FRAUDULENT "ACH AND WIRE TRANSFERS" E-MAILS
Fraudulent e-mails claiming to be from the FDIC are in circulation:
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being from the FDIC. The e-mails appear to be sent from various “@fdic.gov” e-mail addresses, such as “email@example.com,” “firstname.lastname@example.org,” or “email@example.com.” They have various subject lines such as “Update for your banking account,” “ACH and Wire transfers disabled,” and “Banking security update.”
The fraudulent messages state:
Your account ACH and Wire transactions have been temporarily suspended for your Security, due to the expiration of your security version. To download and install the newest Updates, follow this link. As soon as it is set up, your transaction abilities will be fully restored. Best regards, Online security department, Federal Deposit Insurance Corporation.”
These e-mails and links are fraudulent and were not sent by the FDIC. Recipients should consider these e-mails an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT install any related files or software updates.
Financial institutions and consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names, and narratives. The FDIC does not directly contact bank customers, nor does the FDIC request bank customers to install software upgrades.
Information about counterfeit items, cyber-fraud incidents, and other fraudulent activity may be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 3501 North Fairfax Drive, CH-11034, Arlington, Virginia 22226, or transmitted electronically to firstname.lastname@example.org. Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.
For your reference, FDIC Special Alerts may be accessed from the FDIC’s Web site at www.fdic.gov/news/news/SpecialAlert/2011/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
NEW IDENTITY THEFT ALERT
Notice of warning to all our customers here at Bank of Santa Clarita:
During the last few days we have heard from some staff and from a few customers of our bank that they have received emails which were allegedly from the U.S. Federal Reserve System and/or from NACHA (The Electronic Payments Association) warning them that a Wire Transfer or account ACH transaction was not processed for their account or had been cancelled. These emails then go on to request some action be taken by our customers / staff including opening a report, visiting a website, providing some transaction details and/or providing some confidential information in order to complete the transaction.
You should know that Bank of Santa Clarita would never contact you by phone or email to request any personal or confidential information about you, our customer, nor would we have you provide any such information to any third parties at any time. These recent emails and related requests are not from our Bank but instead are all fraudulent and should not be responded to in any way. We warn you not to reply to these emails but instead to permanently delete them off your computers. We warn you not to visit any suggested websites and not to provide any information whether personal or general in nature.
Your ongoing customer satisfaction and safety remains our highest priority at Bank of Santa Clarita. If you should receive emails supposedly from the U.S. Federal Reserve System, from NACHA (The Electronic Payments Association), or from any other third parties, please follow the guidance below:
Please visit the Federal Trade Commission's website at www.consumer.gov/idtheft/ or contact the FTC directly for additional information.
FRAUDULENT FDIC E-MAIL MESSAGES FALSELY CLAIMING SUSPENSION OF DEPOSIT INSURANCE
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that "in cooperation with the Department of Homeland Security, federal, state and local governments…" the FDIC has withdrawn deposit insurance from the recipient's account "due to account activity that violates the Patriot Act." It further states deposit insurance will remain suspended until identity and account information can be verified using a system called "IDVerify." If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient's computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to email@example.com.
For your reference, FDIC Special Alerts may be accessed from the FDIC's Web site at www.fdic.gov/news/news/SpecialAlert/2011/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
NOTICE OF CHANGES IN TEMPORARY INSURANCE COVERAGE
FOR TRANSACTION ACCOUNTS
All funds in a “noninterest-bearing transaction account” are insured in full by the Federal Deposit Insurance Corporation from December 31, 2010, through December 31, 2012. This temporary unlimited coverage is in addition to, and separate from, the coverage of at least $250,000 available to depositors under the FDIC’s general deposit insurance rules.
The term “noninterest-bearing transaction account” includes a traditional checking account or demand deposit account on which the insured depository institution pays no interest. It also includes Interest on Lawyers Trust Accounts (IOLTAs). It does not include other accounts, such as traditional checking or demand deposit accounts that may earn interest, NOW accounts, and money-market deposit accounts.
For more information about temporary FDIC insurance coverage of transaction accounts, visit www.fdic.gov.
E-MAIL CLAIMING TO BE FROM THE FDIC – APRIL 30, 2010
The subject line of the e-mails state: “Just for your time.” The e-mail tells recipients that, “The Federal Deposit Insurance Corporation Online department kindly asks you to take part in our quick and easy 5 questions survey.” It attempts to entice recipients to take the “survey” by telling them “In return we will credit $50.00 to your account – Just for your time!” The e-mail then directs recipients to click on a link to take the survey (a fraudulent link is provided).
This e-mail and associated Web site are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end user’s computers.
The FDIC does not issue unsolicited e-mails to consumers. Financial institutions and consumers should NOT follow the link in the fraudulent e–mail.
“MONEY MULE” ATTACKS
The American Bankers’ Association is asking all banks to advise their customers to be alert for “Money Mule” attacks - funds-transfer fraud that most recently has involved exploiting the valid online banking credentials of small- and medium-sized businesses. In a typical scenario, the targeted entity (small- or medium-sized business) receives a “spear fishing” e-mail which either contains an infected attachment, or directs the recipient (small- or medium-sized business) to an infected Web site.
When recipients open the attachment or visit the Web site, malware is installed on their computer that harvests their business or corporate bank account log-in information. The victims in this scheme are called “money mules” because they simply serve as a conduit between the business bank account and the hacker’s bank account. In most cases, the funds disappear into a foreign bank account too quickly for the cyber-theft trail to be detected.
Do not open e-mails or e-mail attachments from sources unknown to you or your business. It is in your best interest to delete them immediately. Be very cautious if an e-mail from an unknown source directs you to a Web site, as these Web Sites are often infected and can contain malware.
PHISHING SCAM ALERT
Bank of Santa Clarita (BOSC) would like to warn you about a current phishing scam directed at various banks, including BOSC Personal Online Banking and Cash Management customers. This scam targets users by sending e-mails that appear to be from an official source of BOSC’s third party vendor (Digital Insight) for example, “Digital Insight Customer Care”, or “Digital Insight Administration”, etc…
This scam is designed to trick the recipient into clicking a link in the e-mail for the purpose of acquiring sensitive data, such as passwords or financial information. BOSC Personal Online Banking and Cash Management users are advised to NEVER click links or install programs suggested in e-mails, even if the e-mail appears to be from an official or familiar source. BOSC and its third party vendors (example Digital Insight) will never send customer e-mails containing links to download software or applications; or request sensitive data such as passwords, financial information, or non-public personally identifiable information.
If you have received an e-mail(s) such as that described above, you are advised to immediately delete the e-mail(s) and be careful not to take the actions requested.
If you have questions about this communication, or wish to report what you believe to be a phishing incident, please contact the bank at (661) 362-6000.
Looking for a way to keep large deposits safe? Ask us about CDARS®. It’s a great solution for: businesses * nonprofit organizations * public funds managers * trustees * financial advisors * individuals * credit unions * IRAs.