|
Recent Alerts
January 28, 2010
Study: Older Social-Network Users Overshare
1 in 5 of those 60 and up list their full home addresses
Older social-network users are more likely to over-share online, according to a recent study -- a vulnerability that could be exploited by criminals on the prowl for personal information.
The San Francisco Chronicle reports that the study, commissioned by the identity theft division of the credit scoring company Experian, indicates that 14 percent of this age group list their full home addresses on their profiles. The proportion rises to 20 percent when just the 60-and-older crowd is counted.
http://www.identitytheft911.org/alerts/alert.ext?sp=11108
FBI Warns Against Haiti Quake Scams
January 15, 2010
Stick with established charities, avoid e-mail pleas.
Many people hear about the widespread suffering following a natural disaster and try to help. Unfortunately, other people hear about it and think, "Perfect time to pull a scam."
The FBI on Wednesday was forced to issue the now-routine warning to people seeking to donate money for victims of the massive 7.0 earthquake that struck Haiti: Watch out for phony e-mail solicitations from fake survivors, as well as content and video links that could be spyware in disguise.
http://identitytheft911.org/alerts/alert.ext?sp=11098
________________
Do e-Medical Records Invite Fraud? Criminals can cheat govt and patients, critics say
January 14, 2010
The Obama administration is in the midst of a $17 billion push to convert the nation's system of paper medical records to digital by the year 2014. But some security experts say the rush to get the system in place could make it vulnerable to fraud.
CNNMoney.com reports extensively on the current problem, which costs the U.S. health care system as much as $100 billion a year.
http://identitytheft911.org/alerts/alert.ext?sp=11097
________________
Social Networks Prime Targets for Hacking Over-sharers
January 13, 2010
Mark Zuckerberg may think privacy is passe, but millions of people who use his Facebook and other social-networking platforms should take steps to protect themselves against hackers.
Security experts say the openness and ease of social networks is making people let their guard down, exposing them to threats from viruses and worms in 2010, The Miami Herald reported.
http://identitytheft911.org/alerts/alert.ext?sp=11095
________________
TSA Workers' IDs sold for $40 a piece, Security at Logan International unaffected, agency says
January 12, 2010
The U.S. Transportation Security Administration is investigating a former clerical worker accused of obtaining personal data on at least 16 TSA employees at Boston's Logan International Airport. The information was then sold for $40 each for use in setting up phony accounts, police say.
The Boston Herald reports that the unidentified contractor remains under investigation and has not been charged.
http://identitytheft911.org/alerts/alert.ext?sp=11093
________________
Penn State Investigates Malware Attack, 30,000 SSN's possibly compromised
January 11, 2010
Penn State University has notified nearly 30,000 people that their Social Security numbers may have been placed at risk after three school computers became infected with malware, The Pittsburgh Post-Gazette reported.
The breach occurred in archived files that were "essentially hidden" deep within the computer system, and there's no evidence they were accessed by anyone, uiniversity spokeswoman Annemarie Mountz said, according to The Daily Collegian.
http://www.identitytheft911.org/alerts/alert.ext?sp=11092
________________
East Coast Ring Steals Rx Sheets from Trash, Info used to fill fraudulent prescriptions, services.
January 8, 2010
A network of savvy East Coast thieves has been sending people to rummage through garbage cans near pharmacies to retrieve drug information sheets, reports The News Journal of Wiminton, Del.
Typically stapled to bags containing the prescription bottles, the sheets are designed to guide customers on proper dosages of medicine, as well as restrictions. While many people just throw these materials away after picking up a prescription, thieves can use information they contain -- patient names, addresses, doctor's name and even Social Security numbers -- to call in fraudulent prescriptions.
http://identitytheft911.org/alerts/alert.ext?sp=11090
________________
Another 150,000 At Risk in NARA Breach
January 7, 2010
Fort the second time in recent months, bank customers have been sent phishing emails purporting to be from the Federal Deposit Insurance Corp. (FDIC). Residents in Palo Alto County, IA area have been warned by their banks of the e-mail scam. The FDIC also on Thursday sent out an alert about the scam to all security officers. The e-mail claims that the financial institution is on a list of banks that are "failing" and that the FDIC is taking control on that institution's assets. The email then instructs the recipient to click on a link that supposedly takes a recipient to the FDIC website, when in reality the website is actually fake. When recipients click on the fake FDIC website, they are prompted to enter sensitive information such as account numbers for checking and savings accounts. "The criminals, knowing that people trust the FDIC name, duplicated the official logo and seal in fraudulent letters, forms, certificates and other correspondence," according to the FDIC alert. "In some cases, recipients were asked to complete fraudulent forms and return them by fax or email. In other cases, recipients were asked to remit funds via check or wire transfer service. "The FDIC says institutions are encouraged to inform customers that fraud artists may use the names of the FDIC and other government agencies and to take appropriate precautions.
http://identitytheft911.org/alerts/alert.ext?sp=11089
________________
Fill Out Census, but Beware of Scams, Know how to spot potential fraud
January 6, 2010
The once-in-a-decade census has begun, and it's likely that some Americans will decline to be counted out of fear that the information collected will be used in a nefarious way.
Consumer advocates say citizens should take part and answer questions because of all the good that comes from the data. But they urge people to be wary of scams aimed at gaining access to bank accounts and other sensitive information.
http://identitytheft911.org/alerts/alert.ext?sp=11088
________________
"Marriage" ID Thief Pleads Guilty in NY
January 5, 2010
Identity theft isn't strictly about committing credit and debit card fraud in another person's name. As the unusual case of New York victim Sara Benitez attests, it can also be about marriage, taxes and parking tickets. According to the New York Post, a bizzare string of identity-related crimes against Benitez date back to 1992, and culminated recently with a guilty plea from her identity thief.
http://identitytheft911.org/alerts/alert.ext?sp=11087
________________
A Cyber-Czar - Former executive to head nation's cyber-security efforts
January 4, 2010
A new year brings a new ally in the federal government's fight against cyber-intrusion. With the winter holidays approaching, President Obama named Howard A. Schmidt, a former Microsoft and eBay executive, to serve as the nation's cyber-security coordinator.
http://identitytheft911.org/alerts/alert.ext?sp=11086
________________
The Holiday Give and Take
December 3, 2009
Avoid identity thieves' seasonal rush... click here.
________________
FBI warns consumers of increased phishing scam attempts
November 4, 2009 - Washington
The Federal Bureau of Investigation on Tuesday warned consumers that it has "seen a significant increase in fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts" over the recent months.
According to the FBI, potential victims of this type of fraud will receive a so called "spear phishing" e-mail that contains an infected e-mail attachment or a link that sends the e-mail recipient to a website that is infected. Malware which contains a keylogger program is then installed on the victim's computer once they click on the link or attachment.
The keylogger is then used to track account information, and that information is used to steal from the victim via fund transfers or to create additional accounts in the victim's name.
The FBI has found that transferred funds from the created accounts are then diverted into bank accounts of individuals that have been recruited to serve as payment processors through work-at-home advertisements or job search websites. The unwitting individuals then transfer the money that arrives in their accounts to overseas locales through a wire transfer service.
The FBI has advised customers that do their banking online to contact their financial institution to ensure that they are employing all the appropriate security and fraud prevention services their institution offers.
________________
Telephone Scam
October 23, 2009
The Fort Bragg Federal Credit Union received several complaints from citizens concerning telephone solicitations from someone claiming to be with Fort Bragg Federal Credit Union.
The automated telephone message advised our member that their Fort Bragg Federal Credit Union account, credit or debit card information has been compromised and they need to verify the information. They are asking for our member to verify their card number/account number by entering the number on the keypad of their phone. They are attempting to get the person to divulge their personal information.Fort Bragg Federal Credit Union does not solicit personal or account information via the Internet (including email) or telephone (including text messages) communications.
Please contact Fort Bragg Federal Credit Union at 910.864.2232 or toll free 800.793.2328 during normal business hours if you have released your personal information or information about your Fort Bragg Federal Credit Union Visa card. After hours, if your Visa Card numbers have been compromised, you can call 800.453.4270 to report the activity. If your pin number has been compromised, please call 800.472.3272 to report the activity. If it is after hours and you are unsure if your card number or pin have been compromised, please call both of the 800 numbers above. If you have given out your personal information, please go to the Federal Trade Commission's web site, www.ftc.gov to obtain information on how to place a fraud alert on your credit file. Of course, at this time, it is too early to determine if fraud has been committed, but if something has occurred, a Financial ID Fraud report can be taken in the jurisdiction in which the victim resides.
________________
New Phishing Attacks Target Institutions in Four States - CA., NY, PA and WI Customers Victimized by Text, Phone Messages
October 13, 2009 - Linda McGlasson, Managing Editor CU Info Security
A fresh string of phishing attacks have struck financial institutions nationwide over the past two weeks, with customers of 10 banks and credit unions in California, New York, Pennsylvania and Wisconsin receiving fraudulent text messages or automated phone calls. These incidents are concurrent with a new report from the Anti-Phishing Working Group, which says such attacks are up nearly 600 percent this year.
Text Messaging Scams
Members 1st Federal Credit Union of central Pennsylvania reported on Sept. 28 that it received calls from customers about text messages claiming that their cards were blocked. The calls were purportedly from Members 1st, and the customer phones that were targeted were reportedly AT&T mobile phones. Members 1st has customer education information on its website about vishing and phishing scams and tells customers what to watch for. Similar attacks happened on Oct. 2 in Nebraska to Greater Omaha Credit Union customers. Omaha police say the phishers sent text messages to mobile phones in the Omaha area, claiming their bank card had been deactivated and instructing them to call an 877 number to reactivate it. At least one customer fell victim, losing several hundred dollars to phishers located in Huntington Beach, CA. "Once he changed his PIN, somebody went in and withdrew the money," said Richard Patterson, president of Greater Omaha Federal Credit Union. The credit union's staff fielded from customers and others who received the bogus text. "Basically [they were] asking why they had been getting this text message, and most of them don't even have accounts with us," says a bank representative.
How the scam works
Fraudsters learn the first three digits for certain cell phone providers in an area and just dial in remaining digits for mass texting, hoping to catch customers. Another Omaha-based credit union, Omaha Federal Credit Union, was hit with the same text messages, and alerted its customers with this message: "Text Messaging Scam -- OFCU Members, please be aware that Omaha FCU does not use text messaging to contact our members. If you receive a text message that says "from Omaha Federal Credit Union" do not respond to the message. It is not from OFCU." Listen to the automated vishing call: At the same time, on Long Island, Suffolk police were investigating scams involving attempts to steal credit card and PINs from customers at two different credit unions, Suffolk Federal Credit Union and Island Federal Credit Union. The scam worked by sending text or voice messages to card holders who were told their debit card had been deactivated. The would-be victims were told to call a phone number and provide account and PIN numbers to reactivate the accounts.
California Bank Hit in Automated Attack
The phishing scam that hit Liberty Bank, Boulder Creek, CA on Oct. 2, is still happening. The bank reports that an automated phone call phishing scam references Liberty Bank by name, making the scam more believable to unsuspecting bank customers. The Santa Cruz Sheriff's office initially handled the investigation, but the case has been turned over to the FBI, says Jill Hitchman, first vice president of the bank. "We've been told that Bank of America, Wells Fargo Bank, Citibank and some credit unions as far away as Humboldt County have been targeted," Hitchman says. Residents of San Lorenzo Valley and parts of Santa Cruz reported receiving automated phone calls, purportedly from Liberty Bank, saying, "Your card has been suspended because we believe it was accessed by a third party. Please press 1 now to be transferred to our security department." Customers who pressed "1" were asked to enter their credit/debit card number and personal identification number. Once user names and passwords to a web-based e-mail account are captured from a customer, criminals can access the login information and transfer money out, Hitchman says.
________________
Protect Yourself from “Smishing”
April 22, 2009
A growing form of fraud that targets cell phone users.
Recent media and government reports point to an identity theft threat for the nation's millions of cell phone users. The scam has been dubbed “smishing” (or SMiShing), a term derived from SMS technology that's used for cell phone text messages.
Although wireless telephone companies are working to block unwanted text messages, users are reporting increasing numbers of “spam” messages and smishing attacks. Adding insult to injury is the fact that users must pay for
the text message they get on their cell phones.
How the scam works
The scam is similar to the deceptive e-mail and phone schemes known as phishing and vishing. In all these forms of fraud, scammers try to trick victims into revealing personal information like account numbers, Social Security numbers, and passwords. The personal information is then used to withdraw money from victims' accounts or obtain credit in victims' name.
In smishing scams, cell phone users receive a text message that seems to come from a legitimate source, such as a bank, e-commerce site or other financial institution. The message seeks to dupe users into clicking on a link via the phone's internet connection, or into calling a certain phone number. Both the link and phone are fraudulent, and lead to requests for personal information that can be used for ID theft. Once your identity has been stolen, it generally takes much time and effort to try to regain your lost funds and your good name.
How to protect yourself
Now that you're aware of the problem, it's wise to take a few simple precautions to protect yourself from this growing form of fraud. Never respond to unsolicited requests for personal financial information received via text message – even if the request appears to come from a legitimate institution that you do business with. This includes request to “confirm, verify or update” your information.
Always know who you're dealing with. Don't click on links in text messages, or call numbers listed in text messages. Verify contact information independently, and key in web addresses yourself.
Put passwords on all your financial accounts.
Monitor your credit report regularly for signs of irregularities. You are entitled one free credit report from each of the three major credit report. Visit www.annualcreditreport.com, call (877) 322-8228, or write to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
Remember, Fort Bragg Federal Credit Union will never contact you via text message, e-mail, phone or any other way to ask for your account numbers or passwords. If you suspect you've been a victim of smishing or any other form of ID theft, contact Fort Bragg Federal Credit Union immediately at 1.800.793.2328 or 910.864.2232.
________________
Bank scam hits accounts across country
January 05, 2009 - Published by The Fayetteville Observer
Scores of consumers are opening their monthly checking account statements to find that their accounts have been debited electronically without their consent. These charges come in the form of electronic checks and range from $10.00 to $40.00. so far, the Internet Crime Complaint Center (IC3) has received more than 400 complaints from unsuspecting consumers nationwide. But the number could go much, much higher.
On the electronic check is the name of a business, an 800 number to call and a reference number. When the victim calls the number, an operator claiming to be based in Nicosia, Cyprus informs him or her that the charge was levied by an adult Web site. Fortunately, most victims who call to refute the charges are usually refunded their money. Many victims, however, fail to even notice the bogus transactions, let alone call to contest them.
The victims' computers may have been compromised by some form of malware (i.e. hijacker, key logger, etc.) which allowed unauthorized users to gain access to private bank account or other information.
To help eliminate the threat, the National White Collar Crime Center (NW3C) urges consumers to avoid clicking on any email attachments delivered to either work or at home addresses from unknown sources. They should also closely monitor their monthly bank statements for any irregularities.
If you have been victimized by this scam, NW3C recommends that you contact your local police department and then file a complaint with IC3 at www.ic3.gov. IC3 works with federal, state, and local law enforcement agencies to follow-up on such complaints.
|
Home
