Tuesday, August 15, 2006

Phishermen are Impersonating the FDIC

Cybercriminals often pose as reputable government agencies. Recently, they set up a totally "fake Interpol site" and we've seen them use the names of the IRS and the FBI to lure victims into their web of deceit.

Now they are using the good name of the FDIC.

Here is the FDIC alert:

The FDIC is aware of a phishing e-mail that has the appearance of being sent from the FDIC. The name "Federal Deposit Insurance Corporation" appears on the "From" line and the subject is, "IMPORTANT: Notification of Federal Deposit Insurance Corporation."

This e-mail claims that the FDIC has received an application from the receipt's bank to insure their checking or savings account against fraud, phishing and identity theft. The e-mail further instructs the recipient to enroll in "the FDIC protection system" by clicking on a link to a spoofed FDIC Web page. The spoofed Web page requests the following information:

First Name, Last Name, Phone Number, Social Security Number, Mother's Maiden Name, Driver License/Issued State, Date of Birth, E-mail Address, Street Address, City, State, Zip/Postal Code, Name on Credit Card, Credit/Debit/ATM Card Number, Card Expiration Date, Card Verification Number, Personal Identification Number, FDIC-Insured Institution (Bank Name), Bank Routing Number, and Bank Account Number.

This e-mail was not sent by the FDIC and is a fraudulent attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.

The FDIC is attempting to identify the source of the e-mails and the location of the Web site in order to disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

For a link to the alert, link here.

When I stumbled upon this news - I had just finished doing a post about a great presentation on cybercrime the FDIC just released to educate the public:

FDIC Releases Multimedia Presentation to Educate Public on Cybercrime

Maybe the presentation is so good - the criminals don't like it?

If you spot one of the "phishy e-mails, report it to the FDIC as described in the alert.

It's easy to do and it might protect someone you know!

No comments: