Fraudulent E-mails/Pfishing Schemes
Recently we have received a few calls from customers regarding suspicious emails they've received. Please be aware that there are phishing schemes involving emails that appear to be from IRS.gov, NACHA.org. as well as FDIC.gov. Here is some information that may be beneficial to you, our valued customers:
From IRS.gov website:
The IRS never sends out unsolicited emails, and under no circumstances, requests credit card information and pin numbers through email. Persons receiving emails that claim to be from the IRS should not attempt to visit any site contained within the email and should report suspicious emails to TIGTA or IRS.
Please notify the IRS of any phishing attempts by forwarding the suspicious e-mail to firstname.lastname@example.org. Materials forwarded to this mailbox will be examined and acted on by our information security staff.
From FDIC.gov website: E-mail Claiming to Be From the FDIC - June 3, 2011
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.
The e-mail appears to be sent from "email@example.com" and includes a subject line that states: "FDIC: Your business account."
The e-mail is addressed to "Dear Business Customer" and states "We have important information about your financial institution. Please click here to find details." It then states, "This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership."
This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided.
The FDIC does not issue unsolicited e-mails to consumers or business account holders.
We have started detecting new, slight variations of the e-mail (highlighted below).
Some e-mails now appear to be sent from our "firstname.lastname@example.org" e-mail address, as well as our "email@example.com" e-mail address. Another example has the appearance of coming from "firstname.lastname@example.org" (no such employee exits, I believe).
Some e-mails are addressed to "Dear Business Owner," instead of "Dear Business Customer."
Some e-mails state, "We have important news regarding your bank," instead of "We have important news regarding your financial institution."
6/24/2011 - FRADULENT EMAILS APPEARING TO COME FROM NACHA
PLEASE BE ADVISED THERE ARE FRADULENT EMAILS APPEARING TO COME FROM NACHA EMAIL ADDRESS
The Electronic Payments Association (email@example.com) or The Electronic Payments Association (firstname.lastname@example.org) Action Requested NACHA requests that financial institutions, billers, and payment providers ensure that their frontline staff — those who interact with customers — understand the sustained and evolving nature of these attacks. Organizations may wish to consider designating a focal point to coordinate communications and awareness internally and with customers. Kindly instruct customers to forward fraudulent emails they receive that appear to come from NACHA to email@example.com for analysis. Caution your customers not to open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom they do not normally communicate, or that appear to be known but are suspicious or otherwise unusual. Direct them to forward suspected fraudulent emails appearing to come from NACHA to firstname.lastname@example.org to aid in our efforts with security experts and law enforcement officials to pursue the perpetrators. If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software application security patches are installed and current. Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation (FDIC).