CURRENT FRAUD ALERTS
Fraudulent "FDIC Notification" E-Mails with Attachment (9/1/2011)
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that appear to be from the FDIC and contain an infected attachment.
The fraudulent e-mails have addresses such as "firstname.lastname@example.org" or "email@example.com" on the "From" line. The message appears, with spelling and grammatical errors, as follows:
Subject line: "FDIC notification"
Your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document(pdf) attached below.
As soon as it is setup, you transaction abilities will be fully restored.
Best Regards, Online Security departament, Federal Deposit Insurance Corporation."
The e-mails contain an attachment "FDIC_document.zip" that will likely release malicious software if opened. These e-mails and attachments are fraudulent and were not sent by the FDIC. Recipients should consider these e-mails an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should NOT open the attachment.
Financial institutions and consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names, and narratives. The FDIC does not directly contact consumers, nor does the FDIC request bank customers to install software upgrades.
Information about counterfeit items, cyber-fraud incidents, and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 3501 North Fairfax Drive, CH-11034, Arlington, Virginia 22226, or transmitted electronically to firstname.lastname@example.org
. Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.
For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2011/index.html
. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html
Fraudulent Emails Claiming to be from NACHA (Phishing Alert Update 3/29/2011)
Further to notices issued on March 11 and February 22, 2011, NACHA – The Electronic Payments Association
has received reports that individuals and/or companies continue to receive fraudulent emails that have the
appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from
email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA
employees and/or departments.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and
financial institutions. NACHA does not send communications to persons or organizations about individual
ACH transactions that they originate or receive.
Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code
and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from
parties with whom you do not normally communicate, or that appear to be known but are suspicious or
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus
specialist to remove malicious code or re-install a clean image of the computer system.
Always use anti-virus software and ensure that the virus signatures are automatically updated.
Ensure that the computer operating systems and common software application security patches are installed
Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation
E-mail claiming to Be From the FDIC (1/10/2011)
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.
The subject line of the e-mails state: "Account Insurance from the FDIC" or "FDIC Insurance." The e-mail tells recipients that their "account has been denied insurance from the Federal Deposit Insurance Corporation due to suspected violations of the Patriot Act." The e-mail goes on to ask recipients to "verify through our IDVerify below," stating that "information will be checked against a federal government database for identity verification." The e-mail says that it is from "Donald E. Powell, Chairman Emeritus FDIC; John D. Hawke, Jr., Comptroller of the Currency; and Michael E. Bartell, Chief Information Officer."
This e-mail and associated Web site are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers and should not click on the link provided.
The FDIC does not issue unsolicited e-mails to consumers. Financial institutions and consumers should NOT follow the link in the fraudulent e-mail.