Justice Federal Credit Union -- Justice FCU Scholarship Competition

Looks Too Good To Be True
The quintessential resource for internet fraud education

We have been made aware of a telephone scam that recently targeted Auburn Community FCU and is circulating throughout the country. Targeted credit union members are receiving an automated message claiming that their credit union has suspended their VISA card and instructing them to call an 800 number to reactivate the card. When the consumer calls the number, they are prompted to dial in their account number, expiration date and pin number. They are then instructed to press '1' to reactivate the card. Duplicate cards are being created in Spain and used to withdraw cash or make purchases.

Always remember that Justice FCU already has your personal information, so if you get an unsolicited telephone call where someone is asking you to provide or confirm any of your personal information, immediately hang up and call us at 800.550.5328.

Recent Phishing Scam
The following email was sent to a Justice FCU Member. If you receive this email, or any email asking you to provide personal information please contact Justice FCU immediately.

Urgent Notification
VISA Debit Card <debitcard@visa.com>
AddTuesday, March 11, 2008 9:11:26 AM
To:

Dear Customer,

VISA Debit Card , Security Departament temporarily suspended your account.
Reason: Fraud Atempts

We require you to complete an account update so we can unlock your account.

To start the update process please call at total free number : 803-825-4293

The information provided will be treated in confidence and stored in our secure database.
If you fail to provide information about your account you'll discover that your account
has been automatically deleted from our database.

Please note the total free number : +1 803-825-4293

Copyright © VISA Debit Card, All Rights Reserved

The FBI has recently developed information indicating cyber criminals are attempting to once again send fraudulent e-mails to unsuspecting recipients stating that someone has filed a complaint against them or their company with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau.

Information obtained during the FBI investigation has been provided to the Department of Homeland Security (DHS). DHS has taken steps to alert their public and private sector partners with the release of a Critical Infrastructure Information Notice (CIIN).

The e-mails are intended to appear as legitimate messages from the above departments, and they address the recipients by name, and other personal information may be contained within the e-mail. Consistent with previous efforts, the scam will likely be an effort to secure Personally Identifiable Information. The nature of these types of scams is to create a sense of urgency for the recipient to provide a response through clicking on a hyperlink, opening an attachment, or initiating a telephone call.

It is believed this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file wherein most anti-virus programs are unable to detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.

“Through FBI investigations we frequently uncover information about ongoing cyber attacks and scams. We share this information through our partnership with DHS to alert the public and the private sector,” noted James E. Finch, Assistant Director of the FBI’s Cyber Division.

IRS Warns of New Email and Telephone Scams Using the IRS Name; Advance Payment Scams Starting

WASHINGTON DC - The Internal Revenue Service today warned taxpayers to beware of several current email and telephone scams that use the IRS name as a lure. The IRS expects such scams to continue through the end of tax return filing season and beyond.

The IRS cautioned taxpayers to be on the lookout for scams involving proposed advance payment checks. Although the government has not yet enacted an economic stimulus package in which the IRS would provide advance payments, known informally as rebates to many Americans, a scam which uses the proposed rebates as bait has already cropped up.

The goal of the scams is to trick people into revealing personal and financial information, such as Social Security, bank account or credit card numbers, which the scammers can use to commit identity theft.

Typically, identity thieves use a victim’s personal and financial data to empty the victim’s financial accounts, run up charges on the victim’s existing credit cards, apply for new loans, credit cards, services or benefits in the victim’s name, file fraudulent tax returns or even commit crimes. Most of these fraudulent activities can be committed electronically from a remote location, including overseas. Committing these activities in cyberspace allows scamsters to act quickly and cover their tracks before the victim becomes aware of the theft.

People whose identities have been stolen can spend months or years -- and their hard-earned money -- cleaning up the mess thieves have made of their reputations and credit records. In the meantime, victims may lose job opportunities, may be refused loans, education, housing or cars, or even get arrested for crimes they didn't commit.

Rebate Phone Call
At least one scheme using the word “rebate” as part of the lure has been identified. In that scam, consumers receive a phone call from someone identifying himself as an IRS employee. The caller tells the targeted victim that he is eligible for a sizable rebate for filing his taxes early. The caller then states that he needs the target’s bank account information for the direct deposit of the rebate. If the target refuses, he is told that he cannot receive the rebate.

This phone call is a scam. No legislation has yet been enacted that would allow the IRS to provide advance payments to taxpayers or that determines the details of those payments. Moreover, the IRS does not force taxpayers to use direct deposit. Those who opt for direct deposit do so by completing the appropriate section of their tax return, with bank routing and account information, when they file; the IRS does not gather the information by telephone.

Refund e-Mail
The IRS has seen several variations of a refund-related bogus e-mail which falsely claims to come from the IRS, tells the recipient that he or she is eligible for a tax refund for a specific amount, and instructs the recipient to click on a link in the e-mail to access a refund claim form. The form asks the recipient to enter personal information that the scamsters can then use to access the e-mail recipient’s bank or credit card account. In a new wrinkle, the current version of the refund scam includes two paragraphs that appear to be directed toward tax-exempt organizations that distribute funds to other organizations or individuals. The e-mail contains the name and supposed signature of the Director of the IRS’s Exempt Organizations business division. This e-mail is a phony. The IRS does not send unsolicited e-mail about tax account matters to individual, business, tax-exempt or other taxpayers. Filing a tax return is the only way to apply for a tax refund; there is no separate application form. Taxpayers who wish to find out if they are due a refund from their last annual tax return filing may use the “Where’s My Refund?” interactive application on the IRS Web site at IRS.gov. The only official IRS Web site is located at www.irs.gov.

Audit email
Another new scam brought to IRS attention contains features not seen before by the IRS. Using a technique calculated to get almost anyone’s attention, the email notifies the recipient that his or her tax return will be audited. This is the first scam of which the IRS is aware that uses this to get the victim to respond. Unusual for a scam email, it may contain a salutation in the body addressed to the specific recipient by name. Most scam emails seen by the IRS are sent using the same technique used by spammers, in which hundreds of thousands of messages are sent to potential victims based on Internet address. Because of the volume, the typical scam email is not personalized. This email instructs the recipient to click on links to complete forms with personal and account information, which the scammers will use to commit identity theft. This email is a phony. The IRS does not send unsolicited, tax-account related e-mails to taxpayers.

Changes to Tax Law email
This bogus email is addressed to businesses, accountants and “Treasury” managers. It instructs them to download information on tax law changes by clicking on a series of links to publications on businesses, estate taxes, excise taxes, exempt organizations and IRAs and other retirement plans. The IRS believes that clicking on a link downloads malware onto the recipient’s computer. Malware is malicious code that can take over the victim’s computer hard drive, giving someone remote access to the computer, or it could look for passwords and other information and send them to the scamster. There are other types of malware, as well. The urls contained in the link are not legitimate IRS Web addresses. All IRS.gov Web page addresses begin with http://www.irs.gov/

Paper Check Phone Call
In a current telephone scam, a caller claims to be an IRS employee who is calling because the IRS sent a check to the individual being called. The caller states that because the check has not been cashed, the IRS wants to verify the individual’s bank account number. The caller may have a foreign accent. In reality, the IRS leaves it entirely up to the individual to choose to cash or not cash a paper check. The IRS has no business need to know, and does not ask for, bank account or similar information, except when taxpayers indicate on their tax return that they are opting for the direct electronic deposit of their refund. In that case, however, it is the individual’s responsibility to provide the IRS with the correct bank routing and account numbers on the tax return; the IRS does not contact taxpayers to verify the information.

What to Do
Anyone wishing to access the IRS Web site should initiate contact by typing the IRS.gov address into their Internet address window, rather than clicking on a link in an email or opening an attachment. Those who have received a questionable email claiming to come from the IRS may forward it to a mailbox the IRS has established to receive such e-mails, phishing@irs.gov, using instructions contained in an article on IRS.gov titled “How to Protect Yourself from Suspicious E-Mails or Phishing Schemes.” Following the instructions will help the IRS track the suspicious email to its origins and shut down the scam. Find the article by visiting IRS.gov and entering the words “suspicious emails” into the search box in the upper right corner of the front page. Those who have received a questionable telephone call that claims to come from the IRS may also use the mailto:phishing@irs.gov mailbox to notify the IRS of the scam. The IRS has issued previous warnings on scams that use the IRS to lure victims into believing the scam is legitimate. More information on identity theft, phishing and telephone scams using the IRS name, logo or spoofed (copied) Web site is available on the IRS Web site at IRS.gov. Enter the terms “phishing,” “identity theft” or “email scams” into the search box in the upper right corner of the front page.

A new phishing-scam using the Credit Union National Association's (CUNA) name has been circulating to credit union members across the country. This scam is an attempt to collect personal account information for identity theft purposes.

If you have responded to this email, or any email with personal financial information, please contact Justice FCU immediately.

The Following is a press release issued by the FBI National Press Office on July 17, 2007.

Washington, D.C. – The FBI today warned the public against three separate Internet scams that continue to flourish through spam e-mails. The warning comes after the FBI's Internet Crime Complaint Center (IC3) received a rising number of complaints from citizens over the past few weeks.

In one scam, an e-mail recipient receives an electronic greeting card containing malware (malicious software). The cards, which are also referred to as e-cards or postcards, are being sent via spam. Like many other Internet fraud schemes, the perpetrators use social engineering tactics to entice the victim, claiming the card is from a family member or friend. Although there have been variations in the spam message and attached malware, generally the spam directs the recipient to click the link provided in the email to view their e-card. Upon clicking the link, the recipient is unknowingly taken to a malicious web page.

In another scam, fraudulent e-mails misrepresent the FBI and/or Director Robert S. Mueller III and give the appearance of legitimacy due to the usage of pictures of the FBI Director, seal, letter head, and/or banners. The types of schemes utilizing the Director's name and/or FBI are lottery endorsements and inheritance notifications.

The third is spam e-mail which claim to be from an official of the U.S. military sent on behalf of American soldiers stationed overseas. The scam e-mails vary in content; however, the general theme of each is to request personal information and/or funds from the individual receiving the e-mail.

These spam e-mail messages are hoaxes and should be immediately deleted. Consumers need to be wary of unsolicited e-mails that request them to take any action even if that means just clicking on an attachment. It is possible that by "double-clicking" on attachments to these messages, recipients will cause malicious software – e.g., viruses, keystroke loggers, or other Trojan horse programs – to be launched on their computers.

For further information on computer safety tips please visit the FBI website at www.fbi.gov and the IC3 website at www.ic3.gov.

Jury Duty Phone Scam
In recent years, a scam has resurfaced in which criminals use jury duty as a way to collect personal information from victims. In most cases, the victim receives a phone call from someone claiming to be an officer of the court. They try to scare the victim by claiming that they did not show up for jury duty, and that they have a warrant out for their arrest. The criminal will ask the victim for personal information such as birth date, social security number, and even credit card numbers in order to clear up the situation.

Protect yourself against this type of scam and never give out your personal information over the phone to an unsolicited call.