Phishing and Fraudulent Emails on the Rise – April 2013
The sophistication of email phishing scams continue to increase all the time, so it's more important than ever to be careful about how and when you chose to open attachments, click on embedded links and/or share sensitive information like account numbers, passwords and personal information.
Recent examples of companies being targeted by phishing scammers include ADP Payroll Services, The IRS, Fiserv, Jack Henry & Associates and FedEx.
Experts say cybercriminals may be plotting to attack more U.S. financial institutions this fall. Banks have been on high alert ever since the cyber attacks committed against Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank, PNC and others last month.
Security vendor RSA wrote a blog detailing that a cyber gang has recently communicated its plans to launch a Trojan attack spree on 30 American banks as part of a large-scale orchestrated crimeware campaign.
Malware Screen Takeover - October 2012
Internet banking security vendors have noticed increased activity with a malware screen takeover that is targeting token users. This particular malware variant will prompt a user to input account and/or token data, which then results in another screen prompt indicating that the user will be unable to access the account for 24-hours while maintenance is performed. This allows the fraudster to take over the session and commit fraud while the user is detained on the fake "maintenance" screen.
Phishing Emails from NetTeller - October, 2012
We have received reports of phishing emails being sent from what appear to be a NetTeller email address: email@example.com with the subject line of NetTeller Watch Notice.
NetTeller is Islanders Bank's online (Internet) banking service and these are "Phishing emails" trying to get customers to click on the embedded NetTeller access link.
These emails are NOT coming from NetTeller and, should you receive such an email, do NOT click on the link. It is recommended to permanently delete the email.
FBI Issues Cyber Warning for Travelers - May 2012
From NetworkWorld May 9, 2012 The FBI today warned travelers there has been an uptick in malicious software infecting laptops and other devices linked to hotel Internet connections.
The FBI wasn't specific about any particular hotel chain, nor the software involved but stated: "Recent analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms. The FBI said typically travelers attempting to set up a hotel room Internet connection were presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.
The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products through their hotel Internet connection. The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor's website if updates are necessary while abroad."
Scam Emails from eNFACT - January 26, 2012
Scam or phishing emails from eNFACT with the subject eNFACT Case #29018, or similar subject, are circulating. The email lists bogus suspicious activity and transactions and inlcudes links to phishing websites.
The email is a scam and should be deleted.
eNFACT is a fraud detection service. If potential fruadulent activity is suspected, you may be called by eNFACT but you will not be asked to verify suspicious transactions by email.
You should never respond to unsolicited emails that:
Ask you to verify your card or account number; such emails are not sent by legitimate businesses.
Link to websites; such sites can look legitimate but may collect data or
copy spy-ware on your computer.
News Stories: The Zeus Trojan Returns - January 2012
The latest strain of the ID-theft malware, called Gameover, begins as a phishing scheme with spam e-mails — purportedly from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC) — that leads to malware infection and eventual access to the victim’s bank account. Full article at www.zdnet.com
The NACHA, Federal Reserve Bank and the FDIC do not send email requests for confidential information such as online banking user name and password. Do not ever share your account or login information with an unknown or untrusted source. Immediately delete suspicious or unsolicited emails, do not open attachments or click on any links.
At Islanders Bank we take the security of your account(s) very seriously. As your bank, we are committed to protecting your personal information. As a general business practice, we will not ask for sensitive, personal or confidential information by unsolicited email.
If you have any questions or concerns about any unsolicited email that you receive from Islanders Bank, please send an email to firstname.lastname@example.org
*IMPORTANT: Internet email is not secure. Unlike Online Banking, it does not use SSL encryption. Please do not send sensitive information, i.e. your account numbers, credit card numbers, social security numbers, other account information via email.
To send emails containing account information, use the Secure Message Center available via Islanders Bank's Online Banking or contact us.