Security Notices Updates
Think it's E-Z Pass?
August 12, 2014
by Lisa Weintraub Schifferle
Love breezing through tollbooths with your E-Z Pass? A new scam is taking advantage of that.
Here's how it works: You get an email that appears to be from E-Z Pass. It has the E-Z Pass logo, and says you owe money for driving on a toll road. It also provides a link to click for your invoice.
Guess what? The email isn't from E-Z Pass. If you click on the link, the crooks running this scam may put malware on your machine. And if you respond to the email with your personal information, they're likely to steal your identity.
This E-Z Pass email is the latest in a long line of phishing scams, where fraudsters pretend to be legitimate businesses as a way to get access to people's personal information. But adopting a few online security habits can help you avoid phishing scams:
- Never click on links in emails unless you're sure who sent you the message.
- Don't respond to any emails that ask for personal or financial information. Email isn't a secure way to send that information.
- Type an organization's URL yourself, and don't send personal or financial information unless the URL begins withhttps (the "s" stands for secure).
- If an email looks like it is from E-Z Pass, contact E-Z Pass customer service to confirm that it is really from them.
- Keep your computer security software current.
If you might have been tricked by a phishing email:
- Forward it to firstname.lastname@example.org and to the company impersonated in the email.
- File a complaint with the Federal Trade Commission.
- Visit the FTC's Identity Theft website. Victims of phishing could become victims of identity theft, but there are steps to take to reduce your risk.
OnGuardOnline.gov has more information about phishing scams.
Telephone Scam Alleging a Relative is in a Financial or Legal Crisis
The Internet Crime Complaint Center continues to receive reports of telephone scams involving calls that claim their "relative" is in a legal or financial crisis. These complaints are sometimes referred to as the "Grandparent Scam." Scammers use scenarios that include claims of a relative being arrested or in a car accident in another country. Scammers often pose as the relative, create a sense of urgency and make a desperate plea for money to victims. It is not unusual for scammers to beg victims not to tell other family members about the situation.
The scammers also impersonate third parties, such as an attorney, law enforcement officer, or some other type of official, such as a U.S. Embassy representative. Once potential victims appear to believe the caller's story, they are provided instructions to wire money to an individual, often referred to as a bail bondsman, for their relative to be released.
Some complainants have reported the callers claimed to be from countries including, but not limited to: Canada, Mexico, Haiti, Guatemala, and Peru.
Callers often disguise themselves by using telephone numbers generated by free applications or by spoofing their numbers.
If you receive this type of call:
- Resist the pressure to act quickly.
- Verify the information before sending any money by attempting to contact your relative to determine whether or not the call is legitimate.
- Never wire money based on a request made over the phone or in an e-mail, especially to an overseas location. Wiring money is like giving cash-once you send it, you cannot get it back.
Individuals who have fallen victim to this type of scam are encouraged to file a complaint with the Internet Crime Complaint Center.
IRS Warns of Tax-time Scams
It's true: tax scams proliferate during the income tax filing season. This year's season opens on Jan. 31. The IRS provides the following scam warnings so you can protect yourself and avoid becoming a victim of these crimes:
- Be vigilant of any unexpected communication purportedly from the IRS at the start of tax season.
- Don't fall for phone and phishing email scams that use the IRS as a lure. Thieves often pose as the IRS using a bogus refund scheme or warnings to pay past-due taxes.
- The IRS doesn't initiate contact with taxpayers by email to request personal or financial information. This includes any type of e-communication, such as text messages and social media channels.
- The IRS doesn't ask for PINs, passwords or similar confidential information for credit card, bank or other accounts.
- If you get an unexpected email, don't open any attachments or click on any links contained in the message. Instead, forward the email to: email@example.com. For more about how to report phishing scams involving the IRS visit the genuine IRS website, www.IRS.gov.
Here are several steps you can take to help protect yourself against scams and identity theft:
- Don't carry your Social Security card or any documents that include your Social Security number or Individual Taxpayer Identification Number.
- Don't give a business your SSN or ITIN just because they ask. Give it only when required.
- Protect your financial information.
- Check your credit report every 12 months.
- Secure personal information in your home.
- Protect your personal computers by using firewalls and anti-spam/virus software, updating security patches and changing passwords for Internet accounts.
- Don't give personal information over the phone, through the mail or on the Internet unless you have initiated the contact and are sure of the recipient.
- Be careful when you choose a tax preparer. Most preparers provide excellent service, but there are a few who are unscrupulous. Refer to Tips to Help you Choose a Tax Preparer for more details.
"One-ring" Cell Phone Scam Can Ding Your Wallet
February 10, 2014
Who's calling now? That number doesn't ring a bell. Hold the phone, says the Federal Trade Commission. You could be a potential victim of the growing "one-ring" cell phone scam.
Here's how it works: Scammers are using auto-dialers to call cell phone numbers across the country. Scammers let the phone ring once - just enough for a missed call message to pop up.
The scammers hope you'll call back, either because you believe a legitimate call was cut off, or you will be curious about who called. If you do, chances are you'll hear something like, "Hello. You've reached the operator, please hold." All the while, you're getting slammed with some hefty charges - a per-minute charge on top of an international rate. The calls are from phone numbers with three-digit area codes that look like they're from inside the U.S., but actually are associated with international phone numbers - often in the Caribbean. The area codes include: 268, 284, 473, 664, 649, 767, 809, 829, 849 and 876.
If you get a call like this, don't pick it up and don't call the number back. There's no danger in getting the call: the danger is in calling back and racking up a whopping bill.
If you're tempted to call back, do yourself a favor and check the number through online directories first. They can tell you where the phone number is registered.
If you've been a victim of the "one-ring" scam, try to resolve the charges with your cell phone carrier. If that doesn't work, file a complaint with the Federal Trade Commission and the Federal Communications Commission.
And as a general rule: Read your phone bill often - line by line. If you don't recognize or understand a charge, contact your carrier.
Fake Funeral Notice Can Be Deadly - For Your Computer
February 12, 2014
Scam artists are forever trying to trick people into clicking on links that will download malware to their computers. But the latest scam takes the tricks to a new low. Scammers are sending bogus emails with the subject line "funeral notification." The message appears to be from a legitimate funeral home, offers condolences, and invites you to click on a link for more information about the upcoming "celebration of your friend's life service." But instead of sending you to the funeral home's website, the link sends you to a foreign domain where the scammers download malware to your computer.
Malware, short for "malicious software," includes viruses and spyware that get installed on your computer without your consent. These programs can cause your device to crash and can be used to monitor and control your online activity. Criminals use malware to steal personal information, send spam, and commit fraud.
If you get an email about a friend or loved one's passing, the Federal Trade Commission, the nation's consumer protection agency, says hit Delete. Don't click on the link. You may then want to contact the funeral home or family directly to verify the information.
To reduce your risk of downloading unwanted malware and spyware:
- Keep your security software updated.
- Don't click on any links or open any attachments in emails unless you know who sent it and what it is.
- Download and install software only from websites you know and trust.
- Make sure your browser security setting is high enough to detect unauthorized downloads.
- Use a pop-up blocker and don't click on any links within pop-ups.
- Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers use to spread malware.
- Back up your data regularly.
CryptoLocker Ransomware Encrypts Users' Files
October 28, 2013
The FBI is aware of a file encrypting Ransomware known as CryptoLocker. Businesses are receiving e-mails with alleged customer complaints containing an attachment that when opened, appears as a window and is in fact a malware downloader. This downloader then downloads and installs the actual CryptoLocker malware.
The verbiage in the window states that important files have been encrypted using a unique public key generated for the computer. To decrypt the files, you need to obtain the private key. A copy of the private key is located on a remote server that will destroy the key after the specified time shown in the window. The attackers demand a ransom of $300 to be paid in order to decrypt the files.
Unfortunately, once the encryption of the files is complete, decryption is not feasible. To obtain the file specific Advanced Encryption Standard (AES) key to decrypt a file, you need the private RSA key (an algorithm for public key cryptography) corresponding to the RSA public key generated for the victim's system by the command and control server. However, this key never leaves the command and control server, putting it out of reach of everyone except the attacker. The recommended solution is to scrub your hard drive and restore encrypted files from a backup.
As with any virus or malware, the way to avoid it is with safe browsing and e-mail habits. Specifically, in this case, be wary of e-mail from senders you don't know and never open or download an attachment unless you're sure you know what it is and that it's safe. Be especially wary of unexpected email from postal/package services and dispute notifications.
If you have been a victim of an internet scam, please file a complaint at www.ic3.gov.
Beta Bot Malware Blocks Uerts Anit-Virus Programs
October 2, 2014
The FBI is aware of a new type of malware known as Beta Bot. Cyber criminals use Beta Bot to target financial institutions, e-commerce sites, online payment platforms, and social networking sites to steal sensitive data such as log-in credentials and financial information. Beta Bot blocks computer users' access to security websites and disables anti-virus programs, leaving computers vulnerable to compromise.
Beta Bot infection vectors include an illegitimate but official looking Microsoft Windows message box named "User Account Control" that requests a user's permission to allow the "Windows Command Processor" to modify the user's computer settings. If the user complies with the request, the hackers are able to exfiltrate data from the computer. Beta Bot is also spread via USB thumb drives or online via Skype, where it redirects the user to compromised websites.
Figure 1, Beta Bot "Windows Command Process" message box
Although Beta Box masquerades as the "User Account Control" message box, it is also able to perform modifications to a user's computer. If the above pop-up message or a similar prompt appears on your computer and you did not request it or are not making modifications to your system's configuration, do not authorize "Windows Command Processor" to make any changes.
Remediation strategies for Beta Bot infection include running a full system scan with up-to-date anti-virus software on the infected computer. If Beta Bot blocks access to security sites, download the latest anti-virus updates or a whole new anti-virus program onto an uninfected computer, save it to a USB drive and load and run it on the infected computer. It is advisable to subsequently re-format the USB drive to remove any traces of the malware.
Cyber Criminals Continnue to Uer Spear-Phishing Attacks to Compromise Computer Networks
The FBI has seen an increase in criminals who use spear-phishing attacks to target multiple industry sectors. These attacks allow criminals to access private computer networks. They exploit that access to create fake identities, steal intellectual property, and compromise financial credentials to steal money from victims' accounts.
In spear-phishing attacks, cyber criminals target victims because of their involvement in an industry or organization they wish to compromise. Often, the e-mails contain accurate information about victims obtained via a previous intrusion, or from data posted on social networking sites, blogs, or other websites. This information adds a veneer of legitimacy to the message, increasing the chances the victims will open the e-mail and respond as directed.
Recent attacks have convinced victims that software or credentials they use to access specific websites needs to be updated. The e-mail contains a link for completing the update. If victims click the link, they are taken to a fraudulent website through which malicious software (malware) harvests details such as the victim's usernames and passwords, bank account details, credit card numbers, and other personal information. The criminals can also gain access to private networks and cause disruptions, or steal intellectual property and trade secrets.
To avoid becoming a victim, keep in mind that online businesses, including banks and merchants, typically will not ask for personal information, such as usernames and passwords, via e-mail. When in doubt either call the company directly or open your computer's Internet browser and type the known website's address. Don't use the telephone number contained in the e-mail, which is likely to be fraudulent as well.
In general, avoid following links sent in e-mails, especially when the sender is someone you do not know, or appears to be from a business advising that your account information needs updated.
Keep your computer's anti-virus software and firewalls updated. Many of the latest browsers have a built-in phishing filter that should be enabled for additional protection.
Boston Marathon Bombing is Being Used to Disseminate Malware and Conduct Financial Fraud
Turbo Tax - State Refund Has Been Rejected
Notice: If you receive emails that appear to be from TurboTax stating that "Your State Return Has Been Rejected," please be aware that these are not from Westfield Bank or TurboTax. Please do not open the attachment and do not forward the email. Delete the email.
If you have any additional questions or concerns, please contact us at 413-568-1911 or 1-800-995-5734.
ABA Recognizes Data Privacy Day with Three Keys to Security Success
WASHINGTON - In recognition of Data Privacy Day on Jan. 28, the American Bankers Association is urging bank customers to take an active role in protecting their privacy. Banks use a combination of safeguards to protect customer data, which allows them to detect unusual spending patterns and protect accounts. Customers also play an important role in safeguarding personal financial information.
"Banks protect customer privacy because their future depends on it," said Frank Keating, ABA president and CEO. "While banks provide strong data protections, customers are the first line of defense. A partnership between banks and customers is the most effective way to protect financial data."
To help ensure the safety of personal information, customers should follow these three tips:
- Create c0mplic@t3d passwords. Avoid birthdays, pet names and simple passwords like 12345. It is also important to change passwords at least three times a year. Because friendly theft - theft by someone the victim knows - is the most common type of identity theft or fraud, don't share your passwords with family members and be mindful of who has access to your personal information.
- Continually monitor accounts. Check account activity and online statements often, instead of waiting for the monthly statement. You are the first line of defense because you know right away if a transaction is fraudulent. If you notice unusual or unauthorized activity, notify your bank right away. When a customer reports an unauthorized transaction, the bank will cover the loss and take measures to protect the account.
- Protect yourself online. Be sure computers and mobile devices are equipped with up-to-date anti-virus and malware protection. Never give out your personal financial information in response to an unsolicited email, no matter how official it may seem. Your bank will never contact you by email asking for your password, PIN, or account information. Only open links and attachments from trusted sources. When submitting financial information on a website, look for the padlock or key icon at the top or bottom of your browser, and make sure the Internet address begins with "https." This signals that your information is secure during transmission.
If you are a victim of fraud and suspect your personal information has been compromised, you should take the following steps:
• Call your bank and credit card issuers immediately so they can take necessary steps to protect your account.
• File a police report and call the fraud unit of the three credit-reporting companies.
• Consider placing a victim statement in your credit report
• Make sure to maintain a log of all the contacts you make with authorities regarding the matter. Write down names, titles, and phone numbers in case you need to re-contact them or refer to them in future correspondence.
• For more advice, contact the FTC's ID Theft Consumer Response Center at 1-877-ID THEFT (1-877-438-4338) or www.ftc.gov/idtheft.
Data Privacy Day commemorates the 1981 signing of the first legally binding international treaty dealing with privacy and data protection. It is led by the National Cyber Security Alliance, a non-profit, public private partnership focused on cyber security education for all online citizens.
The American Bankers Association represents banks of all sizes and charters and is the voice for the nation's $14 trillion banking industry and its two million employees. Learn more at aba.com.
Citadel Malware Continues to Deliver Reveton Ransomware in Attempts to Extort Money
January 3, 3013
A new extortion technique is being deployed by cyber-criminals using the Citadel malware platform to deliver Reveton ransomware. The latest version of the ransomware uses the name of the Internet Crime Complaint Center to frighten victims into sending money to the perpetrators. In addition to instilling a fear of prosecution, this version of the malware also claims that the user's computer activity is being recorded using audio, video, and other devices.
As described in prior alerts on this malware, it lures the victim to a drive-by download website, at which time the ransomware is installed on the user's computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law. The message further declares that a law enforcement agency has determined that a computer using the victim's IP address has accessed child pornography and other illegal content.
To unlock the computer, the user is instructed to pay a fine using prepaid money card services. The geographic location of the user's PC determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud. Below is a screenshot of the new variation.
This is not a legitimate communication from the IC3, but rather is an attempt to extort money from the victim. If you have received this or something similar do not follow payment instruction.
It is suggested that you:
• File a complaint at www.IC3.gov.
• Keep operating systems and legitimate antivirus and antispyware software updated.
• Contact a reputable computer expert to assist with removing the malware.
More info on the IC3 website can be found here: http://www.ic3.gov/media/2012/120809.aspx
"USPS Delivery Problem" Spam Leads to Malware
November 13, 2012
If you are a regular user of the United States Postal Service, beware of fake emails seemingly coming from the company, telling you that they have failed to deliver one of your packages on time.
Hoax-Slayer warns that with the USPS logo, delivery bar code and shipping numbers, the spoofed notification certainly looks rather legitimate:
Unfortunately, it's not, and the link that will supposedly take you to the shipping label that you are urged to print out and take to the nearest "UPS" office will actually lead you to a compromised website that will automatically download a file named Shipping_Label_USPS.zip.
The file contained in it is a downloader Trojan that at the time when the spam campaign was first spotted had an extremely low detection rate.
IRS Tax Refund Emails Are Fakes
February 16, 2012
Early spring is tax season...and tax scam season. For the next two months, scammers are busy capitalizing on the country's anxiousness to file their taxes and eagerness to get a refund. This week's iteration is a phishing email appearing to come from the IRS.
What does the scam look like?
The phishing email uses the IRS name and logo and informs recipeints that they are eligible for a tax refund. The message encourages them to click on a link and log into the IRS website to complete a form. Of course, the link leads to a third party website that downloads a virus on to reciepient's computer.
Steps to take:
- Do not reply or click on the link in the email
- Forward fake IRS emails to firstname.lastname@example.org
- Delete the email
See BBB.org's complete scam directory for more information about breaking scams in your area.
Reporting Phone Fraud
Many phone sales pitches are made on behalf of legitimate organizations offering genuine products and services. Unfortunately, scammers also use the telephone to commit fraud. That's why the Federal Trade Commission (FTC) encourages you to be skeptical when you hear a phone solicitation and to report it if you think the call may be fraudulent.
Your complaint counts! Fight telephone fraud. Report telephone scam artists to the FTC and to your state Attorney General. When you report phone fraud to the FTC, your complaint is entered into a secure database that is available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad. By reporting telemarketing fraud, you are providing important information to help law enforcement officials track down scam artists and stop them.
Reporting Telemarketing Fraud
• Where to report: If you get a call you suspect is fraudulent, report it to the FTC and to your State Attorney General.
• What information to provide: When you report telemarketing fraud, your information may help local and federal law enforcers investigate the scammers. Provide the telemarketer's name or phone number, as well as the date and time of the call.
• Why: Your complaint is entered into the FTC's Consumer Sentinel system: a secure, online database used by more than 1,000 civil and criminal law enforcement agencies.
The National Do Not Call Registry
The National Do Not Call Registry gives you an opportunity to limit the telemarketing calls you receive. Once you register your phone number, telemarketers covered by the Telemarketing Sales Rule have up to 31 days from the date you register to stop calling you. You can register your number here or by calling toll-free 1-888-382-1222 from the number you wish to register. Registration is free.
Placing your number on the National Do Not Call Registry will stop most telemarketing calls, but not all. Calls from or on behalf of political organizations, charities, and telephone pollsters are still permitted.
Organizations with which you have an established business relationship can call you for up to 18 months after your last purchase, payment, or delivery - even if your number is on the National Do Not Call Registry. And companies to which you've made an inquiry or submitted an application can call you for three months.
If your number has been on the National Do Not Call Registry for at least 31 days and you receive a call from a telemarketer that you believe is covered by the National Do Not Call Registry, you can file a complaint at the registry's website or by calling the registry's toll-free number at 1-888-382-1222 (for TTY, call 1-866-290-4236). To file a complaint, you must know either the name or telephone number of the company that called you, and the date the company called you.
Avoid Tech Support Phone Scams
Cybercriminals don't just send fraudulent email messages and set up fake websites. They might also call you on the telephone and claim to be from Microsoft. They might offer to help solve your computer problems or sell you a software license. Once they have access to your computer, they can do the following:
- Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
- Take control of your computer remotely and adjust settings to leave your computer vulnerable.
- Request credit card information so they can bill you for phony services.
- Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.
Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.
Telephone Tech Support Scams: What You Need to Know
Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you're using.
Once they've gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.
Do not trust unsolicited calls. Do not provide any personal information.
Here are some of the organizations that cybercriminals claim to be from:
- Windows Helpdesk
- Windows Service Center
- Microsoft Tech Support
- Microsoft Support
- Windows Technical Department Support Group
- Microsoft Research and Development Team (Microsoft R & D Team)
Report Phone Scams
Learn about how to report phone fraud in the United States. Outside of the US, contact your local authorities.
How to protect yourself from telephone tech support scams
If someone claiming to be from Microsoft tech support calls you:
- Do not purchase any software or services
- Ask if there is a fee or subscription associated with the "service." If there is, hang up.
- Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
- Take the caller's information down and immediately report it to your local authorities.
- Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
What to do if you already gave information to a tech support person:
If you think that you might have downloaded malware from a phone tech support scam website or allowed a cybercriminal to access your computer, take these steps:
- Change your computer's password, change the password on your main email account, and change the password for any financial accounts, especially your bank and credit card.
- Scan your computer with the Microsoft Safety Scanner to find out if you have malware installed on your computer.
- Install Microsoft Security Essentials. (Microsoft Security Essentials is a free program. If someone calls you to install this product and then charge you for it, this is also a scam.)
Will Microsoft ever call me?
There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer-such as during the recent cleanup effort begun in our botnet takedown actions. These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.
FBI Warns of Cyber Attacks Against Banks and Their Customers
The FBI is warning that computer crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to detract attention away from simultaneous high-dollar cyber heists.
The bureau says the attacks coincide with corporate account takeovers perpetrated by thieves who are using a modified version of the ZeuS Trojan that's being called "Gameover." The thefts come after a series of heavy spam campaigns aimed at deploying the malware, which arrives disguised as an email from the National Automated Clearing House Association (NACHA), a not-for-profit group that develops operating rules for organizations that handle electronic payments. The ZeuS variant steals passwords and gives attackers direct access to the victim's PC and network.
Equifax Corporate Security has received notice that customers have received fraudulent emails claiming to be from Equifax. These emails state that attached is the credit report requested from Equifax and if there are any problems with the credit report to contact Equifax. There is a reference number of 000012-91273771 (or other reference numbers may be used) in the subject line of the email and a .pdf file is attached.
It has been determined that this attachment contains malware. This email is not from Equifax and Equifax does not send credit reports via email. If you receive this email, please do not open the attachment and delete the email. If you have opened the attachment, it is a zero day threat and will not be discovered with regular anti-virus. Please immediately contact your technical support team for assistance.
Smishing-SMS Text Message Scam
Westfield Bank has been notified of a smishing scam occurring in our communities. Please be advised that the bank at no time will call you and request any account or financial information over the phone. If you should receive a call, please notify the bank and authorities immediately. Again, Please Do Not Give Out Any Account or Financial Information to Anyone Over The Phone.
Fraudulent Emails Claiming to be from NACHA
(Phishing Alert Update 03/11/2011)
Further to its notice of February 22, 1011, NACHA - The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.
Always use anti-virus software and ensure that the virus signatures are automatically updated.
Ensure that the computer operating systems and common software application security patches are installed and current.
Dangerous IRS Spam Run in Circulation
February 16, 2011
Security researchers from e-mail security provider AppRiver warn of a new IRS-themed spam campaigns that takes advantage of the tax filing period to distribute a variant of the infamous ZeuS banking trojan. The rogue e-mails bear a subject of "Your Federal Tax Payment Notice sn#######" (where # is a digit) and have forged headers to appear as they originate from an IRS address. The message advises recipients that their tax return filing was rejected by the Electronic Federal Tax Payment System (EFTPS) and asks them to correct the error.
E-mails fraudulently claiming to be from the FDIC are attempting to get recipients to click on a link, which may ask them to provide sensitive personal information. These e-mails falsely indicate that FDIC deposit insurance is suspended until the requested customer information is provided.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The email informs the recipient that "in cooperation with the Department of Homeland Security, federal, state and local governments..." the FDIC has withdrawn deposit insurance from the recipient's account "due to account activity that violates the Patriot Act." It further states deposit insurance will remain suspended until identity and account information can be verified using a system called "IDVerify." If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient's computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to email@example.com.