Our service provider reports seeing increased activity with a malware screen takeover, which is targeting token users. This particular malware variant will prompt a user to input account and/or token data, which then results in another screen prompt indicating that the user will be unable to access the account for 24-hours while maintenance is performed. While the user is detained on the fake “maintenance” screen, it allows the fraudster enough time to take over the session and commit fraud.
We are receiving reports of phishing emails being sent from what appears to be a NetTeller email address customer _service @cm.netteller.com with the subject line of NetTeller Watch Notice. These are bogus emails trying to get you to click on the embedded NetTeller access link. These emails are NOT coming from NetTeller or Central National Bank. Should you receive an email, DO NOT to clink on the link. Instead, permanently delete the email.
Have you ever heard of skimming? Have you ever been a victim?
If you have, then you know that a skimmer is almost entirely undetectable by users. A skimmer is an electronic device that can be placed over a card slot on an ATM, a gas pump, and other machines that have a slot to insert your debit or credit card. At Central National Bank we’re careful to check our ATMs regularly for these devices, but there are many other places you use your card, so here’s a few tips – published by the FBI - for protecting yourself from theft via skimming.
- Inspect the card reader slot before inserting your card. Be suspicious if you notice anything loose, crooked, or damaged. Scratches and adhesive/tape residue can also be warning signs.
- When entering your PIN, block the keypad with your hand to prevent possible hidden cameras from recording your number.
- If possible, use ATMs and payment terminals at inside locations (less access for criminals to install skimmers).
- If your card isn’t returned after the transaction or after hitting “cancel”, immediately contact your card provider.
If you notice any of these signs and are suspicious of foul play, contact the company/owner of the terminal as soon as possible and do not insert your card into the slot. If it’s an ATM, contact the financial institution that owns the ATM. Better safe than sorry.
Have you brushed up on your information pertaining to Phishing scams? Now might be a good time – see our prior posts here, here and here. We’ve seen an increase in phishing scams lately and would like to take the opportunity to remind our customers that:
We have your information on file. We will NEVER call you and ask for account numbers, social security numbers, or access codes.
If you have recently given any of this information over the phone, to a representative claiming to be from Central National Bank, please call our toll free number 1-888-262-5456. Our call center would be happy to assist you in protecting your account from phishers.
The Better Business Bureau (BBB) has issued a nationwide warning about a new scam claiming that President Obama will pay consumers’ utility bills through a federal program.
How the Scam Works:
Consumers are being contacted via telephone, fliers, social media and text messages and various other means with claims that President Obama is providing credits or applying payment to utility bills.
To receive the money, scammers claim to need the consumer’s Social Security Number (SSN), financial institution routing number and account number. In return, the consumers are given a fraudulent financial institution routing number to use in order to pay their utility bills through an automated telephone service.
The payment service initially seems to accept the payment but then declines it within a few days of finding the banking information to be invalid. The consumer’s bill has not been paid and his/her SSN and personal financial information have been compromised.
The BBB offers the following tips to help consumers avoid becoming victim of this scam:
- Never provide your SSN, credit card number or banking information to anyone who calls you, regardless of whom they claim to be representing.
- If you receive a call claiming to be your utility company and feel pressured for immediate payment or personal information, hang up and call the customer service number on your utility bill.
- Never allow anyone into your home to check electrical wiring, natural gas pipes or appliances unless you have scheduled an appointment or reported a problem. Also, ask the employee for proper identification.
- Think safety first, always. Do not give in to high pressure tactics for information over the phone or in person.
We have received reports of phone calls from a 206 area code in which an automated message claims that the customer’s debit card has been deactivated, and they are instructed to press 1 to reactivate the card. This is a vishing scam, and customers are advised to hang up the phone immediately. Central National Bank does not use automated messages to contact customers about their accounts. If you have any questions, please call us at 1-888-262-5456.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC.
The e-mail exhibits the “Subject” line: “SURVEY CODE: STJSPNUPUT”. The “From” line may exhibit variations; however, the messages are similar.
The email states, “You have been chosen by the FDIC to take part in our quick and easy 5 questions survey. In return we will credit $100 to your account just for your time!” The recipient is then instructed to “Click here to Continue.”Recipients should not click on the link provided.
This email and link are fraudulent. Recipients should consider the intent of the email as an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. As a reminder, the FDIC does not send unsolicited emails to consumers or business account holders.
We are receiving reports of phishing emails being sent from what appears to be coming from our online banking service provider with an email address of customer _service @cm.netteller.com with the subject line of NetTeller Watch Notice. These are “Phishing emails” trying to get customers to click on the embedded access link. These emails are not coming from the bank or our online banking service provider. Please be advised that if you receive an email, that you NOT to clink on the link. It is recommended to permanently delete the email.
Just as a reminder Central National Bank nor our service provider would send an unsolicited email requesting you to provide personal information.
If you have questions feel free to contact our Online Services Department at 1-888-262-5456 or email us email@example.com.
Fake check scams are clever tricks designed to steal your money. You can avoid becoming a victim by recognizing how the scam works and understanding your responsibility for the checks that you deposit into your account.
If someone you don’t know wants to pay you by check but wants you to wire some of the money back, beware! It’s a scam that could cost you thousands of dollars. The following list of tips may help to protect you from becoming a victim of this kind of scam.
- There are many variations of the fake check scam. It could involve someone offering to buy something you advertised, or paying you to work at home. They may give you an “advance” on a sweepstakes you’ve supposedly won, or pay the first installment on the millions that you’ll receive for agreeing to have money in a foreign country transferred to your bank account for safekeeping. Whatever the pitch, the person may sound quite convincing.
- Fake check scammers hunt for victims. They scan newspaper and online advertisements for people listing items for sale, and check postings on online job sites from people seeking employment. They place their own ads with phone numbers or email addresses for people to contact them. And they call or send emails or faxes to people randomly knowing that some will take the bait.
- They often claim to be in another country. The scammers say it’s too difficult and complicated to send you the money directly from their country, so they’ll arrange for someone in the U.S. to send you a check.
- They tell you to wire money to them after you’ve deposited the check.
- If you’re selling something, they say they’ll pay you by having someone in the U.S. who owes them money send you a check. It will be for more than the sale price; you deposit the check, keep what you’re owed, and wire the rest to them.
- If it’s part of a work-at-home scheme, they may claim that you’ll be processing checks from their “clients.” You deposit the checks and then wire them the money minus your “pay.” Or they may send you a check for more than your pay “by mistake” and ask you to wire them the excess.
- In the sweepstakes and foreign money offer variations of the scam, they tell you to wire them money for taxes, customs, bonding processing, legal fees, or other expenses that must be paid before you can get the rest of the money.
- The checks are fake but they look real. In fact, they look so real that even bank tellers may be fooled. Some are phony cashier’s checks; others look like they’re from legitimate business accounts. The companies whose names appear may be real, but someone has dummied jut the checks without their knowledge.
- You don’t have to wait long to use the money, but that doesn’t mean the check is good. Under federal law, banks have to make the funds you deposit available quickly – usually within one to five days, depending on the type of check. But just because you can withdraw the money doesn’t mean the check is good, even if it’s a cashier’s check. It can take weeks for the forgery to be discovered and the check to bounce.
- You are responsible for the checks you deposit. That’s because you’re in the best position to determine the risk – you are the one dealing directly with the person who is arranging for the check to be sent to you. When a check is charged back, the bank deducts the amount that was originally credited to your account. If there isn’t enough to cover it, they bank will work with you to set up a repayment plan. There have been cases in which law enforcement authorities have brought charges against the victims because it may look like they were involved in the scam and knew the check was counterfeit.
- There is no legitimate reason for someone who is giving you money to ask you to wire money back. If a stranger wants to pay you for something, insist on a cashiers check for the exact amount, preferably from a local bank or a bank that has a branch in your area.
Fictitious correspondence, allegedly issued by the Office of the Comptroller of the Currency (OCC) regarding funds purportedly under the control of the OCC and other government entities, is in circulation. Correspondence may be distributed via e-mail, fax, or postal mail.
Any document claiming that the OCC is involved in holding any funds for the benefit of any individual or entity is fraudulent. The OCC does not participate in the transfer of funds for, or on behalf of, individuals, business enterprises, or governmental entities.
The letters may indicate that funds are being held by the OCC, the U.S. Department of Homeland Security, or the U.S. Department of Justice because of the need for payment of a 0.059 percent revenue charge to the U.S. Internal Revenue Service.
The correspondence in question contains forged signatures of actual OCC officials. In addition, the material contains a fictitious mailing address that is not associated with the OCC.
Before responding in any manner to any proposal supposedly issued by the OCC that requests personal information or personal account information, or that requires the payment of any fee in connection with the proposal, you should take steps to verify that the proposal is legitimate.
At a minimum, the OCC recommends that you:
- Contact the OCC directly to verify the legitimacy of the proposal (1) via e-mail at firstname.lastname@example.org; (2) by mail to the OCC’s Special Supervision Division, 250 E St. SW; Mail Stop 2-7, Washington, DC 20219; (3) via fax to (202) 874-5214; or (4) by calling the Special Supervision Division at (202) 874-4450.
- Contact state and/or local law enforcement.
- File a complaint with the Internet Crime Complaint Center at www.ic3.gov, if the proposal appears to be fraudulent and was received via e-mail or the Internet.
- File a complaint with the U.S. Postal Inspector Service by telephone at (888) 877-7644, by mail at U.S. Postal Inspection Service, 222 S. Riverside Plaza, Suite 1250, Chicago, IL 60606-6100, or via online complaint form at:https://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx, if the proposal appears to be fraudulent and was delivered through the U.S. Postal Service.
Below is a copy of this fraudulent correspondence, which is being sent by fraudsters in an attempt to elicit funds and to gather personal information to be used in possible future identification theft.