Skip Ribbon Commands
Skip to main content
Navigate Up
Help (new window)
Sign In

Bankers Trust

Bankers Trust
Stay Connected:
Linked InFacebook
Find a Branch or ATM
Des Moines/Security/Special Alerts

Special Alerts

Bank Security

Fraud Alert: "FBI" Ransomware

05/24/13 - Security firm Webroot is tracking yet another spike in Ransomware claiming to be the FBI. This time, they are tracking instances worldwide, targeting both businesses and consumers.

Ransomware is a type of malware that locks your computer screen demanding payment to gain a code that supposedly will unlock it - literally ransoming access to your own computer. Ransomware prevents the user from being able to access anything on their computer.

People are reportedly paying anywhere from $200 - $400 to these criminals, hoping to get their computer back, but it never happens. Generally criminals simply demand more money for "new violations" the user supposedly committed. The recent campaign using the FBIs name (and threats of arrests) has proven successful and criminals are ramping up efforts.

Fraud Alert: BBB Issues Nationwide Warning

 

07/05/12 - The Better Business Bureau (BBB) has issued a nationwide warning about a new scam claiming that President Obama will pay consumers’ utility bills through a federal program.

Consumers are being contacted via telephone, fliers, social media and text messages and various other means with claims that President Obama is providing credits or applying payment to utility bills. 
 
To receive the money, scammers claim to need the consumer’s Social Security Number (SSN), financial institution routing number and account number. In return, the consumers are given a fraudulent financial institution routing number to use in order to pay their utility bills through an automated telephone service.
 
The payment service initially seems to accept the payment but then declines it within a few days of finding the banking information to be invalid. The consumer’s bill has not been paid and his/her SSN and personal financial information have been compromised. 

The BBB offers the following tips to help consumers avoid becoming victim of this scam:
  • Never provide your SSN, credit card number or banking information to anyone who calls you, regardless of whom they claim to be representing. 
  • If you receive a call claiming to be your utility company and feel pressured for immediate payment or personal information, hang up and call the customer service number on your utility bill.
  • Never allow anyone into your home to check electrical wiring, natural gas pipes or appliances unless you have scheduled an appointment or reported a problem. Also, ask the employee for proper identification.
  • Think safety first, always. Do not give in to high pressure tactics for information over the phone or in person. 

FBI Steps Up 'Internet Doomsday' Awareness

 

05/09/12 - The FBI is warning consumers they may lose their Internet connection after July 9 unless they disinfect their computers and rid themselves of the DNS Changer malware.  This malware, which can infect both Windows PCs and Mac, redirects computers to hacker-created websites and also prevents users from updating or using anti-virus software. The FBI plans to shut down the server and prevent infected PCs from reaching the web.​  To determine if your computer is infected, visit the DNS Changer Check-Up site​.​

Phishing Attack Targeting SHAZAM
 
04/20/12 - SHAZAM is aware of a phishing attack being broadcast through the Twitter hashtag #shazamdebitcard. This attack has led to the creation of several fraudulent “Shazam Debit Card” Internet sites. The sites claim to be collecting information for fast-cash loans; therefore, personal information, such as a person’s Social Security number, date of birth, and driver’s license number, is being targeted.

SHAZAM Response 
The SHAZAM Corporate Security team has initiated our incident response procedures, and we are in the process of removing all associated URLs and disabling the #shazamdebitcard Twitter hashtag. 

Action
Please ensure you instruct both your employees and cardholders to ignore any such sites and the Twitter hashtag #shazamdebitcard. If you have an employee or cardholder who has entered sensitive data on one of these sites, please call SHAZAM Client Support immediately at the telephone number listed below and we will assist you in any way that we can. 

For More Information 
SHAZAM apologizes for any inconvenience this fraudulent activity is causing, and we thank you for your assistance in helping minimize the threat posed by the phishing attack. If you have any questions, please call SHAZAM Client Support at 1-800-537-5427 (option 2). 

On Assignment: How To Steer Clear Of Cybercrime Hackers

03/22/12 - Rock Center with Brian Williams had a story on cybercrime hackers that is worth reading. The story and video can be found here​

Banking Trojan Hijacks Live Chat To Run Real-Time Fraud ​

03/22/12 - A new attack on the Shylock malware platform is hijacking live chat sessions to get business banking customers to hand over their credentials or authorize fraudulent transactions. This Man-In-the-Browser assault interrupts an online session to chat up the victim about a “system check” while the cyber crook simultaneously completes the theft in real-time.
 

FDIC Issues Special Alert On Fraudulent E-Mails With Infected Attachment

 09/02/2011 - The FDIC yesterday issued a special alert on fraudulent e-mails that appear to be sent from the agency and contain an infected attachment. The bogus e-mails have addresses on the "From” line such as "no.reply@fdic.gov” or “notify84zma@fdic.gov"; inform recipients that their “account ACH and WIRE transaction have been temporarily suspended for security reasons”; and contain spelling and grammatical errors. The e-mails’ attachment -- “FDIC_document.zip” -- is likely to release malicious software if opened, the FDIC said.
 
 

Warning from the Des Moines Police Department

06/15/2011 - A warning issued by Des Moines police has reported that an out-of-state crime ring has been targeting gyms and sports facility parking lots, breaking into vehicles to steal purses or checkbooks and committing identity theft. Please be sure not to leave valuables in your vehicles. The crime ring has hit several communities throughout the Midwest over the past several months.
 

ABA Warns Bankers about Fraudulent E-Mail

06/07/2011 - ABA’s name is being used in a new phishing e-mail, the association learned yesterday. The e-mail informs recipients that the ABA eLearning portal database has been compromised and instructs them to reset their user name and password using an enclosed link.
 
The e-mail is fraudulent, and recipients should not click on the link.
While phishing for personal financial information has been a long-standing practice, criminals are increasingly phishing for access to other corporate accounts in an attempt to steal passwords and other account identifiers.
 
ABA is working to identify the source of the e-mails and to disrupt them. Anyone who encounters this or a similar “phish” is asked to contact ABA. For more information, contact ABA's Tom Ladenburg.
 

IRS Scam: Phishing by Fax

03/30/2011 - Scammers typically kick into high gear during tax season in the United States, which tends to bring with it a spike in phishing attacks that spoof the Internal Revenue Service. Take, for example, a new scam making the rounds via email, which warns of discrepancies on the recipient’s income tax return and requests that personal information be sent via fax to a toll-free number.
 
A new phishing campaign that began sometime in the last 24 hours is made to look like it was sent from "irs@irsonline.gov", and urges recipients to fill out, print, and fax an attached PDF tax form. From the scam email:
 
"This is in reference to your 2010 U.S. Individual Income Tax Return we seem to have some discrepancies with your filing. If you have already filed for your 2010 tax refund please get hold of a new form 1040 and mail it to the Department of the Treasury in your region.
 
If for any reason you have not yet filed for your 2010 Individual
Income Tax Return please print out the attached PDF form, fill it and
fax it to the IRS data center on (866) 513-7982 within 24 hours.
 
This has no bearing on your 2010 U.S. Individual Income Tax Return,
this to update our data and survey while we prepare to close the 2010
tax filing season.
 
Thank you"
 
That 866- phone number is currently returning a fast-busy signal, which suggests either that a lot of people are falling for this scam, or that anti-scammers are speed-dialing the number in a bid to prevent would-be victims from faxing in their forms. My guess is that this scam is tied to some kind of automated service that scans faxes and then emails the phishers copies of the scanned images.
 
It’s worth noting that the data requested in this bogus IRS form includes the Social Security number, e-File PIN and adjusted gross income, all of which are crucial pieces of information that the IRS uses to authenticate taxpayers.
 
The IRS has been careful to note that while it may conduct follow-up correspondence with taxpayers via email if the taxpayer chooses to communicate that way, it will never reach out to taxpayers via email. Consumers can report any tax-related phishing scams to phishing@irs.gov.
 

Fraudulent Emails Claiming to be from NACHA

03/29/2011 - NACHA, the Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.
 
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
 
Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
 
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.
 
Always use anti-virus software and ensure that the virus signatures are automatically updated.
 
Ensure that the computer operating systems and common software application security patches are installed and current.
 

Vishing Fraud Attack

02/02/2011 - SHAZAM has seen an increase in vishing fraud reports since 12:00 p.m. CT yesterday, February 1, 2011. Multiple reports have been from cardholders receiving automated and live telephone calls demanding account information. In at least one case, a message was left on a cardholder’s telephone, asking the cardholder to call back a toll-free telephone number to enter account information.
 
Unlike previous vishing attacks that follow a single source point or method of operation, these reports have varied widely. Some calls have referenced “Visa® debit” or MasterCard® debit”; some have referenced “your SHAZAM debit card”; and others have made no reference to an organization. Again, some have included recorded messages while others have had a live operator or callback option. One trend SHAZAM has noticed is some calls listing a “spoofed” caller identification number of 1402.
 
These calls are fraudulent and have not been authorized by SHAZAM. Your institution may be contacted if your cardholders begin to be targeted. Please educate your customers about the fraudulent nature of these telephone calls and inform them not to release information. If your cardholders have released information because of receiving one of these calls, take appropriate action by hot carding their accounts.

If you have any questions, please contact SHAZAM Client Support at (800) 537-5427 (option 2).
 

E-mails fraudulently claiming to be from the FDIC

01/12/2011 - The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that "in cooperation with the Department of Homeland Security, federal, state and local governments…" the FDIC has withdrawn deposit insurance from the recipient's account "due to account activity that violates the Patriot Act." It further states deposit insurance will remain suspended until identity and account information can be verified using a system called "IDVerify." If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient's computer.
 
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
 
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.
​​​
Bankers Trust logo
© Bankers Trust Company
Member FDIC Equal Housing Lender
Equal Housing Lender Member FDIC, Affirmative Action/Equal Opportunity Employer