11/12/2009
Today, NACHA, alerted financial institutions that they were the target of a phishing scheme.? You can view their alert on their web page at www.nacha.org .
Below is a sample of what the email might look like.
= = = = = Sample E-mail = = = = = =
From: nacha.org [mailto:report@nacha.org]
Sent: Thursday, November 12, 2009 10:25 AM
To: Doe, John
Subject: Rejected ACH transaction, please review the transaction report
Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:
Unauthorized ACH Transaction Report (this is the how the link is presented)
------------------------------------------------------------------
Copyright ¨Ï2009 by NACHA - The Electronic Payments Association
= = = = = = = = = = = = = = = = = = =
If you receive this email, do not click on the link.? Always know the sender and if you are expecting an email from them.? If the email is unsolicited
Phishing Defined
E-mail and Internet-related fraudulent schemes, such as ¡°phishing¡± are being perpetrated with increasing frequency, creativity and intensity.? Phishing involves the use of seemingly legitimate e-mail messages and Internet Web sites to deceive consumers into disclosing sensitive information, such as bank account information, Social Security numbers, credit card numbers, passwords and personal identification numbers (PINs).? In most phishing schemes, the fraudulent e-mail message will request that recipient¡¯s ¡°update¡± or ¡°validate¡± their financial or personal information in order to maintain their accounts, and direct them to a fraudulent Web site that may look very similar to the Web site of the legitimate business.
How To Protect Yourself
- Never provide your personal information in response to an unsolicited request, whether it is over the phone or over the Internet.? E-mails and Internet pages created by phishers may look exactly like the real thing.? They may even have a fake padlock icon that ordinarily is used to denote a secure site.? If you did not initiate the communication, you should not provide any information.
- If you believe the contact may be legitimate, contact us directly. ?You should be the one to initiate the contact, using contact information that you have verified yourself.
- Never provide the password over the phone or in a response to an unsolicited internet request.? Foster Bank would never ask you to verify your account information online.? Thieves armed with this information and your account number can help themselves to your savings.
- Review account statements regularly to ensure all charges are correct.? If your account statement is late in arriving, call us to find out why.? Foster Bank offers electronic account access, periodically review activity online to catch suspicious activity.
Foster Bank¡¯s web page should never be accessed from a link provided by a third party.? Our web site should only be accessed by typing our Web site name, or URL (www.fosterbank.com) address, into the Web browser or by using a ¡°book mark¡± that directs the Web browser to Foster Bank¡¯s Web site. Foster Bank does not send e-mail messages that request confidential information, such as account numbers, passwords, or PINs.? Should you receive such a request from Foster Bank please notify us immediately.? Our main bank phone number is (773) 588-7700. |
