Email Scams
Below is an example email of a phishing scam being executed by individuals posing as Visa Services:
Please note that this email is not legitimate and do not click on the e-mail’s provided link, which directs users to a page requesting confirmation of members’ full 16 digit credit card numbers and PIN numbers.
Dear VISA Cardholder,
A recent review of your transaction history determined that your card was used at an ATM located in France, but for security reasons the requested transaction was refused. Please carefully review an electronic report for your VISA card at:
SAMPLE LINK
VISA Cards Support
If you receive a message similar to the one below, please do not click the attached link as it may cause substantial damage to your operating system or may result in the loss of your personal financial information.
From: Electronic Payments Association [mailto:ach@nacha.org]
Subject: Rejected ACH Transaction
Dear Bank Account Holder,
The ACH transaction, recently initiated from your bank account (by you = or any other person), was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below…
The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails appearing to be sent from the FDIC that are asking recipients to download and open a “personal FDIC insurance file” to check their deposit insurance coverage. These e-mails are fraudulent and were not sent by the FDIC. The FDIC is attempting to identify the source of the e-mails and disrupt the transmission.
Currently, the subject line of the fraudulent e-mails includes the wording “check your Bank Deposit Insurance Coverage.” The e-mails state: “You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets.”
The e-mails ask recipients to “visit the official FDIC website” by clicking on a hyperlink provided, which appears to be related to the FDIC and directs recipients to a fraudulent Web site. The Web site includes hyperlinks that appear to open forms. However, it is believed that clicking on the hyperlinks will cause an unknown executable file to be downloaded. While the FDIC is working with the United States Computer Emergency Readiness Team (US-CERT) to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to online banking services or to conduct identity theft. Consumers should NOT access the Web site or download the executable files provided on the Web site.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-3054, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Information related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp
For your reference, FDIC Special Alerts may be accessed from the FDIC’s website at www.fdic.gov/news/news/SpecialAlert/2009/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
Consumers are receiving emails that falsely claim to be from the Credit Union National Association. These emails warn the consumer that their ATM Card has been deactivated and give instructions for reactivation. The subject of the email reads:You Have [1] New Alert Message!
The body of the email reads as follows:
“This communication was sent to safeguard your account against any
unauthorized activity.
Credit Union National Association is aware of new phishing e-mails that are circulating. The e-mails request consumers to click on a link within the e-mail.
We have reason to believe that you recently received a phishing email. For your security, we have deactivated your ATM Card.
How to reactivate your ATM Card :
Please call us [ASAP] at: +1 (419)-465-8427
Our automated system allows you to quickly reactivate your ATM Card!
What you need to reactivate your card online?
- ATM Card Number
- ATM Card Expiration Date (MM/YY)
- ATM Personal Identification Number (ATM PIN Code)
ATM Card activation will take approximately one minute to complete.
Phishing emails are being received by consumers, the majority of which are residents within retirement communities. The emails being sent have a subject of “Confirm” and once opened are labeled “ATTENTION: WINNER“. In the closing of the email, consumers are asked to enter personal information in a reply email to claim their prize. The following is an example of how the body of the emails in question may read: “This is to inform you that you have been selected for a cash prize of $XXX,XXX,XX (British Pounds) of our monthly promo and this promotion was held in London UK on the 10th of April 2009 and released today the 29th of April 2009. The selection was carried out through a Computer Random Selection System and your email address came out as one of the Three Lucky Winners.“*Please note that the dates and other information may differ slightly from those listed above.
Credit Union of Georgia would like to ensure the safety of all our members. To help prevent you from becoming a victim of fraud, Credit Union of Georgia would like to remind you of the following information:The IRS will never contact you via email asking for your personal information to correct tax return errors or offer Economic Stimulus Packages. In addition, the IRS will also never ask you to provide a Credit or Debit Card Number for tax refund purposes. It is important to know that links to websites and documents provided in these types of emails often look authentic, but are actually ruses used to collect information for identity theft purposes. Links of this nature also often contain viruses that may be detrimental to your computer’s operations.
Potential identity thieves are allegedly posing as Internal Revenue Service Representatives and sending spam emails promising Government Economic Stimulus Packages. The email asks consumers to download an attachment masked as a form required by the IRS to receive check payment. However, the document is actually an identity theft tool used to steal the personal information of the recipient.Potential identity thieves are also allegedly posing as Internal Revenue Service Representatives and sending spam emails requesting that the recipient verify their personal information so that their taxes can be filed properly and a refund can be issued. The link provided in the email is routed to a website that records and stores the user’s personal information for identity theft purposes.In addition, Credit Union of Georgia has also been alerted that emails are being sent promising information on how to obtain Economic Stimulus Grants. These emails often contain fake testimonials such as “I found the grant I needed, filled out the forms, and sent them in. In two weeks, I received a check for $100,000!” The link within these emails route to a site asking for the users personal information including date of birth, mailing address, and salary range. In addition, users are then asked to submit credit card information to cover mailing costs of a CD with instructions on how to claim the grant they qualify for. All of the information obtained, including credit card information, is then used for identity theft purposes.
The Federal Deposit Insurance Corporation (FDIC) is warning consumers, businesses and financial institutions to be aware of fraudulent e-mails allegedly from the Federal Reserve Bank. The fraudulent e-mails claim that a phishing attack has affected the Fedwire system and that restrictions are in place. The e-mails further instruct recipients to click on links within the e-mail for additional information.
The message contains links to two Web pages that attempt to load malicious Trojan horse programs onto end users’ computers.
Consumers, businesses and financial institutions should be aware that Fedwire operations are not restricted and are operating as normal, and should take the following precautions:
- If an end user received the e-mail and clicked on any of the links, fully scan the computer using updated anti-virus software. If malicious code is detected on the computer, consult with a computer security or anti-virus specialist to remove the malicious code or re-install a clean image of the computer system.
- Be aware that phishing e-mails frequently have links to Web pages that host malicious code and software. Do not follow Web links in unsolicited e-mails from apparent federal banking agencies. Instead, bookmark or type the agency’s Web address.
- Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software applications security patches are installed.
- Do not open unsolicited or unexpected e-mail attachments because of the risk of malicious code or software in the attachments. Instead, call the agency using a known and appropriate telephone number to verify the legitimacy of the message and attached file.
- Be alert to different variations of the fraudulent e-mails.
The following phishing email is being received by consumers:
“We detected irregular activity on check card on Oct. 25/2007. For your protection, you must reactivate your card. Call us immediately at 1.866.840.2863. We will review the activity on your account with you and upon verification, we will remove any restrictions placed on your account.
Or
“You have (1) new message from National Credit Union Association”
“CUNA is constantly working to ensure security by regularly screening the accounts in our system. We recently reviewed your account, and we need more information to help you with secure service…November 1, 2006: We have reason to believe that you account was accessed by a third party.”
A link is then provided to access a checklist along with a case ID. This link is to a fake website mimicking CUNA Mutual.
The following phishing email claiming to be Exxon Mobile is being received by consumers:AWARD.
Your personal e—mail address was attached to Winning Number Ticket number:
2-4-16-37-89-40-85 with Serial number 2268/02, which consequently won you $500,000.00 USD.
For immediate claims, Please contact Our claims Agent
It gives a fake name and email address for claims. It then asks for personal information:
YOUR CLAIM REQUIREMENTS:
- Full Name
- Address
- Sex
- Age
- Occupation
- Mobile Phone Number
- Country
It is then emblazoned with a false name for Exxon Mobile Award Director. (Malaysia) Head Office.
No link is attached but it asks the recipient to reply to a viral email address.