Heart Bleed Bug FAQ for bank customers
Confirm Email Address, Account Information or Identity In many fraudulent email scams, you are requested to confirm your email address, account information or your identity for one of many reasons, including:
New account registration Change in email address or password Account information has been amended Numerous login attempts–account restricted Your account was accessed by one or more foreign IP addresses The email provides a link to what appears to be a First Federal Savings Bank site but is really a fraudulent Web site. This is an attempt to steal your personal information or download spyware. These emails are fraudulent. First Federal will NEVER send you an email REQUESTING confidential account or personal information.
Service Deactivation Threat Fraudulent emails often circulate claiming some account services will be deactivated or deleted. It asks you to sign in to a fraudulent Web site to renew these services in an attempt to steal your personal information.
Virus Alert–Install Software Update Another fraudulent email claims "our" firewall has determined that emails containing worm copies are being sent from your computer. It asks that you install updates for worm elimination and "your computer restoring." A file is attached and may be named something like "Update-KB1218-w86exe". This email or any like it are NOT from First Federal. This is a scam. Any action taken as a result of such an email could compromise your computer. First Federal will NEVER send you an email requesting the download of software.
"Account Manager" Scam One email and the Web scam offers to let you become an "Account Manager" or "Transfer Agent" for a third party, usually someone in an African or ex-Soviet bloc country.
Scammers try to solicit you through an email or an advertisement on the Web, offering to let you "work from home" and be an Account Manager or "Money Transfer Agent" for them, thus letting you "earn" commissions (usually 5%) for your trouble. They then transfer money OUT of an unsuspecting person's account and into yours. Once the money is in your account, they ask you to send it to them via Western Union.
Counterfeit Cashier's Check Scam In response to a listing on an Internet auction or other site, a buyer (often from a foreign country) purchases the item and sends you a cashier’s check for a lot more than the agreed-upon selling price. The buyer then asks you to wire the excess funds back. Within a week, the bank is notified that the check is a worthless counterfeit and you are out thousands of dollars. In these scams, the cashier’s checks are excellent counterfeits and very difficult to spot.
In another twist to this scam, the buyer requests your bank account and routing numbers so that he or she may wire funds to your account. Do NOT give your account numbers to anyone.
Million Dollar Sweepstakes or Windfall Scam In another widespread scheme, a person receives an unsolicited letter, email or fax from an "official" in a foreign government offering to share a multimillion dollar windfall in "over-invoiced contract funds."
The "official" claims to need your bank account number and other personal information to transfer the money out of his country. And he will also "need" up-front cash from you to bribe other officials. You could lose the entire contents of your checking account. Beware!
A recent variation on this scam is a letter that contains a fraudulent credit card (or a large denomination Visa or MasterCard gift card) that is supposed to serve as your windfall "winnings" in a drawing or other contest. But you must first provide the scammer with confirmation of your identification information, and the letter may also ask for you to provide money up front in order for you to "activate" the fake card and get your prize.
Remember - If it's too good to be true, IT IS!
Fraudulent E-Mails Claiming to Be From the FDIC E-mails fraudulently claiming to be from the FDIC are attempting to trick recipients into installing unknown software on personal computers. These e-mails falsely indicate that recipients should download and open a "personal FDIC insurance file" to check their deposit insurance coverage. The "insurance file" may actually be a form of spyware or malicious code and may collect personal or confidential information.
The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails appearing to be sent from the FDIC that are asking recipients to download and open a "personal FDIC insurance file" to check their deposit insurance coverage. These e-mails are fraudulent and were not sent by the FDIC. The FDIC is attempting to identify the source of the e-mails and disrupt the transmission.
Currently, the subject line of the fraudulent e-mails includes the wording "check your Bank Deposit Insurance Coverage." The e-mails state: "You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets."
The e-mails ask recipients to "visit the official FDIC website" by clicking on a hyperlink provided, which appears to be related to the FDIC and directs recipients to a fraudulent Web site. The Web site includes hyperlinks that appear to open forms. However, it is believed that clicking on the hyperlinks will cause an unknown executable file to be downloaded. While the FDIC is working with the United States Computer Emergency Readiness Team (US-CERT) to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to online banking services or to conduct identity theft. Financial institutions and consumers should NOT access the Web site or download the executable files provided on the Web site.
Visa®/MasterCard® Security Code Scam In this scam, the caller claims to work for the fraud department at Visa or MasterCard and tells you his badge number. He then asks if you recently purchased an anti-telemarketing device for $500. When you say "no," he tells you that his fraud department has been watching that company. He offers to block the charge. Because he has secured your name, credit card number and expiration date from a charge receipt, he is convincing when he provides you with this information to verify.
What he does not know–and wants you to divulge–is the three-digit security code on the back of your card. Without it, he cannot use your credit card number to shop on many sites on the Internet. Don't give out your code. Hang up.
To begin with, credit card companies–such as Visa and MasterCard–are not the credit card issuer. Financial institutions–such as banks and credit unions–issue credit cards. And credit card companies DO NOT call cardholders asking to disclose any information about their cards.
If you ever get an email, phone call or letter supposedly from First Federal Savings Bank asking for you to provide or verify your personal identification or bank account information, please contact your local bank branch. If you recieve a notice asking you for up-front money to claim a windfall, IT IS A SCAM or an attempt at identity theft.
When in doubt, don't respond to the email address or phone number contained in the request – Instead, call us at (888) 415-3279.
Call the 24x7 Fraud Hotline: 1-800-264-5578 to report a lost or stolen card.