-mails allegedly from the Federal Reserve Bank. The fraudulent e-mails claim that a phishing attack has affected the Fedwire system and that restrictions are in place. The e-mails further instruct recipients to click on links within the e-mail for additional information.
The fraudulent e-mails have included various spoofed names and addresses in the "From:" line of the messages, including "Bank System Administration," "System Administration" and "Federal Reserve Bank." The e-mails contain the following message verbatim:
You're getting this letter in connection with new directives issued by U.S. Treasury Department. The directives concern U.S. Federal Wire online payments.
On January 1, 2009 a large-scaled phishing attack started and has been still lasting. A great number of banks and credit unions are affected by this attack and quantity of illegal wire transfers has reached an extremely high level.
U.S. Treasury Department, Federal Reserve and Federal Deposit Insurance Corporation (FDIC) in common worked out a complex of immediate actions for the highest possible reduction of fraudulent operations. We regret to inform you that definite restrictions will be applied to all Federal Wire transfers from January 6 till January 16.
Here you can get more detailed information regarding the affected banks and U.S. Treasury Department restrictions:
The message contains links to two Web pages that attempt to load malicious Trojan horse programs onto end users' computers.
Consumers, businesses and financial institutions should be aware that Fedwire operations are not restricted and are operating as normal, and should take the following precautions:
If an end user received the e-mail and clicked on any of the links, fully scan the computer using updated anti-virus software. If malicious code is detected on the computer, consult with a computer security or anti-virus specialist to remove the malicious code or re-install a clean image of the computer system.
Be aware that phishing e-mails frequently have links to Web pages that host malicious code and software. Do not follow Web links in unsolicited e-mails from apparent federal banking agencies. Instead, bookmark or type the agency's Web address. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software applications security patches are installed.
Do not open unsolicited or unexpected e-mail attachments because of the risk of malicious code or software in the attachments. Instead, call the agency using a known and appropriate telephone number to verify the legitimacy of the message and attached file.
Be alert to different variations of the fraudulent e-mails.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov
December 30, 2008 -- Banks across the nation have reported an increase in a cell phone text-messaging scam. Consumers have reported receiving a text message on their cell phone that their credit card/debit card/cell phone service has or will be deactivated and they need to text back (or call a number and verify) account and PIN information. Of course if they do, they soon find their account has been hit by criminals.
Community South will never ask for personal information in a text message or an email.
Victims of this scam should file a police report and contact their cell phone provider. They may also file a complaint with the Federal Trade Commission at www.FTC.gov http://www.FTC.gov
December 5, 2008—The Federal Reserve Board is alerting the public to instances of questionable solicitations directed at consumers. These solicitations promise consumers access to personal loans through a nonexistent Federal Reserve lending program.
Under this fraudulent scheme, targeted individuals are told that that they can work through a broker to access a Federal Reserve program that extends sizable secured loans to consumers. Consumers are encouraged to deposit large sums of money into a bank account, under the guise of a security deposit, in order to receive the purported loan.
The Federal Reserve is advising consumers that it has no involvement in these solicitations and does not directly sponsor consumer lending programs. The matter has been referred to the appropriate authorities for action.
Consumers are strongly urged to verify the legitimacy of potential service providers before entering into a business transaction. Individuals seeking personal finance options are encouraged to do business only with reputable lenders and to shop around for the most favorable loan terms.
Consumers with questions about solicitations that they suspect may be fraudulent are encouraged to contact the Federal Reserve Board Consumer Help Center at http://www.federalreserveconsumerhelp.gov/ or by calling 1-888-851-1920.
December 1, 2008—Our debit card processor, SHAZAM, has alerted Community South of a “vishing” fraud attack that is targeting financial institutions. The attack consists of an automated telephone call in which a prerecorded voice advises the recipient that the call is on behalf of SHAZAM and that the cardholder must “reactivate” his or her card by entering information immediately. These calls are fraudulent and have not been authorized by SHAZAM.
Always remember this advice whenever you receive a call requesting information: Never give personal or financial information such as your social security number, checking, account, debit card number, or credit card numbers over the phone unless you initiate the call and you know the person or organization.
If you have already received such a call and you have given information, please contact your local Community South Branch.
The National Do Not Call Registry is open for business, putting consumers in charge of the telemarketing calls they get at home. The Federal government created the national registry to make it easier and more efficient for you to stop getting telemarketing calls you don't want. You can register online at http://www.donotcall.gov/ or call toll-free, 1-888-382-1222 (TTY 1-866-290-4236), from the number you wish to register. Registration is free.
The Federal Trade Commission, the Federal Communications Commission, and the states are enforcing the National Do Not Call Registry. Placing your number on the registry will stop most, but not all, telemarketing calls.
This site has information for you—whether you're a consumer interested in signing up for the National Do Not Call Registry, or a telemarketer or seller interested in learning more about your responsibilities related to the Telemarketing Sales Rule.
You may even place your personal cell phone number on the National Do Not Call Registry. The registry has accepted cell phone numbers since it opened for registrations in June 2003. There is no deadline to register a home or cell phone number on the Registry.
You may have received an email telling you that your cell phone is about to be assaulted by telemarketing calls as a result of a new cell phone number database; however, that is not the case. Federal Communications Commission regulations prohibit telemarketers from using automated dialers to call cell phone numbers.
If you decide that you don’t want to receive prescreened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years or opt out of receiving them permanently. Call toll-free 1-888-5-OPTOUT (1-888-567-8688) or visit http://www.optoutprescreen.com/ for details. The telephone number and website are operated by the major consumer reporting companies. When you call or visit the website, you'll be asked to provide certain personal information, including your home telephone number, name, Social Security number, and date of birth. The information you provide is confidential and will be used only to process your request to opt out.
Remember that if you have joint credit relationships, like a mortgage or a car loan with a spouse, partner, or other adult, you may continue to receive some prescreened solicitations until both of you exercise your opt-out right.