We are committed to helping our clients protect themselves against identity theft and account fraud. Communication is often the key in preventing and minimizing fraud. Please refer to this page often for updates on the latest fraud alerts.
FBI Warning on "Man-in-the-Email" Scams
12/4/2013 – The FBI is warning businesses and consumers of "man-in-the-email" scams. Fraudsters may intercept legitimate e-mails between the businesses and their suppliers and then spoof subsequent e-mails impersonating each company to the other. The business thinks they are sending money to the supply partner when in reality the funds are being sent directly to the bank accounts managed by the attackers. Although the latest attacks have occurred to businesses on the West Coast, they soon will likely spread to other parts of the country. The FBI scam release and tips on reducing this type of fraud can be viewed here.
Cyber Criminals Continue to Spear-Phish Attacks
6/25/2013 – The FBI has seen an increase in criminals who use spear-phishing attacks to target multiple industry sectors. These attacks allow criminals to access private computer networks. They exploit that access to create fake identities, steal intellectual property, and compromise financial credentials to steal money from victims' accounts. Often, the e-mails contain accurate information about victims obtained via a previous intrusion or from data posted on social networking sites, blogs, or other websites. This information adds a veneer of legitimacy to the message, increasing the chances the victims will open the e-mail and respond as directed. Recent attacks have convinced victims that software or credentials they use to access specific websites needs to be updated. The e-mail contains a link for completing the update. If victims click the link, they are taken to a fraudulent website through which malicious software (malware) harvests details such as the victim's usernames and passwords, bank account details, credit card numbers, and other personal information. To avoid becoming a victim, keep in mind that online businesses, including banks and merchants, typically will not ask for personal information, such as usernames and passwords, via e-mail. When in doubt either call the company directly or open your computer's Internet browser and type the known website's address. Don't use the telephone number contained in the e-mail, which is likely to be fraudulent as well. In general, avoid following links sent in e-mails, especially when the sender is someone you do not know or appears to be from a business advising that your account information needs to be updated. If you believe you may have fallen victim to a spear-phishing attack, file a complaint with the FBI's Internet Crime Complaint Center here.
Reports of DHS-Themed Ransomware
3/21/2013 – The United States Computer Emergency Readiness Team (US-CERT) has received reports of apparent Department of Homeland Security (DHS) ransomware occurring in the wild. Users who are being targeted by the ransomware receive an email message claiming that use of their computer has been suspended and that the user must pay a fine to unlock it. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division. Users who are infected with the malware should consult with a reputable security expert to assist in removing the malware, or perform a clean reinstallation of their operating system after formatting their computer's hard drive. Other preventative measures to protect from phishing scams and malware can be accessed here.
E-mail Claiming to Be From the FDIC
1/30/2013 – The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC. While the e-mails exhibit variations in the "From" and "Subject" lines, the messages are similar. The fraudulent e-mails are addressed to the attention of the “Accounting Department” and meant to notify recipients that “ACH and WIRE transactions” are being blocked until “a special security software” is installed. They then instruct recipients to go to a Web site for instructions on how to download the necessary files by clicking on a hyper-link provided (Note: the Web site addresses (URL) vary widely). This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided. The FDIC does not issue unsolicited e-mails to consumers or business account holders.
Phishing Alert: FBI Warns of Malware in Attempt to Extort Money
8/17/12 – The FBI released an where the IC3 has been made aware of a new Citadel malware platform used to deliver ransomware named Reveton. The ransomware lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States federal law. The message further declares the user’s IP address has been identified by the Federal Bureau of Investigation as visiting websites that feature child pornography and other illegal content. To unlock the computer, the user is instructed to pay a fine to the U.S. Department of Justice using a prepaid money card service. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud. If you have received this or something similar, do not follow payment instructions. Infected computers may not operate normally. Be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background. Certain malware can capture personal information such as user names, passwords, and credit card numbers through keystroke logging programs. If your computer is infected, you may need to contact a local computer expert for assistance to remove the malware.
Phishing Alert: E-mails Claiming to be from the BBB
11/23/2011 – The Better Business Bureau is issuing an urgent SCAM alert cautioning businesses and consumers about an email that is purporting to be from a bbb.org email address about a recently filed complaint. The email contains a dangerous attachment regarding a complaint and appears to direct recipients to the BBB website. This is a scam – BBB does not send complaints as attachments via email. The email appears to come from a fake BBB employee claiming that the recipient needs to review this matter and advise the BBB of their position. From there, the email appears to direct the recipient to the BBB website, but actually directs them to an outside link. This email is fraudulent and does not originate from the BBB. The email attachment and link are malicious and it is strongly advised to not open or click them. Should you receive such an email, please disregard its message, and report any information received to BBB’s Scam Source, and then delete it. If you have clicked on the link, immediately do a virus scan.
Phishing Alert: Fraudulent E-mails Claiming to be from NACHA
5/15/2011 – The National Automated Clearing House Association (NACHA) continues to receive reports that individuals and/or companies have received fraudulent e-mail that has the appearance of having been sent from NACHA. These e-mails vary in content and format, and appear to be transmitted from e-mail addresses associated with the NACHA domain (@nacha.org). The spoofed e-mail addresses include: email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, and email@example.com. Some bear the name of fictitious NACHA employees and/or departments.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals and organizations about individual ACH transactions that they originate or receive. NACHA has requested that you please forward fraudulent e-mails claiming to be from NACHA to firstname.lastname@example.org. The links in these fraudulent e-mails are directed to web pages that host malicious code and software. Do not follow web links in unsolicited e-mails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual. If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove the malicious code or re-install a clean image of the computer system.
= = = = = Sample Phishing E-Mail = = = = =
From: email@example.com [mailto:firstname.lastname@example.org]
Sent: Sunday, May 15, 2011 7:32 AM
To: Doe, John
Subject: ACH transaction rejected
The ACH transfer (ID: 65388185980), recently sent from your checking account (by you or any other person), was cancelled by the Electronic Payments Association [or "other financial institution"].
Please click here to view report.
= = = = = = = = = = = = = = = = = =