|FBI Warns of New Fraud Scam
Zeus Variant Can Defeat Two-Factor Authentication
By Tracy Kitten, December 2, 2011.
The Federal Bureau of Investigation has issued a warning about a new Zeus malware attack targeting commercial bank accounts, ultimately leading to incidents of corporate account takeover.
The Zeus variant used: a malware called Gameover, which the FBI says is able to defeat several forms of dual-factor authentication. To protect themselves, the FBI suggests consumers and businesses pay attention to suspicious e-mails...
Click here for full story.
Credit Card Telephone Scam Targets CVV Code
A recent credit card telephone scam has been circulating targeting your CVV code from the back of your Credit Card. Please note that Justice FCU will NEVER ask you to verify any information from your VISA card including Card Number, expiration date, or CVV code when confirming a transaction.
If you receive a call asking you to verify anything from your VISA Credit Card including card number, expiration date, or CVV code hang up immidiately and call the phone number printed on the back of your card.
Looks Too Good To Be True
The quintessential resource for internet fraud education
THE LATEST PHONE SCAM - Targets Your Bank Account -- June 21, 2010
The "telephone denial-of-service attack" isn't just annoying; it could be the precursor to a crime targeting your bank accounts. Click here for full story.
Security Alert - Zeusbot Virus--January 14, 2010
Please be aware of a new computer virus called "Zeusbot," which may bypass many anti-virus and malware scanning software. As with many computer viruses, Zeusbot has the potential to put your personal financial information in jeopardy.
The Zuesbot waits for the user to log in to their online banking, logs the credentials, and then offers a screen that asks the user to further verify their login by entering their credit card data. All information gathered is sent to the attackers. Even if you do not provide the information, damage may be done, compromising your credentials.
If you encounter this virus, immediately log off of your PC and notify Justice FCU (800.550.5328) so that we can immediately change your online banking password.
Please remember that Justice FCU will NEVER contact you by phone or email and ask for your PIN, or account information.This information is personal and confidential to you, our Member, and under no circumstances would we require this information over the phone, text message or via email.
US-CERT Warns of Spam Pretending to be From IRS
(September 25 & 28, 2009) The US Computer Emergency Readiness team (US-CERT) has issued an alert warning of a spam attack in which the messages are spoofed to appear to come from the US Internal Revenue Service (IRS) regarding underreported income. The messages encourage the recipients to open an attachment or click on a link to view their tax statement, but the attachment contains malware and the link leads to a malicious website. The IRS warns people not to open attachments in emails claiming to be from the agency. The malware used in this attack is the Zeus Trojan horse program, which is difficult to detect. Zeus is used to help cyber criminals steal money from bank accounts.
Thrift Savings Plan and Credit Union Scams--March 13, 2009
Please be aware there is a fraudulent e-mail and information being circulated publically regarding mismanagement of the Federal Thrift Savings Plan I Fund by an investment manager, as well as an apparent telephone phishing scheme to break into credit union accounts.
The Federal Retirement Thrift Investment Board has advised of a hoax associated with alleged illegal activity on the part of an individual said to manage the Thrift Savings Plan (TSP) I Fund. The TSP is actively investigating the origins of this hoax and the bogus web site from which this erroneous information apparently has come. Details and updates from TSP on this scam can be found at its website, http://www.tsp.gov.
In addition, a Department of Justice (DOJ) employee has received a phone call purportedly from the Department’s Credit Union advising that his account had been temporarily closed because it was compromised by some suspicious activity. The employee was directed to press "1" to speak to a representative. When the employee pressed "1”, he was asked to enter his account number. This call did not come from the DOJ Credit Union, but appears to be part of a phishing scheme to break into credit union accounts.
Please exercise caution if you receive unusual or suspect e-mails or telephone calls. Never enter or give out account numbers or any personal information over the telephone or via electronic mail unless you initiated the action and the circumstances are secure or you are confident of the circumstances involved with the transaction.
Fraudulent Text Messages and Phone Calls– March 10, 2009
Many members are receiving text messages and phone calls regarding their Justice FCU account(s). The messaging claims that your account has been compromised or blocked, and requests that you call a fraudulent number, visit a fraudulent web site, or enter your personal account information. Please remember, under no circumstances will Justice FCU solicit phone calls, text messages, or emails requesting your credit union account number or VISA account number, password, PIN, or other personal identity information. Should you receive any type of communication appearing to be from Justice FCU in which this information is solicited, please contact us immediately. You can also report the call or text message directly to your phone service provider, or email email@example.com.
Please see our phishing page for more information.
Phone scams hit CUs in Alabama and Virginia
MADISON, Wis. (8/22/08)--Add Alabama and Virginia credit unions to the growing list of credit unions throughout the nation whose members are being hit with vishing (voice phishing).
Heritage South CU, Sylacauga, Ala., warned Talladega County residents earlier this week of a phone scam in which an automated system asks for credit and debit card information (The Daily Home Aug. 20). The scam began Monday evening.
The $66 million asset credit union told the newspaper it received an equal number of calls from members and nonmembers contacted by an automated system claiming to be Heritage South and saying their card had expired.
The recipients were asked to call a long distance number to reactivate the card and the bogus "Heritage South Security Center" would ask for the card number, PIN and the card's expiration date.
Few members gave out the information, said the credit union, whose member database was not compromised. The credit union said it would never contact members asking for information it already has.
Members of Martinsville Dupont Employees CU (MDCU), Martinsville, Va., received similar calls, the credit union said Thursday in a press release. "Someone has obtained a list of phone numbers in the Martinsville and Henry County area and is calling individuals" with a similar ruse, said Darrell L. Minniear, president/CEO of MDCU.
"MDCU will never contact you by phone or e-mail and ask you for personal information such as your Social Security number, account number, or credit card number," Minniear said.
Meanwhile, the Ohio Credit Union League said Wednesday "thousands of Ohioans" received messages via text, e-mail and voicemail, stating that their services at their credit union had been suspended. (News Now Aug. 21).
Thursday the league said five unique phishing scams purported to be from credit unions in the previous two days.
"Information at credit unions has not been compromised and this is not a data theft. This is an attempt to contact people directly and prompt them to give their personal information," said Paul Mercer, president of the Ohio league in a press release.
"We want to make sure Ohioans are aware of this attempt and encourage them to call their financial institution if they get a message to help us thwart future phishing attacks," he said.
Special Agent Harry Trombitas of the Federal Bureau of Investigation (FBI) said people receiving the messages should report the information directly to the FBI at www.ic3.gov for investigation.
Anyone who provided their personal information to the fraudsters should go immediately to the Federal Trade Commission (FTC) website at www.ftc.gov/idtheft and follow the steps provided to minimize their losses and protect their credit, he said in the league's press release.
Commonwealth CU, Frankfort, Ky., reported a second round within three weeks of vishing to thousands of Kentuckians. Florida CU, Gainesville, also reported similar attacks (News Now Aug. 18). Several credit unions in Wisconsin were hit earlier, and at least one, Bull's Eye FCU, experienced two waves of the attacks.
In July, credit unions in seven states--Pennsylvania, New York, Connecticut, Wisconsin, Indiana, Texas and Illinois--reported vish attempts.
07/21/2008 - Phone Scam Targets Credit Union Members
We have been made aware of a telephone scam that recently targeted Auburn Community FCU and is circulating throughout the country. Targeted credit union members are receiving an automated message claiming that their credit union has suspended their VISA card and instructing them to call an 800 number to reactivate the card. When the consumer calls the number, they are prompted to dial in their account number, expiration date and pin number. They are then instructed to press '1' to reactivate the card. Duplicate cards are being created in Spain and used to withdraw cash or make purchases.
Always remember that Justice FCU already has your personal information, so if you get an unsolicited telephone call where someone is asking you to provide or confirm any of your personal information, immediately hang up and call us at 800.550.5328.
The following email was sent to a Justice FCU Member. If you receive this email, or any email asking you to provide personal information please contact Justice FCU immediately.
VISA Debit Card <firstname.lastname@example.org>
AddTuesday, March 11, 2008 9:11:26 AM
VISA Debit Card , Security Departament temporarily suspended your account.
Reason: Fraud Atempts
We require you to complete an account update so we can unlock your account.
To start the update process please call at total free number : 803-825-4293
The information provided will be treated in confidence and stored in our secure database.
If you fail to provide information about your account you'll discover that your account
has been automatically deleted from our database.
Please note the total free number : +1 803-825-4293
Copyright © VISA Debit Card, All Rights Reserved
FBI Identifies Recurring Fraudulent E-mail Scam
The FBI has recently developed information indicating cyber criminals are attempting to once again send fraudulent e-mails to unsuspecting recipients stating that someone has filed a complaint against them or their company with the Department of Justice or another organization such as the Internal Revenue Service, Social Security Administration, or the Better Business Bureau.
Information obtained during the FBI investigation has been provided to the Department of Homeland Security (DHS). DHS has taken steps to alert their public and private sector partners with the release of a Critical Infrastructure Information Notice (CIIN).
The e-mails are intended to appear as legitimate messages from the above departments, and they address the recipients by name, and other personal information may be contained within the e-mail. Consistent with previous efforts, the scam will likely be an effort to secure Personally Identifiable Information. The nature of these types of scams is to create a sense of urgency for the recipient to provide a response through clicking on a hyperlink, opening an attachment, or initiating a telephone call.
It is believed this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file wherein most anti-virus programs are unable to detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.
“Through FBI investigations we frequently uncover information about ongoing cyber attacks and scams. We share this information through our partnership with DHS to alert the public and the private sector,” noted James E. Finch, Assistant Director of the FBI’s Cyber Division.
Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided. To receive the latest information about cyber scams please go to the FBI website and sign up for e-mail alerts by clicking on one of the red envelopes. If you have received a scam e-mail please notify the IC3 by filing a complaint at www.ic3.gov. For more information on e-scams, please visit the FBI's New E-Scams and Warnings webpage.
IRS Warns of New Email and Telephone Scams Using the IRS Name; Advance Payment Scams Starting
WASHINGTON DC - The Internal Revenue Service today warned taxpayers to beware of several current email and telephone scams that use the IRS name as a lure. The IRS expects such scams to continue through the end of tax return filing season and beyond.
The IRS cautioned taxpayers to be on the lookout for scams involving proposed advance payment checks. Although the government has not yet enacted an economic stimulus package in which the IRS would provide advance payments, known informally as rebates to many Americans, a scam which uses the proposed rebates as bait has already cropped up.
The goal of the scams is to trick people into revealing personal and financial information, such as Social Security, bank account or credit card numbers, which the scammers can use to commit identity theft.
Typically, identity thieves use a victim’s personal and financial data to empty the victim’s financial accounts, run up charges on the victim’s existing credit cards, apply for new loans, credit cards, services or benefits in the victim’s name, file fraudulent tax returns or even commit crimes. Most of these fraudulent activities can be committed electronically from a remote location, including overseas. Committing these activities in cyberspace allows scamsters to act quickly and cover their tracks before the victim becomes aware of the theft.
People whose identities have been stolen can spend months or years -- and their hard-earned money -- cleaning up the mess thieves have made of their reputations and credit records. In the meantime, victims may lose job opportunities, may be refused loans, education, housing or cars, or even get arrested for crimes they didn't commit.
The most recent scams brought to IRS attention are described below.
Rebate Phone Call
At least one scheme using the word “rebate” as part of the lure has been identified. In that scam, consumers receive a phone call from someone identifying himself as an IRS employee. The caller tells the targeted victim that he is eligible for a sizable rebate for filing his taxes early. The caller then states that he needs the target’s bank account information for the direct deposit of the rebate. If the target refuses, he is told that he cannot receive the rebate.
This phone call is a scam. No legislation has yet been enacted that would allow the IRS to provide advance payments to taxpayers or that determines the details of those payments. Moreover, the IRS does not force taxpayers to use direct deposit. Those who opt for direct deposit do so by completing the appropriate section of their tax return, with bank routing and account information, when they file; the IRS does not gather the information by telephone.
The IRS has seen several variations of a refund-related bogus e-mail which falsely claims to come from the IRS, tells the recipient that he or she is eligible for a tax refund for a specific amount, and instructs the recipient to click on a link in the e-mail to access a refund claim form. The form asks the recipient to enter personal information that the scamsters can then use to access the e-mail recipient’s bank or credit card account. In a new wrinkle, the current version of the refund scam includes two paragraphs that appear to be directed toward tax-exempt organizations that distribute funds to other organizations or individuals. The e-mail contains the name and supposed signature of the Director of the IRS’s Exempt Organizations business division. This e-mail is a phony. The IRS does not send unsolicited e-mail about tax account matters to individual, business, tax-exempt or other taxpayers. Filing a tax return is the only way to apply for a tax refund; there is no separate application form. Taxpayers who wish to find out if they are due a refund from their last annual tax return filing may use the “Where’s My Refund?” interactive application on the IRS Web site at IRS.gov. The only official IRS Web site is located at www.irs.gov.
Another new scam brought to IRS attention contains features not seen before by the IRS. Using a technique calculated to get almost anyone’s attention, the email notifies the recipient that his or her tax return will be audited. This is the first scam of which the IRS is aware that uses this to get the victim to respond. Unusual for a scam email, it may contain a salutation in the body addressed to the specific recipient by name. Most scam emails seen by the IRS are sent using the same technique used by spammers, in which hundreds of thousands of messages are sent to potential victims based on Internet address. Because of the volume, the typical scam email is not personalized. This email instructs the recipient to click on links to complete forms with personal and account information, which the scammers will use to commit identity theft. This email is a phony. The IRS does not send unsolicited, tax-account related e-mails to taxpayers.
Changes to Tax Law email
This bogus email is addressed to businesses, accountants and “Treasury” managers. It instructs them to download information on tax law changes by clicking on a series of links to publications on businesses, estate taxes, excise taxes, exempt organizations and IRAs and other retirement plans. The IRS believes that clicking on a link downloads malware onto the recipient’s computer. Malware is malicious code that can take over the victim’s computer hard drive, giving someone remote access to the computer, or it could look for passwords and other information and send them to the scamster. There are other types of malware, as well. The urls contained in the link are not legitimate IRS Web addresses. All IRS.gov Web page addresses begin with http://www.irs.gov/
Paper Check Phone Call
In a current telephone scam, a caller claims to be an IRS employee who is calling because the IRS sent a check to the individual being called. The caller states that because the check has not been cashed, the IRS wants to verify the individual’s bank account number. The caller may have a foreign accent. In reality, the IRS leaves it entirely up to the individual to choose to cash or not cash a paper check. The IRS has no business need to know, and does not ask for, bank account or similar information, except when taxpayers indicate on their tax return that they are opting for the direct electronic deposit of their refund. In that case, however, it is the individual’s responsibility to provide the IRS with the correct bank routing and account numbers on the tax return; the IRS does not contact taxpayers to verify the information.
What to Do
Anyone wishing to access the IRS Web site should initiate contact by typing the IRS.gov address into their Internet address window, rather than clicking on a link in an email or opening an attachment. Those who have received a questionable email claiming to come from the IRS may forward it to a mailbox the IRS has established to receive such e-mails, email@example.com, using instructions contained in an article on IRS.gov titled “How to Protect Yourself from Suspicious E-Mails or Phishing Schemes.” Following the instructions will help the IRS track the suspicious email to its origins and shut down the scam. Find the article by visiting IRS.gov and entering the words “suspicious emails” into the search box in the upper right corner of the front page. Those who have received a questionable telephone call that claims to come from the IRS may also use the mailto:firstname.lastname@example.org mailbox to notify the IRS of the scam. The IRS has issued previous warnings on scams that use the IRS to lure victims into believing the scam is legitimate. More information on identity theft, phishing and telephone scams using the IRS name, logo or spoofed (copied) Web site is available on the IRS Web site at IRS.gov. Enter the terms “phishing,” “identity theft” or “email scams” into the search box in the upper right corner of the front page.
"Irregular Check Card Activity" Phishing Scam
A new phishing-scam using the Credit Union National Association's (CUNA) name has been circulating to credit union members across the country. This scam is an attempt to collect personal account information for identity theft purposes.
Please be on the lookout for the following email message:
Subject: CUNA Alert: Irregular Check Card Activity
We detected irregular activity on check card on Oct 25/2007. For your protection, you must reactivate your card. Call us immediately at X-XXX-XXX-XXXX. We will review the activity on your account with you and upon verification, we will remove any restrictions placed on your account.
Please disregard this notice if you have already accessed the website or spoken with one or our representatives.
If you have responded to this email, or any email with personal financial information, please contact Justice FCU immediately.
FBI Email Scam Warning
The Following is a press release issued by the FBI National Press Office on July 17, 2007.
Washington, D.C. – The FBI today warned the public against three separate Internet scams that continue to flourish through spam e-mails. The warning comes after the FBI's Internet Crime Complaint Center (IC3) received a rising number of complaints from citizens over the past few weeks.
In one scam, an e-mail recipient receives an electronic greeting card containing malware (malicious software). The cards, which are also referred to as e-cards or postcards, are being sent via spam. Like many other Internet fraud schemes, the perpetrators use social engineering tactics to entice the victim, claiming the card is from a family member or friend. Although there have been variations in the spam message and attached malware, generally the spam directs the recipient to click the link provided in the email to view their e-card. Upon clicking the link, the recipient is unknowingly taken to a malicious web page.
In another scam, fraudulent e-mails misrepresent the FBI and/or Director Robert S. Mueller III and give the appearance of legitimacy due to the usage of pictures of the FBI Director, seal, letter head, and/or banners. The types of schemes utilizing the Director's name and/or FBI are lottery endorsements and inheritance notifications.
The third is spam e-mail which claim to be from an official of the U.S. military sent on behalf of American soldiers stationed overseas. The scam e-mails vary in content; however, the general theme of each is to request personal information and/or funds from the individual receiving the e-mail.
These spam e-mail messages are hoaxes and should be immediately deleted. Consumers need to be wary of unsolicited e-mails that request them to take any action even if that means just clicking on an attachment. It is possible that by "double-clicking" on attachments to these messages, recipients will cause malicious software – e.g., viruses, keystroke loggers, or other Trojan horse programs – to be launched on their computers.
For further information on computer safety tips please visit the FBI website at www.fbi.gov and the IC3 website at www.ic3.gov.
Back to Top
Jury Duty Phone Scam
In recent years, a scam has resurfaced in which criminals use jury duty as a way to collect personal information from victims. In most cases, the victim receives a phone call from someone claiming to be an officer of the court. They try to scare the victim by claiming that they did not show up for jury duty, and that they have a warrant out for their arrest. The criminal will ask the victim for personal information such as birth date, social security number, and even credit card numbers in order to clear up the situation.
Protect yourself against this type of scam and never give out your personal information over the phone to an unsolicited call.
Click here to read more.
Back to Top