Active
as of 11/12/09 NACHA
failed ACH transaction Email Scam Active
as of 11/12/09
The Electronic Payments Association has issued an advisory to financial institutions about phishing emails designed to appear as if they were sent from NACHA warning users about failed ACH transactions. The e-mail includes a link that, if clicked, redirects the individual to a fake web page that appears to be a NACHA website and contains a link that almost certainly leads to a Jabber/Zeus malware download.
| Phishing E-mail Sample Content
From: nacha.org [mailto:report@nacha.org] Sent: Thursday, November 12, 2009 10:25 AM To: Doe, John
Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below: Unauthorized ACH Transaction Report (this is how the link is presented) |
Do not click on the links nor respond in any way to these emails. NACHA is aware of the phishing attack and has an article on their home page at www.nacha.org.
Credit
Union National Association "Phishing" Scam Active
as of 10/1/09
A new "phish" email is circulating that claims to be from the Credit Union National Association. It claims that unusual activity has occurred on your account, and requests that you click on a link and provide private information in order to restore account access. It may look like this:
| Dear valued
Credit Union National Association member:
Credit Union National Association is committed to maintaining a safe environment for its community of buyers and sellers. To protect the security of your account, Credit Union National Association employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the Credit Union National Association system for unusual activity. Recently,
our Account Review Team identified some unusual activity in your account.
In accordance with Credit Union National Association's User Agreement
and to ensure that your account has not been compromised, access to your
account was limited. Your In order to secure your account and quickly restore full access, we may require some specific information from you for the following reason: We would
like to ensure that your account was not accessed by an unauthorized third
party. Because protecting the security of your account Case ID Number: PP-040-187-541 We encourage
you to log in and restore full access as soon as possible. Should access
to your account remain limited for an extended period of However, failure to restore your records will result in account suspension. Please update your records on or before October 02, 2009. Once you have updated your account records, your Credit Union National Association session will not be interrupted and will continue as normal. |
Do not click on the links nor respond in any way to these emails. Please notify us immediately and forward a copy of the phish with the header information if possible. Our IT Department needs to examine the phish emails to work with Internet Service Providers to shut down the fake websites. We appreciate your assistance.
Debit Card Phone "Vishing" Scam Active
as of 3/16/09
We have been notified that a phone vishing scam has been directed at La Capitol. Members and non-members are receiving automated phone calls stating that their debit/credit card has been deactivated. The phone message mentions La Capitol by name. The recipients are given an opportunity to deactivate or reactivate their cards. They are also given an option to enter their card number and PIN. If a La Cap member has provided card or pin information, please direct them to call La Cap immediately at 800-522-2748 or 225-342-5055 to report the event. The card will be blocked and reissued. If no member information was provided, no further action is necessary. If a non-member was affected and provided card information, they should call the financial institution that issued their debit/credit card.
Please remember to be cautious about providing personal information. La Cap does not request information of this nature over the phone. Notify us immediately if you receive such a call, so that we may take appropriate action. We appreciate your assistance
Sweepstakes
Scam Active
as of 12/11/08
A new Sweepstakes scam is circulating.
The member receives a letter claiming that they are one of the winners of a "Shoppers Sweepstakes" and are entitled to a large sum of prize money. The letter provides numerous details in an attempt to convince the receipient that it is real.
Included with the letter is a check for $4890.00 and instructions to call a given phone number before cashing the check. As detailed in the letter, you are expected to send $2985.00 by Moneygram or Western Union to cover government taxes on the winnings. DO NOT send money or cash the check — it is fraudulent.
Samples of the letter and check can be seen here.
This is only ONE example of the Check Fraud Scams that are being circulated through the postal mail and through email.
If you have any information about these checks or have received one, please contact us at 1-800-522-2748 and fax a copy of the check to 1-800-297-2717.
For more information on check fraud scams visit the U.S. postal website - http://www.fakechecks.org
DO NOT RESPOND TO THESE OFFERS. THEY ARE SCAMS.
New
Credit Card Scam Active
as of 8/7/08
The latest credit card scam happening now works as follows:.
The member gets a call from someone saying they are from VISA or MasterCard. The caller says they are from the Security and Fraud Department and give a badge number. They say that the member's card has been flagged for an unusual purchase pattern and they are calling the member to verify. The caller tells the member that it is on their VISA (or MasterCard) and issued by (name of their bank) and then ask if they purchased an Anti-Telemarketing Device for $497.99 from a marketing company in Arizona.
When the member says they didn't make the purchase, the caller says they will be crediting the member back the amount of the purchase but they need to verify the member is still in possession of their card. They verify by asking the member for their CVV (Card Verification Value) which is the code on the back of their card. The caller makes everything sound legitimate by giving member's phone numbers and telling them to call back if they have any questions. This is a SCAM, and if the member gives them their CVV number, they will not get a credit, they will have fraudulent charges made to their account instead.
VISA or MasterCard will never ask for any of your personal information — including the CVV number. If you have given your CVV number out, please notify us immediately at 800-522-2748 or 225-342-5055 and check your account for fraudulent activity.
"Phish"
Email - Security Update Active
as of 2/27/08
A new "phish" email is circulating that claims to be from La Cap. It claims that La Cap is updating its security software, and requests that you click on a link and provide private information. It may look like this:
| Dear member:
The security of your personal data is our utmost concern at LACAPFCU. This is why we are sending you this urgent message. We are updating our security software, and we need you to confirm your account information urgently. This is intended to provide you with the best security possible when accessing your account online. Please follow the link below to start the security update: http://www.lacapfcu.org/update/ It is our commitment
to you that access to your financial information is appropriately secure. Sincerely, |
Do not click on the links
nor respond in any way to these emails. Please notify us immediately and
forward a copy of the phish with the header information if possible. Our IT
Department needs to examine the phish emails to work with Internet Service Providers
to shut down the fake websites. We appreciate your assistance.
Email
and Telephone Scams Using the IRS Name Active
as of 2/6/08
The Internal Revenue Service warns taxpayers to beware of several current e-mail and telephone scams that use the IRS name as a lure. The IRS expects such scams to continue through the end of tax return filing season and beyond.
In particular, the IRS cautions taxpayers to be on the lookout for scams involving proposed advance payment checks. The goal of the scams is to trick people into revealing personal and financial information, such as Social Security, bank account or credit card numbers, which the scammers can use to commit identity theft.
In addition, there are numerous
other scams brought to the attention of the IRS: rebate phone call, refund e-mail,
audit e-mail, changes to tax law e-mail and paper check phone call. For more
information on these scams or to learn how to report such incidents to the IRS,
please refer to http://www.irs.gov/newsroom/article/0,,id=178061,00.html
"Phish"
Email - Credit
Card Charges Active
as of 1/31/08
A new "phish" email is circulating as of 1/31/08 that claims to be from La Cap. It claims that charges have been made to your credit card and requests that you click on a link and provide private information. It may look like this:
|
Dear La Capitol F.C.U. Customer, We have detected unusual activity in your online account, caused by a 3rd-party intrusion. There were made several charges to your credit card. In order to cancel these charges, complete our online form by clicking on the following link: Click here to access the online form By completing our online form your are in accordance with our Terms of Agreement and your online access will be continued as normal. Thank you for taking your time! Please do not reply
to this notification email as it will not be reviewed. |
Do not click on the links
nor respond in any way to these emails. Please notify us immediately and
forward a copy of the phish with the header information if possible. Our IT
Department needs to examine the phish emails to work with Internet Service Providers
to shut down the fake websites. We appreciate your assistance.
"Phish" Email - Internet Account Password
A new "phish" email is circulating that claims to be from La Cap. It claims someone has attempted to reset your La Cap Internet Account Password, and requests that you click on a link and provide private information. It may look like this:
|
Your La Cap's Internet Account Password may have been compromised. We recently noticed one or more unsuccessfull attempts to reset your La Cap's Internet Account password on 12/13/2007. At La Cap, we care about your security so, for your protection we are proactively notifying you of this activity. If you did not try to reset your password, please sign in to www.lacapfcu.org and review your account (s) for any irregular activity. If you do not recognize any transactions, please contact us immediately at 800-522-2748. This service message was delivered to you as an La Cap's Internet Access customer to provide you with updates, offers and notifications. If you have any questions, please contact us at 800-522-2748, from 7 a.m. to 7 p.m. Monday through Friday and Saturday from 7 a.m. to 2 p.m. Central Time. Please do not reply to this message. To contact us through e-mail, use our secure connection by logging in to your Internet Account. and clicking on Contact Us. Online Services |
Do not click on the links
nor respond in any way to these emails. Please notify us immediately and
forward a copy of the phish with the header information if possible. Our IT
Department needs to examine the phish emails to work with Internet Service Providers
to shut down the fake websites. We appreciate your assistance.
Fraudulent La Capitol FCU official checks have been found in circulation.
People from around the country are reporting that official looking checks bearing the La Capitol name are being used in a check fraud scheme.
The current scheme involves a letter that asks you to participate in a "Mystery Shopper" program and provides a check in the amount of $3,750.00, in the hope that you will deposit the check, complete the Acceptance form and become one of their so called "employees."
The breakdown of the funds as stated in the letter is:
|
This is only ONE example of the Check Fraud Scams that are being circulated through the postal mail and through email.
If you have any information about these checks or have received one, please contact us at 1-800-522-2748 and fax a copy of the check to 1-800-297-2717.
For more information on check fraud scams visit the U.S. postal website - http://www.fakechecks.org
DO NOT RESPOND TO THESE OFFERS. THEY ARE SCAMS.
A new "phish" email is circulating that appears to be from La Cap. It says that you have an "alert" message and may look like this:
|
You have 1 new ALERT
message To Login, please click the link below: La Capitol Federal Credit Union Online Banking |
This is a fraudulent email
commonly know as a "phish". You will never receive anything requesting
account access information from La Cap, our federal regulator, our auditors,
our trade associations, or our business partners. At most, you may receive a
confirmation letter in the mail asking you to confirm account balances that
are provided to you in the letter or statement.
Do not click on the links nor respond in any way to these emails. Please notify
us immediately and forward a copy of the phish with the header information if
possible. Our IT Department needs to examine the phish emails to work with Internet
Service Providers to shut down the fake websites. We appreciate your assistance.