 Friday, January 23, 2004 ( 12:48 PM ) Mary Beth The FDIC just sent out its Special Alert, warning of the scam email that we have written about below. You can access their email alert at: http://www.fdic.gov/news/news/SpecialAlert/2004/sa0504.html # ( 11:10 AM ) Mary Beth More about the scam involving FDIC I was able to view the actual message of the phishing email that purports to be from FDIC by going into Webmail. Would you believe it attempts to use the PATRIOT Act as part of its con????? WARNING: If you personally receive a copy of the scam email, do NOT click the link. The URL is spoofed. Because you are seeing the URL (or think you are), you think you know where the link is going to take you -- to the FDIC, a trusted site. HOWEVER, on the actual email, if you hold your mouse arrow over the link, instead of it going to fdic.gov/idverify/cgi-bin/index.html, it indicates that it would actually be going to something very, very different. According to CNET news, the link would take you to a Web server in Karachi, Pakistan. CNET indicates that the link is formatted to take advantage of an Internet Explorer flaw that allows an attacker to hide the true destination of the link. (Microsoft says they're working on the problem, which has been a known vulnerability for more than a month.) Your browser, and your computer, would be hijacked, in other words, and you would be taken to someplace other than what you expect and potentially exposed to malicious code, or tricked into revealing confidential information. Here's what the email says: Subject: Important News About Your Bank Account Date: Jan 23, 2004 3:09 PM To whom it may concern; In cooperation with the Department Of Homeland Security, Federal, State and Local Governments your account has been denied insurance from the Federal Deposit Insurance Corporation due to suspected violations of the Patriot Act. While we have only a limited amount of evidence gathered on your account at this time it is enough to suspect that currency violations may have occurred in your account and due to this activity we have withdrawn Federal Deposit Insurance on your account until we verify that your account has not been used in a violation of the Patriot Act. As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on your account until such time as we can verify your identity and your account information. Please verify through our IDVerify below. This information will be checked against a federal government database for identity verification. This only takes up to a minute and when we have verified your identity you will be notified of said verification and all suspensions of insurance on your account will be lifted. http://www.fdic.gov/idverify/cgi-bin/index.htm Failure to use IDVerify below will cause all insurance for your account to be terminated and all records of your account history will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials. Thank you for your time and consideration in this matter. Donald E. Powell Chairman Emeritus FDIC John D. Hawke, Jr. Comptroller of the Currency Michael E. Bartell Chief Information Officer I've spoken to the acting director of the Office of Public Affairs for the FDIC and, as expected, they are right on top of it. As I spoke to them, they were putting the finishing touches on an email to send out to their regular listserv subscribers, as well as an alert for the front page of their Web site. They have been working with the FBI and are hot on the trail of the perps. Stay tuned. I'd say the bad guys picked the wrong folks to mess with! # ( 9:39 AM ) Mary Beth Emails Not Real, But Convincing-Sounding Yeah, I know. You're tired of hearing about phishing scams. But this week we've seen two that were pretty amazing. The latest came to my email inbox today. It showed the sender to be FDIC (which obviously was NOT the real sender). The subject line read "Important News About Your Bank Account". I would have been virtually guaranteed to click -- and, actually, did click, but it turned out that McAfee had detected a threat in the email and protected me from it. The attachment "E-mail body" is infected with the Exploit-URLSpoof.gen Trojan and was quarantined. It's getting BAD out there! The other was the U.S. Bank-targeted phishing scam sent to us by BOL User Jeanne Applegate. Here's how it read: Subject: Your account at U.S. Bank has been suspended. Dear U.S. Bank account holder, We regret to inform you, that we had to block your U.S. Bank account because we have been notified that your account may have been compromised by outside parties. Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some activity related to your account that indicates that other parties may have access and or control of your information in your account. These parties have in the past been involved with money laundering, illegal drugs, terrorism and various Federal Title 18 violations. In order that you may access your account we must verify your identity by clicking on the link below. Please be aware that until we can verify your identity no further access to your account will be allowed and we will have no other liability for your account or any transactions that may have occurred as a result of your failure to reactivate your account as instructed below. Thank you for your time and consideration in this matter. https://www.usbank.com/account_verify/cgi/index.htm Convincing, don't you think? # Wednesday, January 21, 2004 ( 7:35 PM ) Mary Beth Had a great time out at the Compliance Summit in San Diego last week. Congratulations to Sai Huda and the rest of the team at Compliance Coach for pulling together a fine lineup of speakers and subjects. Enjoyed meeting several BOLers out there. Two who sat next to me at lunch said they recognized me by my voice from attending BOL Learning Connect Webinars! # Sunday, January 18, 2004 ( 10:14 AM ) Andy As a follow-up to Michele's Jan. 11 phishing post, CitiBank, through this Forbes.com and Reuters News Service article have officially released information warning customers of these scams. # Friday, January 16, 2004 ( 8:43 AM ) Andy FinCEN News, 12-17-03 reports on the progress of the 314(a) requests for a 9 month period: 188 requests from 10 federal agencies identified 1,256 people * 64 terrorism/terrorist financing * 124 money laundering resulting in: Grand Jury Subpoenas 407 Search Warrants 11 Administrative Subpoenas/Summons 21 Indictments 3 # Sunday, January 11, 2004 ( 3:10 PM ) Michele Email Phishing I was surprised by a new phishing scam as I reviewed my email this weekend. The text of the email was more convincing than some previous phishing scams I had seen. The good news for those of us who are religious about keeping our virus protection up to date, is that the virus detection software prevented me from inspecting the code or clicking on the link. That's good news! The bad news of course is that so many people are lax in keeping their computers protected. Click over to the tech section to see a copy of the email and read some tips to help you education your customers about these scams. # Friday, January 09, 2004 ( 7:18 AM ) Andy The FTC & a Federal District Court have two identity thieves selling non-existent good on Internet auctions. The default judgment permanently bars them from participating in Internet auctions; making misrepresentations about any product or service for sale on the Internet, using consumers’ personal information without their approval; and selling or otherwise disclosing consumers’ personal or financial information.The FTC story is here. First the FTC went after them, the the U.S. Attorney for related mail fraud. Now the trick is monitoring this. # Thursday, January 08, 2004 ( 9:18 AM ) Michele Identity Thieves Strike in Car Loan Scam People with poor credit ratings found a twisted way to improve their ability to secure a loan by adding deceased individuals as co-signers on their car loan application. According to police reports, 27 individuals in Georgia were arrested for using the identities of dead people to serve as co-applicants on their car loans. The scam was traced to a single individual who would scour the obituaries for names of people who recently died. The individual then paid an Internet search company for background checks on the names and obtained Social Security numbers, dates of birth and credit histories of the deceased. The individual would in turn sell the information to people with poor credit histories for between $500 - $600 per incident. According to police reports about 100 cars were purchased in the past five years using identities of dead people in Georgia, California, Oklahoma, Ohio and Virginia. # |
|