We are committed to helping our clients protect themselves against identity theft and account fraud. Communication is often the key in preventing and minimizing fraud. Please refer to this page often for updates on the latest fraud alerts.
Reports of DHS-Themed Ransomware
3/21/2013 – The United States Computer Emergency Readiness Team (US-CERT) has received reports of apparent Department of Homeland Security (DHS) ransomware occurring in the wild. Users who are being targeted by the ransomware receive an email message claiming that use of their computer has been suspended and that the user must pay a fine to unlock it. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division. Users who are infected with the malware should consult with a reputable security expert to assist in removing the malware, or perform a clean reinstallation of their operating system after formatting their computer's hard drive. Other preventative measures to protect from phishing scams and malware can be accessed here.
E-mail Claiming to Be From the FDIC
1/30/2013 – The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC. While the e-mails exhibit variations in the "From" and "Subject" lines, the messages are similar. The fraudulent e-mails are addressed to the attention of the “Accounting Department” and meant to notify recipients that “ACH and WIRE transactions” are being blocked until “a special security software” is installed. They then instruct recipients to go to a Web site for instructions on how to download the necessary files by clicking on a hyper-link provided (Note: the Web site addresses (URL) vary widely). This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided. The FDIC does not issue unsolicited e-mails to consumers or business account holders.
Phishing Alert: FBI Warns of Malware in Attempt to Extort Money
8/17/12 – The FBI released an where the IC3 has been made aware of a new Citadel malware platform used to deliver ransomware named Reveton. The ransomware lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States federal law. The message further declares the user’s IP address has been identified by the Federal Bureau of Investigation as visiting websites that feature child pornography and other illegal content. To unlock the computer, the user is instructed to pay a fine to the U.S. Department of Justice using a prepaid money card service. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud. If you have received this or something similar, do not follow payment instructions. Infected computers may not operate normally. Be aware that even if you are able to unfreeze your computer on your own, the malware may still operate in the background. Certain malware can capture personal information such as user names, passwords, and credit card numbers through keystroke logging programs. If your computer is infected, you may need to contact a local computer expert for assistance to remove the malware.
Phishing Alert: E-mails Claiming to be from the BBB
11/23/2011 – The Better Business Bureau is issuing an urgent SCAM alert cautioning businesses and consumers about an email that is purporting to be from a bbb.org email address about a recently filed complaint. The email contains a dangerous attachment regarding a complaint and appears to direct recipients to the BBB website. This is a scam – BBB does not send complaints as attachments via email. The email appears to come from a fake BBB employee claiming that the recipient needs to review this matter and advise the BBB of their position. From there, the email appears to direct the recipient to the BBB website, but actually directs them to an outside link. This email is fraudulent and does not originate from the BBB. The email attachment and link are malicious and it is strongly advised to not open or click them. Should you receive such an email, please disregard its message, and report any information received to BBB’s Scam Source, and then delete it. If you have clicked on the link, immediately do a virus scan.
Phishing Alert: Fraudulent E-mails Claiming to be from NACHA
5/15/2011 – The National Automated Clearing House Association (NACHA) continues to receive reports that individuals and/or companies have received fraudulent e-mail that has the appearance of having been sent from NACHA. These e-mails vary in content and format, and appear to be transmitted from e-mail addresses associated with the NACHA domain (@nacha.org). The spoofed e-mail addresses include: ach@nacha.org, admin@nacha.org, alert@nacha.org, info@nacha.org, payment@nacha.org, transactions@nacha.org, and transfers@nacha.org. Some bear the name of fictitious NACHA employees and/or departments.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals and organizations about individual ACH transactions that they originate or receive. NACHA has requested that you please forward fraudulent e-mails claiming to be from NACHA to abuse@nacha.org. The links in these fraudulent e-mails are directed to web pages that host malicious code and software. Do not follow web links in unsolicited e-mails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual. If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove the malicious code or re-install a clean image of the computer system.
= = = = = Sample Phishing E-Mail = = = = =
From: payment@nacha.org [mailto:payment@nacha.org]
Sent: Sunday, May 15, 2011 7:32 AM
To: Doe, John
Subject: ACH transaction rejected
The ACH transfer (ID: 65388185980), recently sent from your checking account (by you or any other person), was cancelled by the Electronic Payments Association [or "other financial institution"].
Please click here to view report.
---------------------------------------------------
Otto Tobin,
Risk Manager
= = = = = = = = = = = = = = = = = =