Internet scammers casting about for people's financial information have a new way to lure unsuspecting victims: They go "phishing."
Phishing is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information. Identifying the fraudulent e-mails and web sites is not easy. Here are a few examples of fraudulent e-mails that we are aware of to help you better protect yourself. If you believe that you have received one of these e-mails or may have become the victim of identity theft, please contact the bank immediately.
Fraudlent E-mails Appearing to Come from NACHA
NACHA, the system that processes ACH transactions between banks, has been the victim of sustained and evolving phishing attacks in which consumers and businesses are receiving emails that appear to come from NACHA. The attacks are occurring with greater frequency and increased sophistication. Perpetrators may also be exploiting email addresses recently stolen from Epsilon. These fraudulent emails typically make reference to an ACH transfer, payment, or transaction and contain a link or attachment that infects the computer with malicious code when clicked on by the email recipient. The contents of these fraudulent emails vary, with more recent examples including a counterfeit NACHA logo and the citation of NACHA’s physical mailing address and telephone number. NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive. If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software application security patches are installed and current. Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation (FDIC).
FTC Consumer Alert
How Not to Get Hooked by a 'Phishing' Scam
“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
Have you received email with a similar message? It’s a scam called “phishing” — and it involves Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.
According to the Federal Trade Commission (FTC), the nation’s consumer protection agency, phishers send an email or pop-up message that claims to be from a business or organization that you may deal with — for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message may ask you to “update,” “validate,” or “confirm” your account information. Some phishing emails threaten a dire consequence if you don’t respond. The messages direct you to a website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
The FTC suggests these tips to help you avoid getting hooked by a phishing scam:
You can learn other ways to avoid email scams and deal with deceptive spam at ftc.gov/spam.
The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace and to provide information to help consumers spot, stop and avoid them. To file a complaint or get free information on consumer issues, visit ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. Watch a new video, How to File a Complaint, at ftc.gov/video to learn more. The FTC enters consumer complaints into the Consumer Sentinel Network, a secure online database and investigative tool used by hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
USA Patriot Act
IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING OR CHANGING AN ACCOUNT WITH YOUR FINANCIAL INSTITUTION
Section 326 of the USA PATRIOT ACT requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account or changes an existing account. This federal requirement applies to all new customers and current customers. This information is used to assist the United States government in the fight against the funding of terrorism and money-laundering activities.
What this means to you: when you open an account or change an existing account, we will ask each person for their name, physical address, mailing address, date of birth, and other information that will allow us to identify them. We will ask to see each person’s driver’s license and other identifying documents and copy or record information from each of them.
By federal law, as of 1/1/2013, funds in a noninterest-bearing transaction account (including an IOLTA/IOLA) will no longer receive unlimited deposit insurance coverage, but will be FDIC-insured to the legal maximum of $250,000 for each ownership category.
For more information visit http://www.fdic.gov/deposit/deposits/unlimited/expiration.html.