RVB comment: Please be aware that any customer may be hit by the described cyber-attack.
Citadel Malware Continues to Deliver Reveton Ransomware in Attempts to Extort Money
A new extortion technique is being deployed by cyber-criminals using the Citadel malware platform to deliver Reveton ransomware. The latest version of the ransomware uses the name of the Internet Crime Complaint Center to frighten victims into sending money to the perpetrators. In addition to instilling a fear of prosecution, this version of the malware also claims that the user’s computer activity is being recorded using audio, video, and other devices.
As described in prior alerts on this malware, it lures the victim to a drive-by download website, at which time the ransomware is installed on the user's computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law. The message further declares that a law enforcement agency has determined that a computer using the victim's IP address has accessed child pornography and other illegal content.
To unlock the computer, the user is instructed to pay a fine using prepaid money card services. The geographic location of the user's PC determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.
This is not a legitimate communication from the IC3, but rather is an attempt to extort money from the victim. If you have received this or something similar do not follow payment instruction.
It is suggested that you:
- File a complaint at www.IC3.gov.
- Keep operating systems and legitimate antivirus and antispyware software updated.
- Contact a reputable computer expert to assist with removing the malware.
Utility Bill Obama Scam
The BBB has issued a nationwide warning about a new scam claiming that President Obama will pay consumers' utility bills through a new federal program.
Consumers have been contacted through telephone calls, fliers, social media and text messages, and other means with claims that President Obama is providing credits or applying payments to utility bills.
To receive the money, scammers claim they need the consumer's Social Security Number, and bank routing number and/or account number. In return, customers are given a fraudulent bank routing number to use in order to pay their utility bills through an automated (telephone) service.
The payment service initially 'accepts' the payment but then declines it within a few days when the banking information is discovered to be invalid. The consumer's bill has not been paid and his/her SSN and personal financial information have been compromised.
Recently, some customers of several local banks have been receiving a Phishing E-Mail that appears to be coming from NACHA.ORG. The actual e-mail reads “payments @nacha.org”. It goes on to read: “The ACH transfer recently initiated from your checking account (by you or any other person), was rejected by the Electronic Payments Association. Please click here to view details.”
Be advised if you receive one of these e-mails, DO NOT click on the link, a virus will be downloaded into your computer. NACHA does exist, it is the National Automated Clearing House Association, however NACHA did not send out the e-mail.
Please contact River Valley Bank at: (888) 842-0221 or go to: www.rivervalleybank.com with questions.
River Valley Bank will NEVER initiate email or internet requests requiring customers to respond with personal information. Any requests for personal information received through email, web sites, or pop-up windows should be considered fraudulent and reported to us immediately. If you receive an email asking for your account information (ID, password, card number, etc.), DO NOT respond! If you have already given out your bank account information, report the theft of this information to the bank as quickly as possible by calling (888) 842-0221. Reminder: While logging into your Internet Banking, if you do not see the security photo that you have previously chosen, you are being re-directed to an invalid site. To help us track cyber-criminals, please forward any suspicious emails you receive to email@example.com
What To Do If You Fall Victim:
Contact your financial institution immediately and alert them to the situation.
If you have disclosed sensitive information in a phishing attack, you should also contact one of the three major credit bureaus and discuss whether you need to place a fraud alert on your file, which will help prevent thieves from opening a new account in your name.
Here is the contact information for each bureau's fraud division:
P.O. Box 740250
Atlanta, GA 30374
P.O. Box 1017
Allen, TX 75013
P.O. Box 6790
Fullerton, CA 92634
To help us track cyber-criminals, please forward any suspicious emails you receive to firstname.lastname@example.org
If you have already given out your bank account information, report the theft of this information to the bank as quickly as possible by calling your nearest location.
What is "Phishing"?
Phishing is a type of online fraud where the cyber-criminals attempt to acquire personal, financial, or other account information (such as user IDs, passwords, credit card numbers, PINs, etc.) from unsuspecting victims. This type of fraud is typically initiated by sending an official-looking email claiming to be from our bank. The e-mail will probably warn you of a serious problem that requires your immediate attention. It may use phrases such as "Immediate attention required", "online banking upgrade notice" or ask you to fill out a survey by rewarding you with money. The phishing email may also direct you to a spoofed website or pop-up window which looks exactly like the real site, but has been set up for the sole purpose of stealing personal information. Unsuspecting people are then often fooled into handing over credit card numbers, passwords or other details.
The FTC, the nation’s consumer protection agency, suggests these tips to help you avoid getting hooked by a phishing scam:
1. Never provide your personal information in response to an unsolicited request, whether it is over the phone or over the Internet. E-mails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, you should not provide any information.
2. If you believe the contact may be legitimate, contact the financial institution yourself. You can find phone numbers and Web sites on the monthly statements you receive from your financial institution, or you can look the company up in a phone book or on the Internet. The key is that you should be the one to initiate the contact, using contact information that you have verified yourself.
3. Never provide your password over the phone or in response to an unsolicited Internet request. A financial institution would never ask you to verify your account information online. Thieves armed with this information and your account number can help themselves to your savings.
4. Review account statements regularly to ensure all charges are correct. If your account statement is late in arriving, call your financial institution to find out why. If your financial institution offers electronic account access, periodically review activity online to catch suspicious activity.
What is "Vishing"?
It’s one of the latest breakthroughs in telecommunications—Voice Over Internet Protocol, or VoIP, which enables telephone calls over the web.
And guess who’s hopping on the VoIP bandwagon along with millions of legitimate customers? Criminals, that’s who. They’re using the technology to hijack identities and steal money. It already has a name: “vishing.”
Vishing is really just a new take on an old scam—phishing. You know the drill: you get an e-mail that claims to be from your bank or credit card company asking you to update your account information and passwords (perhaps, it says cleverly, because of fraudulent activity) by clicking on a link to what appears to be a legit website. Don’t do it, of course. It’s just a ruse, nothing more than an illegal identity theft collection system.
Vishing schemes are slightly different, with a couple of variations.
In one version, you get the typical e-mail, like a traditional phishing scam. But instead of being directed to an Internet site, you’re asked to provide the information over the phone and given a number to call. Those who call the “customer service” number (a VoIP account, not a real financial institution) are led through a series of voice-prompted menus that ask for account numbers, passwords, and other critical information.
In another version you’re contacted over the phone instead of by e-mail. The call could either be a “live” person or a recorded message directing you to take action to protect your account. Often, the criminal already has some personal information on you, including your account or credit card numbers. That can create a false sense of security. The call came from a VoIP account as well.
Vishing, as you might imagine from these scams, has some advantages over traditional phishing tricks. First, VoIP service is fairly inexpensive, especially for long distance, making it cheap to make fake calls. Second, because it’s web-based, criminals can use software programs to create phony automated customer service lines.
But if the thieves are giving out their phone numbers, they should be easy to track, right? Wrong. Criminals can mask the number they are calling from, thwarting caller ID.
So how prevalent is vishing? Hard to say, due to reporting difficulties. “A lot of would-be victims are reporting this as SPAM or phishing,” says Dan Larkin, chief of the FBI’s Cyber Initiative and Resource Fusion Unit. “But we know it’s out there. It’s happening.”
Don’t let it happen to you. Larkin recommends greeting a phone call or e-mail seeking personal information with a healthy dose of skepticism. If you think the call is legit, you can always hang up and call back using the customer service number provided by the financial institution when the account was opened.
(Vishing Information from the Federal Bureau of Investigation)
Cell Phone Phishing Scam - Jan 20, 2011
Recently a local individual became the victim of a cell phone Phishing scam. The individual received a call on his cell with the caller stating it was regarding the individual’s Visa Credit Card. The caller claimed to be verifying a specific charge on the card. The caller then cited a specific balance to the individual. All of the information was bogus. The individual was then transferred to another person, who asked the individual for their credit card number and the CVV code, social security number, and driver’s license number, as well as the expiration date. The individual did provide the information that was requested.
After realizing what he had just done, the individual became concerned and promptly notified the bank and card was closed. The individual later learned that within that short period of time, two charges were made on his card.
Please be advised that this type of call is a scam, and you should notify River Valley Bank and the card company (the phone number is located on the back of the credit card) immediately. If you are able, please record the incoming phone number from the bogus call from your caller ID and give the number to the bank and card company.