Fraudulent E-Mails Claiming to Be From the FDIC
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being from the FDIC. The e-mails appear to be sent from various "@
fdic.gov" e-mail addresses, such as "subscriptions@fdic.gov," "alert@fdic.gov," or "accounts@fdic.gov."
They have subject lines that read: "FDIC: Your business account" or "FDIC: About Your Business Account."
The e-mails are addressed to "Business Customer" or "Business Owner" and state "We have important information about your bank" or "…financial institution." They then ask recipients to "Please click here to find details." They conclude with, "This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership."
These e-mails and the link included are fraudulent and were not sent by the FDIC. Recipients should consider the intent of these e-mails as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT, under any circumstances, provide any personal financial information through this media.
Financial institutions and consumers should be aware that other subject lines and modifications to the e-mails may occur over time.
The FDIC does not directly contact consumers in this manner nor does the FDIC request personal financial information from consumers.
----------------------------------------------------------------------------
Fraudulent Emails Claiming to be from NACHA
Further to previous notices, NACHA – The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
Please forward fraudulent emails claiming to be from NACHA to abuse@nacha.org.
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software application security patches are installed and current. Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation (FDIC). |