IRS Warns of New Email Phishing Scheme Falsely Claiming to be from the Taxpayer Advocate Service
WASHINGTON —The Internal Revenue Service today warned consumers to be on the lookout for a new email phishing scam. The emails appear to be from the IRS Taxpayer Advocate Service and include a bogus case number.
The fake emails may include the following message: “Your reported 2013 income is flagged for review due to a document processing error. Your case has been forwarded to the Taxpayer Advocate Service for resolution assistance. To avoid delays processing your 2013 filing contact the Taxpayer Advocate Service for resolution assistance.”
Recipients are directed to click on links that supposedly provide information about the "advocate" assigned to their case or that let them "review reported income." The links lead to web pages that solicit personal information.
Taxpayers who get these messages should not respond to the email or click on the links. Instead, they should forward the scam emails to the IRS at firstname.lastname@example.org. For more information, visit the IRS's Report Phishing web page.
The Taxpayer Advocate Service is a legitimate IRS organization that helps taxpayers resolve federal tax issues that have not been resolved through the normal IRS channels. The IRS, including TAS, does not initiate contact with taxpayers by email, texting or any social media.
For more on scams to guard against see the "Dirty Dozen" list on IRS.gov.
May 17, 2013
Phone Phishing Scam
Some WSB customers have reported a recent phone scam in which they received a recorded message stating their debit card has been de-activated or has been compromised and they need to call a number to re-activate their cards. The caller ID of the caller may display your number. This is known as a “phone phishing scam”. These fraudulent individuals want you, the customer, to call the number back and enter in your debit card number and your pin to steal this information. West Suburban Bank would not request this type of information from our customers. Under no circumstance should you return the call and/or give out any of your personal information. If you have provided any account information in response to this scam, please stop by your local branch or call us immediately at 630/652-2000 to prevent fraudulent activity. In addition, the Federal Trade Commission (FTC) should be contacted at 877/382-4357.
JUNE 8, 2012
Phishing email purported to be from EnFact
We have become aware of phishing email attempts that references the “eNFact” product. The email directs recipients to click on a link that takes them to a site that may install malicious software. Do not open it or click on the link. The phishing attack is contained in a fraudulent email identical or similar to the one that follows:
From: eNFACT Notifications [mailto:email@example.com]
Subject: eNFACT Case #29018
To protect your account, we monitor your ATM and debit card transactions for potentially fraudulent activity which may include a sudden change in locale (such as when a U.S.-issued card is used unexpectedly overseas), a sudden string of costly purchases, or any pattern associated with new fraud trends around the world.
An eNFACT Case was generated for the cardholder below:
Transaction 1 Information:
A charge on 10/23/2011 in the amount of $438.09 in ITALY Transaction Score: 981
Transaction 2 Information:
A charge on 10/23/2011 in the amount of $513.14 in ITALY Transaction Score: 918
Transaction 3 Information:
A charge on 10/22/2011 in the amount of $0.02 at O RANCH Transaction Score: 37
The eNFACT Case is generated when a suspect transaction is detected. If this transaction was not initiated by you as the credit card holder please follow the steps as shown at: http://(malicious website name)
Please be sure to complete the Case Resolution Notification (CRN) Form at
(http://(malicious website name). If you have any questions, or would like additional information pertaining to this eNFACT Case, please contact the Card Processing Center at 800-xxx-xxxx.
DECEMBER 21, 2012
Alert from the Better Business Bureau:
Fake Better Business Bureau Complaint Emails Are Scams Phishing for Personal, Corporate Information
Chicago, IL- December 20, 2011 - An email scam using the Better Business Bureau's (BBB) name and logo continues to proliferate across North America, and even to some overseas addresses. Most of the emails carry the well-known BBB torch logo and may come with the subject line "Complaint from your customers." The emails have a link or an attachment containing malicious phishing malware that steals information, often with devastating results to businesses and private citizens.
"While the Internet has many benefits; misrepresentations and scams like this are one of the ugly features of the Internet," stated Steve Bernas, president & CEO of the Better Business Bureau serving Chicago and Northern Illinois.
Because of experiences such as this one, the BBB has updated its advice and recommends the following to anyone who receives the email:
- Do not open any attachments.
- Do not click on any links.
- Delete the email from your inbox, and then delete it again from your trash or recycling folder.
- Run a full system scan using reputable virus software.
Due to the virulent nature of the virus, the recommendation is for everyone who receives it to do the scan. In offices or homes that are networked, all computers should be scanned.
Bernas noted that the disgusting element of this scam is that the perpetrators are likely targeting businesses, individuals and other organizations that combat this type of activity.
"This scam is unusual in that it is very wide ranging and continuing," explained Bernas. "The BBB national office is working with federal law enforcement agencies to identify the perpetrator of this fraud, and is also looking into other measures it can take to help prevent future phishing scams from spreading."
If you receive an email saying your business has a complaint filed against it with BBB, there are several things you can do to determine if it is a fake notification:
- Look for typos, grammatical errors, etc. in the text that could indicate it originated overseas.
- Check to see who it says is the sender. Authentic BBB complaints go out from the local BBBs, not from the headquarters office.
- Hover your mouse over the link to see if its destination is really a bbb.org address.
- Copy and paste the link into Notepad (not Word). Notepad does not support html, so if the link is a fake bbb.org address, the real link will show up.
- If you still are not sure, go to www.bbb.org to find your local BBB, and send them a new email to ask if you have a complaint (do not Reply to the email you received, or forward it to them). They have been swamped with requests, so you may not hear back immediately.
Chris Garver, Chief Information Officer at the Council of Better Business Bureaus, recommends that all domain owners set up a sender policy framework (SPF) and set their spam filter to use it. "Using the SPF standard helps fight spam and phishing attacks by allowing your email servers to verify whether an email is legitimate...or not," he says.
If you have received one of these emails, please send it directly to the BBB phishing deactivation team at:firstname.lastname@example.org
For more consumer safety tips, visit www.bbb.org
July 19, 2011
Fraudulent "ACH and Wire transfers" E-Mails
Fraudulent e-mails claiming to be from the FDIC are in circulation.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being from the FDIC.
The e-mails appear to be sent from various "@fdic.gov" e-mail addresses, such as "email@example.com," "firstname.lastname@example.org," or "email@example.com."
They have various subject lines such as "Update for your banking account," "ACH and Wire transfers disabled," and "Banking security update."
The fraudulent messages state:
Your account ACH and Wire transactions have been temporarily suspended for your Security, due to the expiration of your security version. To download and install the newest Updates, follow this link. As soon as it is set up, your transaction abilities will be fully restored. Best regards, Online security department, Federal Deposit Insurance Corporation."
These e-mails and links are fraudulent and were not sent by the FDIC. Recipients should consider these e-mails an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT install any related files or software updates.
Financial institutions and consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names, and narratives. The FDIC does not directly contact bank customers, nor does the FDIC request bank customers to install software upgrades.
Information about counterfeit items, cyber-fraud incidents, and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 3501 North Fairfax Drive, CH-11034, Arlington, Virginia 22226, or transmitted electronically to firstname.lastname@example.org. Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.php.
For your reference, FDIC Special Alerts may be accessed from the FDIC's Web site at www.fdic.gov/news/news/SpecialAlert/2011/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
Sandra L. Thompson
Division of Risk Management Supervision
July 7, 2011
Visa Offer Helpful Security Tips
Visa (NYSE: V) is offering consumers tips on how to protect themselves from card fraud. The website www.VisaSecuritySense.com provides helpful information for cardholders on how to protect their account information and resolve unauthorized card use.
June 22, 2011
PHISHING ATTEMPT REGARDING DEACTIVATED CARDS
West Suburban Bank (WSB) has received several reports from customers that have received phone call from an automated call center stating their “ATM” card has been deactivated and to call a phone number provided to reactivate it. When this number is called an automated voice response system asks for the card number, expiration date and PIN. Theses texts are a scam, so please do not call the phone number and provide any card information. In these cases West Suburban Bank is not mentioned in the automated message. WSB would not ask customers to provide card information over the phone. Any WSB customers that provide card info in response to this scam should contact us immediately to prevent fraudulent activity. In addition, the Federal Trade Commission (FTC) should be contacted at (847) 382-4357.
To report suspicious text messages, please forward information about the text to email@example.com or call West Suburban bank at 630-652-2000.
June 3, 2011
FRAUDULENT E-MAIL CLAIMING TO BE FROM THE FDIC
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being from the FDIC.
The e-mails appear to be sent from various "@fdic.gov" e-mail addresses, such as "firstname.lastname@example.org," "email@example.com," or "firstname.lastname@example.org."
They have subject lines that read: "FDIC: Your business account" or "FDIC: About Your Business Account."
The e-mails are addressed to "Business Customer" or "Business Owner" and state "We have important information about your bank" or "…financial institution." They then ask recipients to "Please click here to find details."
They conclude with, "This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership."
These e-mails and the link included are fraudulent and were not sent by the FDIC. Recipients should consider the intent of these e-mails as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT, under any circumstances, provide any personal financial information through this media.
Financial institutions and consumers should be aware that other subject lines and modifications to the e-mails may occur over time. The FDIC does not directly contact consumers in this manner nor does the FDIC request personal financial information from consumers.
For your reference, FDIC Special Alerts may be accessed from the FDIC's Website at www.fdic.gov/news/news/SpecialAlert/2011/index.html. To learn how to automatically receive FDIC Special Alerts through email, please visit www.fdic.gov/about/subscriptions/index.html.
Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.php.
Sandra L. Thompson
Division of Supervision and Consumer Protection
May 4, 2011
FRAUDULENT TEXT MESSAGES CLAIMING TO BE FROM WEST SUBURBAN BANK
West Suburban Bank (WSB) has received several reports from customers and non-customers that have received text messages on their cell phones claiming to be from WSB. The text states that their WSB card has been deactivated and to call the phone number provided on the text. When this number is called an automated voice response system asks for the card number, expiration date and PIN. Theses texts are a scam, so please do not call the phone number and provide any card information.
To report suspicious text messages, please forward information about the text to email@example.com.
March 24, 2011
FRAUDULENT EMAILS CLAIMING TO BE FROM NACHA
Further to its notice of February 22, 2011, NACHA – The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software application security patches are installed and current.
Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation (FDIC)
It is important to note that West Suburban Bank’s Online Banking application is designed to protect you and your sensitive information, and as a precaution the system will automatically time out after a set period of inactivity. When this occurs, we will make use of a message to alert you of inactivity. West Suburban Bank does not use pop-up windows to request customer’s account information, conduct any type of surveys or to market any of our products or services. See below for additional information on messages you will receive from us while accessing your accounts online.
Messages you will receive from WSB
If you remain logged into Online Banking and you do not interact with the system for a set period of time, you will receive a message from us that states your session has timed out. This message is displayed as part of your current browser window; we do not display this message within a “new” browser window (i.e. like a popup ad). This prompt does ask you to enter your Passcode to re-activate your session. It does not ask you to re-enter your username.
Bill Payment Timeout
Additionally, while using our Bill Payment service, if you do not interact with the system for a set period of time, you will receive a message from us that prompts you to click “OK” to continue using the Bill Pay service. Clicking OK removes the message; it does not ask you for any additional information. If you ignore this message, once you attempt to access the system, you will be prompted with the Session Inactivity message.
December 14, 2010
The United States Postal Inspection Service Warns Consumers of Spam
BOGUS DELIVERY MESSAGES E-MAILED TO POSTAL CUSTOMERS
Some postal customers are receiving bogus e-mails about a package delivery. The e-mails contain a link that, when opened, installs a malicious virus that can steal personal information from your PC.
The e-mails claim to be from the U.S. Postal Service and contain fraudulent information about an attempted or intercepted package delivery. You are instructed to click on a link to find out when you can expect your delivery. But Postal Inspectors warn: DO NOT CLICK ON THE LINK!
Like most viruses sent by e-mail, clicking on the link will activate a virus that can steal information-such as your user name, password, and financial account information.
What to do? Simply delete the message without taking any further action. The Postal Inspection Service is working hard to resolve the issue and shut down the malicious program.
If you have questions about a delivery or wish to report spam, please call 1-800-ASK-USPS.
August 31, 2010
Consumers in the Chicagoland area have reported a recent phone scam in which they received voice mail messages stating their debit card has been de-activated and they need to call a number to re-activate their cards. This is known as a “phone phishing scam.” These fraudulent individuals want you, the customer, to call the number back and enter in your debit card number as well as your pin to steal the information. West Suburban Bank would not request this type of information from our customers. Under no circumstance should you return the call and/or give out any of your personal information. If you do receive this type of phone call or message or have any questions please call us immediately at 630/652-2200.