Jury Duty Phone Scam
The phone rings, you pick it up, and the caller identifies himself as an officer of the court. He says you failed to report for jury duty
and that a warrant is out for your arrest. You say you never received a notice. To clear it up, the caller says he'll need some information for “verification purposes”-your birth date, social security number, maybe even a credit card number.
This is when you should hang up the phone. It’s a scam.
Jury scams have been around for years, but have seen a resurgence in recent months. Communities in more than a dozen states have issued public warnings about cold calls from people claiming to be court officials seeking personal information. As a rule, court officers never ask for confidential information over the phone; they generally correspond with prospective jurors via mail.
The scam’s bold simplicity may be what makes it so effective. Facing the unexpected threat of arrest, victims are caught off guard and may be quick to part with some information to defuse the situation.
“They get you scared first,” says a special agent in the Minneapolis field office who has heard the complaints. “They get people saying, ‘Oh my gosh! I’m not a criminal. What’s going on?’” That’s when the scammer dangles a solution-a fine, payable by credit card, that will clear up the problem.
With enough information, scammers can assume your identity and empty your bank accounts.
“It seems like a very simple scam,” the agent adds. The trick is putting people on the defensive, then reeling them back in with the promise of a clean slate. “It’s kind of ingenious. It’s social engineering.”
In recent months, communities in Florida, New York, Minnesota, Illinois, Colorado, Oregon, California, Virginia, Oklahoma, Arizona, and New Hampshire reported scams or posted warnings or press releases on their local websites. In August, the federal court system issued a warning on the scam and urged people to call their local District Court office if they receive suspicious calls. In September, the FBI issued a press release about jury scams and suggested victims also contact their local FBI field office.
In March, USA.gov, the federal government’s information website, posted details about jury scams in their Frequently Asked Questions area. The site reported scores of queries on the subject from website visitors and callers seeking information.
The jury scam is a simple variation of the identity-theft ploys that have proliferated in recent years as personal information and good credit have become thieves’ preferred prey, particularly on the Internet. Scammers might tap your information to make a purchase on your credit card, but could just as easily sell your information to the highest bidder on the Internet’s black market.
Protecting yourself is the key: Never give out personal information when you receive an unsolicited phone call.
[Source: fbi.gov]
…
Keep reading…USB Devices Can Be Virus Sources
Unauthorized portable Universal Serial Bus storage devices have been found to be a source of potentially destructive computer viruses
, according to technology experts. Some cybercriminals have deliberately left the infected USBs in public places for others to pick up and use, says Alan Nevels, ICBA Bancard's senior vice president of operations and card risk. In such cases, the devices contain spyware or malware that can automatically load onto a computer system when used. Banks and other companies should warn staff not to use unauthorized USB devices.…
Keep reading…Many Online Consumers Feel Vulnerable
An independent national survey of 2,500 online banking consumers reportedly found that that 55 percent of them think their financial institutions should do more to protect them from online fraud.
The survey, commissioned by anti-phishing software provider GuardID Systems, found that the most consumers would pay a modest price for extra online fraud and identity theft protection. Curiously, 44 percent of the consumers polled mistakenly believed that anti-spyware and anti-virus software would protect them against phishing and pharming schemes.[Source: ICBA News Watch. 9/20/06]
Keep reading…Fraudulent E-Mail Claims to Be From the FDIC (3)
Summary: E-mails fraudulently claiming to be from the FDIC are attempting to trick recipients into installing unknown software on personal computers. These e-mails falsely indicate that recipients should install software that was developed by the FDIC and other agencies. The software may be a form of spyware or malicious code and may collect personal or confidential information.
The Federal Deposit Insurance Corporation (FDIC) is aware of e-mails appearing to be sent from the FDIC that are asking recipients to install unknown software on personal computers. Currently, the subject line of the e-mail includes the phrase ‘Urgent Notification – Security Reminder.’ The e-mail is fraudulent and was not sent by the FDIC.
The fraudulent e-mail describes ‘a small client utility’–referred to as ‘ProBank’–that recipients are asked to install on home and business computers. The e-mail claims:
‘…this utility only starts whenever an online session is opened with a Financial Institution insured by the FDIC, thus it will never interfere with any programs installed on your computer. Please help us combat fraud by installing, ProBank on any computer that is used to open an Online Banking session.’
The e-mail requests that recipients click on a hyperlink that appears to be related to the FDIC, which directs recipients to an unknown executable file to be downloaded. While the FDIC is working with the United States Computer Emergency Readiness Team (US-CERT) to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to on-line banking services or to conduct identity theft.
Financial institutions and consumers should NOT access the link or download the executable file provided within the body of the e-mail.
The e-mail also asks financial institutions to ‘advertise and market the ProBank’s existence to employees, suppliers, third-party service providers and customers.’ Financial intuitions should NOT advertise the existence of the software. Rather, they should educate customers and staff about the existence of these and similar phishing e-mails.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Information related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.
For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2006/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
Keep reading…
Fraudulent E-Mail Claims to Be From the FDIC (2)
Summary: E-mails that fraudulently claim to be from the FDIC are requesting that recipients provide highly sensitive personal information, including bank account information.
The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails appearing to be from the FDIC asking recipients to register for a ‘SON – Secure Online Network’ code. The e-mail requests that recipients click on a hyperlink to initiate ‘SON’ registration in an attempt to acquire the recipients’ personal financial information. These e-mails are fraudulent and were not sent by the FDIC. Financial institutions and consumers should NOT access the link provided within the body of these e-mails and should NOT, under any circumstances, provide any personal financial information through this media.
The fraudulent e-mails describe a fictitious relationship between the FDIC and GoldLeaf Financial Solutions and suggest that the FDIC collaborated in the development of SON. The e-mails state that ‘SON’:
is ‘dedicated to protect payment cards against online fraud’;
‘assigns a unique code to a payment card, therefore replacing random parts of the personal information’; and
is ‘required for FDIC claims as it is part of the FDIC’s new set of standards.’
Variations of the e-mails have been reported. For example, at least three different subject lines are currently being used, including ‘Urgent Notification - Security Reminder,’ ‘Online Access Agreement Update,’ and ‘SON Registration.’ Some versions of the fraudulent e-mails include a salutation of ‘Dear FDIC beneficiary,’ while other versions include the recipient’s name and e-mail address after the word ‘Dear.’ Some versions of the e-mails include the recipient’s name and mailing address and a statement that ‘your personal information did not match any SON code.’ Other subject lines and modifications to the e-mails may occur over time.
Financial institutions and consumers should be aware that other similar e-mails may be sent that falsely claim to be from the FDIC. The FDIC does not directly contact consumers in this manner nor does the FDIC request personal financial information from consumers.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Information related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.
For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2006/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
Keep reading…
Online Fraud Could Spike Toward Year-end
The federal banking agencies cautioned that cyber-criminals, aware that financial institutions face the year-end deadline for multifactor authentication, may increase their efforts to gain customer information
to perpetrate identity theft. The Federal Financial Institutions Examination Council agencies issued a warning for financial institutions to anticipate increased phishing, pharming and other false online communications as the deadline approaches. The warning said financial institutions should tip off their customers about possible online fraud schemes and explain their policies on requesting personal information from customers.
Keep reading…Fraudulent E-Mail Claims to Be From the FDIC
Summary: E-mails to financial institution customers that fraudulently claim to be from the FDIC attempt to obtain highly sensitive personal information, including bank account information. These e-mails falsely indicate that consumers can enroll in an "FDIC protection system" to insure bank accounts against certain types of fraudulent activities.
The Federal Deposit Insurance Corporation (FDIC) has received numerous notifications from consumers of an e-mail that has the appearance of being sent from the FDIC. The ‘From’ line of the e-mail displays the name ‘Federal Deposit Insurance Corporation’ and the subject includes the phrase ‘IMPORTANT: Notification of Federal Deposit Insurance Corporation.’
The e-mail states that the FDIC received an application. It says, in part:
‘…from your bank to ensure your Checking or Savings account against Fraud, phishing or Identity Theft. If u agree with the following, PLEASE ENROLL in the FDIC protection system.’
The e-mail is fraudulent and was not sent by the FDIC. It is an attempt to obtain personal financial information from consumers. The e-mail requests that recipients click on a hyperlink that is provided, which directs the recipient to a ‘spoofed’ Web page. The Web page appears to belong to the FDIC and requests information, such as: name, phone number, Social Security number, mother's maiden name, driver's license/issuing state, date of birth, e-mail address, postal address, credit/debit/ATM card number, card expiration date, card verification number, personal identification number (PIN), bank name, bank routing number, and bank account number.
Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT, under any circumstances, provide any personal financial information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.
Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Information related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.
For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2006/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
Keep reading…
‘Vishing’ New ID Theft Risk
The newest identity theft trick is ‘vishing,’ a variation of phishing where identity thieves include a phone number
, usually a cheap VoIP number that is easy to obtain anonymously, to trick victims into calling and sharing their credit card account information. Just a few cases have been reported, but the practice is expected to grow. Customers should be encouraged to call the number on the back of their credit cards when they have a question or problem. [Source: IDG News Service. 7/10/06]…
Keep reading…Scams
‘Lotteries’ or ‘sweepstakes’ advise that you have won money but they require money from you up front to buy something or to somehow ensure your chances of receiving your winnings.
Buyers of something you have advertised for sale that insist on mailing payments by cashier's check. Many times the check is for an amount larger than the purchased price and the buyer requests that the overage be sent back to him via money order. The cashier's check turns out to be counterfeit.
‘Sponsors’ or ‘charities’ will push for contributions but will be reluctant to provide identifying information about themselves when questioned.
The Nigerian and other similar scam letters, e-mails or faxes are from someone purporting to have money in his country that cannot be accessed because of ‘rules and regulations’. You are to be rewarded handsomely for your help getting the money back. All you have to do is provide your bank account information and money up front to take care of ‘necessary expenses’. You are, of course, asked to keep this plot a secret. Once they have drained all the money they can from you, you never hear from them again.Keep reading…
