MALWARE ALERT: Two new variants of the "CryptoLocker" malware that were in the news recently have begun circling the Internet. The two variations are known as "CryptoWall" and "CryptoDefense." They operate in a similar manner to "CryptoLocker" by encrypting the files on your network shares and denying users access until they pay the ransom between $300 and $1,000 or restore their files from a backup. This is a widespread attack with a high distribution rate.
The current variant is being spread by email that appears to come from UPS or from a faxing service. The email either contains an attachment or a link to a website to open the notification, which then downloads the virus. Many antivirus vendors do not yet have definitions and these emails often slip by spam filters.
Accordingly, we are recommending all email users to be on the lookout for suspicious emails appearing to come from UPS or a faxing service, and also to verify that you keep current backups of your systems. Additionally, we strongly urge users NEVER to open an attachment or a link within an email unless you are expecting the email and/or know that it is safe to do so.
IMPORTANT NETTELLER-RELATED INFORMATION: Internet Explorer 8 (IE8) is no longer supported for use with AVB Bank's online banking product--NetTeller. Please update your Internet Explorer to version 9, 10, or 11, or you may use another browser product to access NetTeller. You will still be able to log in to NetTeller with IE8, but you may experience limited functionality or a visibly-altered interface.
AVB Bank has received reports that fraudulent phishing scams have increased in activity over the past few months. These scams consist of calls or text messages to cardholders in an attempt to gain access to account information. During these attempts, cardholders are informed that their debit card has been deactivated and needs to be reactivated. The cardholder is then asked to provide key account information such as card number, expiration date, PIN number and the three digit security code, in order to reactivate the affected debit card. The fraudsters use this information to create duplicate cards and/or make online purchases. If you received one of these calls, please call Customer Accounting at (918) 259-2777 to have your debit card turned off and to order a new card. If it is after normal business hours, please call (800) 791-2525 to have your card turned off then call (918) 259-2777 on the next business day to order a new card.
AVB will never ask you for sensitive information such as your password(s), login ID(s), or account number(s). If you are ever contacted in this way, please contact us immediately at firstname.lastname@example.org.
FBI Warns of Internet Fraud During the Holiday Shopping Season
The FBI's Internet Crime Complaint Center (IC3) reminds consumers to be wary of increased Internet fraud during the holiday shopping season. Here are a few of the scams to look out for:
- New products or gift cards being sold on auction or classified advertisement websites where the price is significantly lower than any sales price in retail outlets;
- “One day only” websites featuring the sale of specific items in high demand;
- Phishing and scam emails, text messages, or phone calls that look or sound like they’re coming from a well-known retailer and that ask you to verify a credit card number or to update personal account information; and
- Gift card offers on social media sites claiming to be from major retailers…often, these offers are used to gain access to your social media account and personal information.
In addition to more information on specific Internet scams, IC3’s latest warning also includes tips to help you avoid being a victim of cyber scams (#1 tip: if it looks too good to be true, it probably is). For more information read IC3’s alert.
Some Debit Card Transactions Blocked Due to Fraud
AVB has blocked the types of AVB CheckCard purchases listed below for customers traveling to the following locations:
- Arizona: All Wal-Mart stores
- Florida: a) Vending Machines; b) Public Transportation; c) Online purchases at Darden/Red Lobster Restaurants
- Maryland: All Wal-Mart-type retail/discount stores
- New York: ALL signature-based, card-not-present transactions are blocked; PIN-based, card-present transactions are allowed.
Foreign Country Alert Due to Growth in Fraud Trends
AVB has blocked all AVB CheckCard transactions in the following African nations, with exceptions for lodging, restaurants and automated cash advances: Benin, Morocco, Mozambique, Nigeria, Senegal, Tanzania, and Tunisia.
If you are planning to travel out of the country, please contact AVB’s Customer Accounting Department at 918.251.9611 or email@example.com, so that we can unblock your card for the specific time period of your travel.
Increase in Fraudulent Phone Calls
The FBI has informed us of an increased incidence of phone calls purporting to be from Microsoft, asking to be given remote access to a computer in order to "fix a virus" they have detected. This has led to attempted and completed fraudulent wire transfers in banks across the country. Microsoft will never contact you to request access to your computer. Please be cautious and do not provide information or access to your computer should you receive a phone call like this.
Malicious Software Uses Intriguing Links to Ensnare Unsuspecting Computer Users
The Internet Crime Complaint Center (IC3) urges computer users NOT to open unsolicited (spam) emails, including clicking links contained within those messages. Even if the sender is familiar, the public should exercise due diligence. Computer owners must ensure they have up-to-date firewall and anti-virus software running on their machines to detect and deflect malicious software.
The IC3 is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA). It recommends the public do the following:
- Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page. Even a “friend” can unknowingly pass on multimedia that is actually malicious software.
- Do not agree to download software to view videos. These applications can infect your computer.
- Carefully read emails you receive. Fraudulent messages often feature misspellings, poor grammar, and nonstandard English.
- Report emails you receive that purport to be from the FBI. Criminals often use the FBI’s name and seal to add legitimacy to their fraudulent schemes. In fact, the FBI does not send unsolicited emails to the public. Should you receive unsolicited messages that feature the FBI’s name, seal, or that reference a division or unit within the FBI or an individual employee, report it to the Internet Crime Complaint Center at www.ic3.gov.