The FBI is aware of a new type of malware known as Beta Bot. Cyber criminals use Beta Bot to target financial institutions, e-commerce sites, online payment platforms, and social networking sites to steal sensitive data such as log-in credentials and financial information. Beta Bot blocks computer users’ access to security websites and disables anti-virus programs, leaving computers vulnerable to compromise.
Beta Bot infection vectors include an illegitimate but official looking Microsoft Windows message box named “User Account Control” that requests a user’s permission to allow the “Windows Command Processor” to modify the user’s computer settings. If the user complies with the request, the hackers are able to exfiltrate data from the computer. Beta Bot is also spread via USB thumb drives or online via Skype, where it redirects the user to compromised websites.
Figure 1, Beta Bot “Windows Command Process” message box
Although Beta Box masquerades as the “User Account Control” message box, it is also able to perform modifications to a user’s computer. If the above pop-up message or a similar prompt appears on your computer and you did not request it or are not making modifications to your system’s configuration, do not authorize “Windows Command Processor” to make any changes.
Remediation strategies for Beta Bot infection include running a full system scan with up-to-date anti-virus software on the infected computer. If Beta Bot blocks access to security sites, download the latest anti-virus updates or a whole new anti-virus program onto an uninfected computer, save it to a USB drive and load and run it on the infected computer. It is advisable to subsequently re-format the USB drive to remove any traces of the malware.
We’re very excited to announce the newest feature within our smart phone app… Mobile Deposit!
That’s right, you can deposit checks simply by taking a picture of the check! Submit deposits to your account after hours, on the go, when you’re out of town… ANYWHERE! It’s so easy. Sign up today and see!
For more details about the program, or to sign up, visit our website.
For complete details about processing visit our Frequently Asked Questions page.
Yesterday, we held a ribbon cutting ceremony to formally announce the grand opening of our newest bank branch located in the Walmart Supercenter on Wanamaker Road in Topeka, KS!
Bank employees, guests, and Topeka Chamber of Commerce representatives were in attendance for the ceremony. Marsha Sheahan, Vice President of Public Relations, offered welcome remarks and introduced Central National Bank representatives for their comments.
“Our bank values our partnership with Walmart and is proud to offer customers such a convenient option for banking services,” said Ed C. Rolfs, Central National Bank Chief Executive Officer. “We are committed to Topeka and really enjoy our customers here and this community.”
We operate in-store bank locations in six Walmart stores across Kansas. The new Topeka Walmart location is a full service banking location and is open seven days a week. The branch is equipped with a Smart ATM, enabling customers to make deposits and withdraw cash after hours.
“Our team is thrilled to be here and open for business,” said John Legg, Branch Manager. “We have exciting grand opening specials and encourage everyone to stop in and visit our new branch.”
The Topeka Walmart branch will be open Monday-Friday from 10:00am to 7:00pm, Saturdays from 9:00am to 4:00pm and Sundays from Noon to 4:00pm.
Fictitious correspondence, allegedly issued by the Office of the Comptroller of the Currency (OCC) regarding funds purportedly under the control of the OCC and other government entities, is in circulation. Correspondence may be distributed via e-mail, fax, or postal mail.
Any document claiming that the OCC is involved in holding any funds for the benefit of any individual or entity is fraudulent. The OCC does not participate in the transfer of funds for, or on behalf of, individuals, business enterprises, or governmental entities.
The letters may indicate that funds are being held by Bank of America and that the recipient will be required to pay a mandatory express service charge to have the funds released.
A sample copy of this fraudulent correspondence can be found here, which is being sent to consumers in an attempt to elicit funds from them and to gather personal information to be used in possible future identification theft.
The correspondence in question contains forged signatures of former OCC officials. In addition, the material contains a fictitious e-mail address that is not associated with the OCC.
Before responding in any manner to any proposal supposedly issued by the OCC that requests personal information or personal account information or that requires the payment of any fee in connection with the proposal, the recipient should take steps to verify that the proposal is legitimate. At a minimum, the OCC recommends that consumers
- contact the OCC directly to verify the legitimacy of the proposal (1) via e-mail at email@example.com; (2) by mail to the OCC’s Special Supervision Division, 250 E St. SW, Mail Stop 8E-12, Washington, D.C. 20219; (3) via fax to (571) 293-4925; or (4) by calling the Special Supervision Division at (202) 649-6450.
- contact state or local law enforcement.
- file a complaint with the Internet Crime Complaint Center at www.ic3.gov if the proposal appears to be fraudulent and was received via e-mail or the Internet.
- file a complaint with the U.S. Postal Inspection Service by telephone at (888) 877 7644; by mail at U.S. Postal Inspection Service, 222 S. Riverside Plaza, Suite 1250, Chicago, IL 60606-6100; or via the online complaint form at https://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx, if the proposal appears to be fraudulent and was delivered through the U.S. Postal Service.
Any information regarding the subject of this or any other alert that you wish to bring to the attention of the OCC may be sent to firstname.lastname@example.org.
We have received reports of phone calls from an unknown telephone number in which an automated message claims that the customer’s debit card has been deactivated, and they are instructed to enter their card number in order to reactivate the card. This is a vishing scam, and customers are advised to hang up the phone immediately. Central National Bank does not use automated messages to contact customers about their accounts. If you have any questions, please call us at 1-888-262-5456.
We’ve had a number of questions from customers lately who’ve noticed a message circulating Facebook regarding the ability to send out an emergency signal from an ATM. Specifically, being able to punch in your PIN backwards which then alerts the police. This message is not new, in fact, it started circulating the Internet in 2006.
So the big question… Is it true? Without a doubt… NO. At least not at any Central National Bank ATM in the state of Kansas or Nebraska. Trust us. We know what we’re talking about.
So how about all of the other hundreds of thousands of ATMs in our country? Well… the next time your friend posts something like that as their status update, or forwards you an email, feel free to send them to
This site is great for debunking all Internet circulated myths. In fact, if you read far enough down the page it will tell you the origin of the myth. What we didn’t know, is that this myth is rooted in some truths. Over the last few years, there have been several attempts to make this myth a reality; including a bill to the Kansas state senate’s Financial Institutions and Insurance Committee. The bill died in 2004.
Now I KNOW you’re asking yourself why. Why, would something that seems like such a good idea get shut down? Why, would banks not put an emergency signal into all ATMs?
Well, the answer is simple. Do you think you could remember your PIN with a gun to your head/back? I can hardly remember my PIN when I am in line at the store. The pressure is just too much. Especially if everyone behind u me has two items and I’m trying to stuff all 112 items back into my cart so the bread and eggs don’t get squished. I don’t know about you, but I can’t imagine trying to remember my PIN BACKWARDS if my life depended on it!
The article on Snopes points this scenario out as well as a few others. But, the one that makes the most sense to me is that triggering an emergency signal could put the ATM user in more danger than simply withdrawing the money and reporting the crime later. Not every criminal is dumb – so they’re likely to notice that something strange is going on.
Do yourself a favor and set people straight when the myth starts circulating again.
The Office of the Comptroller of the Currency yesterday issued an alert about fraudulent letters — distributed via email, fax, or postal mail — involving funds purportedly under the control of the OCC and other government entities.
“The letters may indicate that funds are being held by the Halifax Bank, London, England, and that the recipient will be required to pay a mandatory express service charge to have the funds released,” the OCC said. The letters are “being sent to consumers in an attempt to elicit funds from them and to gather personal information to be used in possible future identification theft.”
The letters also contain forged signatures of former OCC officials and a fictitious email address. The agency emphasized that any document claiming that the OCC is involved in holding any funds for the benefit of an individual or entity is fraudulent. “The [agency] does not participate in the transfer of funds for, or on behalf of, individuals, business enterprises or governmental entities,” the OCC said.
Read the OCC alert
View an example of the fraudulent letters
During the holiday season, cyber criminals aggressively create new ways to steal money and personal information. Scammers use many techniques to fool potential victims, including conducting email and texting schemes posing as their bank.
Please remember that Central National Bank will not use email or text messages to communicate issues with your debit card or on-line banking. If you receive a suspicious email or text, do not click on any link included in the communication. Instead call the Bank and we will happy to answer questions or concerns.
Our Business Value Checking account has recently been named one of the “Best Free* Business Checking Accounts” by the “nerds” at the popular financial advice company, NerdWallet.com. The people at NerdWallet strive to provide quality financial information and advice to consumers so they are better equipped to make decisions about finances, travel and higher education. Check out the article on their website at http://www.nerdwallet.com/blog/2012/best-business-checking-accounts/
*Please visit our website
for a full description of our fees that may be associated with this account.
Our service provider reports seeing increased activity with a malware screen takeover, which is targeting token users. This particular malware variant will prompt a user to input account and/or token data, which then results in another screen prompt indicating that the user will be unable to access the account for 24-hours while maintenance is performed. While the user is detained on the fake “maintenance” screen, it allows the fraudster enough time to take over the session and commit fraud.