New technology can dramatically change the way that people manage and save money. To help consumers learn more about banking in a high-tech world, the Spring 2013 issue of FDIC Consumer News features practical tips on how to reap the benefits and avoid potential problems. Other timely topics include dealing with debt collectors, finding affordable small loans, thinking about your options after a branch closing or a bank merger, and taking precautions before buying a bank certificate of deposit (CD) from a deposit broker instead of directly from a financial institution. Other topics and tips are covered in the latest newsletter:

Banking in a high-tech world: The lead article notes that sophisticated criminals try to steal valuable details from credit and debit cards that can be used to create a counterfeit card or make purchases online or over the phone. The FDIC newsletter offers tips for preventing or detecting card fraud and stresses the importance of quickly reporting a problem. The newsletter also looks at how new bank technology can help consumers, such as with "mobile banking" (using a smartphone, "tablet" computer or other device) and electronic check registers.

Solving common debt and credit problems: In one article, the newsletter reminds readers that debt collectors have a duty to treat consumers fairly and without harassment. The publication also warns of scams by people falsely claiming to be debt collectors. In another article, consumers who normally turn to companies such as car title lenders, payday loan stores and pawnshops for small loans are advised to instead find out if banks are offering small loans at better interest rates and terms. Also in this issue of the newsletter are tips on how consumers can improve their credit reports and, in turn, pay less for loans.

Thinking about your options after a branch closing or bank merger: The newsletter describes important federal protections, such as advance notice of branch closings and a special grace period for FDIC insurance coverage after a bank merger. Other tips can help consumers meet their banking needs after a branch closing or merger.

Taking precautions before buying a bank CD from a broker: While using deposit brokers has grown in popularity because brokers often can negotiate higher interest rates, the CDs they sell may involve more risks than those purchased directly from an insured bank. For example, because the FDIC does not have the authority to approve deposit brokers and there are numerous examples of con artists running off with investors' money, consumers are advised to use a reputable deposit broker, preferably a professional they already know and trust. Also, consumers should be skeptical if the interest rate being advertised is significantly higher than general market rates, because that may be a sign that the broker is trying to lure in customers to sell them a non-insured product that's not in the depositor's best interest.

The goal of FDIC Consumer News is to deliver timely, reliable and innovative tips and information about financial matters, free of charge. The Spring 2013 edition can be read or printed at www.fdic.gov/consumers/consumer/news/cnspr13. To find current and past issues, visit www.fdic.gov/consumernews or request paper copies by contacting the FDIC's Public Information Center toll-free at 1-877-275-3342, by e-mail to publicinfo@fdic.gov, or by writing to the FDIC Public Information Center, 3501 North Fairfax Drive, Room E-1002, Arlington, VA 22226.

To receive an e-mail about each new issue of the quarterly FDIC Consumer News with links to stories, go to www.fdic.gov/about/subscriptions/index.html.

The FDIC encourages financial institutions, government agencies, consumer organizations, educators, the media and anyone else to help make the tips and information in FDIC Consumer News widely available. The publication may be reprinted in whole or in part without permission. Please credit FDIC Consumer News. Organizations also may link to or mention the FDIC Web site.

# # #

Congress created the Federal Deposit Insurance Corporation in 1933 to restore public confidence in the nation's banking system. The FDIC insures deposits at the nation's 7,083 banks and savings associations, and it promotes the safety and soundness of these institutions by identifying, monitoring and addressing risks to which they are exposed. The FDIC receives no federal tax dollars — insured financial institutions fund its operations.

FDIC press releases and other information are available on the Internet at www.fdic.gov, by subscription electronically (go to www.fdic.gov/about/subscriptions/index.html) and may also be obtained through the FDIC's Public Information Center (877-275-3342 or 703-562-2200).

Several banks in the area have had customers contact them regarding automated calls they have received from National Credit Association or National Credit Foundation, stating "your card has been deactivated or suspended, press 1 to reactivate". There are not any issues with our CFB debit cards. THESE ARE NOT LEGITIMATE CALLS – DO NOT GIVE OUT ANY INFORMATION. Please call 618-234-9500 for information or any questions. 02/18/2013

We are receiving reports of phishing emails being sent from what appears to be a NetTeller email address customer _service@cm.netteller.com with the subject line of NetTeller Watch Notice. These are "Phishing emails" trying to get customers to click on the embedded NetTeller access link. These emails are not coming from NetTeller nor Community First Bank. Should you receive an email, DO NOT click on the link. It is recommended to permanently delete the email. 10/17/2012

From alert dated 10/16/2012:

The IRS does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.

This alert goes on to describe how to handle suspicious IRS-related email, phone calls and other communications.

Text of alert titled Fraudulent E-mails Claiming to Be From the FDIC dated 10/03/2012:

This message is to notify you of fraudulent e-mails in circulation claiming to be from the FDIC. Please consider both to be fraudulent.

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC.

While the e-mails exhibit variations in the "Subject" lines, the messages are similar. They all make reference to the suspension of recipient’s ability to conduct transfers via ACH and/or wire transfer. The e-mails then encourage recipients to install a software update by clicking on a link provided. They then say that functionality will be restored once the software update is installed.

These e-mails and the link provided are fraudulent. Recipients should consider the intent of these e-mails to load malicious software on the recipient’s computer, or to collect personal or confidential information. Recipients should not click on the link provided.

The FDIC does not send unsolicited e-mails to consumers or business account holders.

From alert dated 08/03/2012:

Consumers should be aware of a scam e-mail about an electronic federal tax payment the e-mail claims they tried to make or which specifies the Electronic Federal Tax Payment System (EFTPS). The e-mail states that tax payments made by the e-mail recipient through EFTPS have been rejected.

The e-mail then directs recipients to a bogus link for a transaction report that, when clicked, downloads malicious software (malware) that infects the intended victim’s computer. The malware is designed to send back to the scammer personal and financial information already contained on the taxpayer's computer or obtained through capturing keystrokes. The scammer uses this personal and financial information to commit identity theft.

Please click here for more information regarding this scam.

From a Federal Trade Commission webpage dated 02/02/2012:

A flyer in the mail, a phone call, a personalized email — everyone receives requests for donations in one form or another. Many legitimate charities use telemarketing, direct mail, email and online ads to ask for contributions. Unfortunately, scam artists also use these techniques to pocket your money. If someone asks for a donation, take your time and familiarize yourself with the charity:

• Ask for the charity’s name, address, and phone number, and written information about its programs.
• Ask whether the person contacting you is a professional fundraiser and how much of your contribution will go to fundraising costs.
• Check the history of the organization with the office that regulates charities in your state. For a list of state offices, visit the National Association of State Charity Officials.
  
  You should also know the warning signs of a scam:

• High pressure pitches. Reject them: It’s okay to hang up.
• A thank you for a pledge you don't remember making. Be skeptical; scam artists will lie to get your money.
• Requests for cash. Avoid giving cash donations.
• Charities that offer to send a courier or overnight delivery service to collect your money.
• Charities that guarantee sweepstakes winnings in exchange for a contribution.
• Charities that spring up overnight, especially those that involve current events like natural disasters, or those that claim to be for police officers, veterans, or firefighters. They probably don't have the infrastructure to get your donations to the affected area or people.
  
  For more detailed information about charity donations, read Charitable Donations: Give or Take.

From an Epcor Fraud Alert posted here 02/10/2011:

Researchers from AppRiver, an email security vendor, have identified a new phishing campaign that targets merchant accounts from a payment processing vendor called First Data. First Data is an Atlanta-based provider of online and on-site payment solutions which caters to merchants, financial institutions and government agencies.

The emails detected by AppRiver contain "MERCHANT ACCOUNT UPDATE" as the subject line and claim to be from "FIRSTDATA SERVICES." The message within reads: "Dear First Data customer, please update your login. Download the attachment in this e-mail and proceed." The attachment entitled "Update Your Account Information.html," which when opened inside the browser, displays a fraudulent First Data Global Gateway login page which attempts to gather the merchant's store number, user ID, tax ID, phone number and password.

Once the hacker has gained access to the First Data account, he/she most likely has gained control of that specific merchants account.

Source: Softpedia

The counterfeit cashier's check scheme targets individuals that use Internet classified advertisements to sell merchandise. Typically, an interested party located outside the United States contacts a seller. The seller is told that the buyer has an associate in the United States that owes him money. As such, he will have the associate send the seller a cashier's check for the amount owed to the buyer.

The amount of the cashier's check will be thousands of dollars more than the price of the merchandise and the seller is told the excess amount will be used to pay the shipping costs associated with getting the merchandise to his location. The seller is instructed to deposit the check, and as soon as it clears, to wire the excess funds back to the buyer or to another associate identified as a shipping agent. In most instances, the money is sent to locations in West Africa (Nigeria).

Because a cashier's check is used, a bank will typically release the funds immediately, or after a one or two day hold. Falsely believing the check has cleared, the seller wires the money as instructed.

In some cases, the buyer is able to convince the seller that some circumstance has arisen that necessitates the cancellation of the sale, and is successful in conning the victim into sending the remainder of the money. Shortly thereafter, the victim's bank notifies him that the check was fraudulent, and the bank is holding the victim responsible for the full amount of the check.

If you believe you may have fallen victim to this type of scam and wish to report it, please file a complaint with Internet Crime Complaint Center http://www.ic3.gov/complaint/default.aspx

Source: Internet Crime Complaint Center http://www.ic3.gov/crimeschemes.aspx#item-3

The Internet Crime Complaint Center (IC3) was established as a partnership between the Federal Bureau of Investisation (FBI) and the National White Collar Crime Center (NW3C) to serve as a means to receive Internet related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local, or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate. The IC3 was intended, and continues to emphasize, serving the broader law enforcement community to include federal, as well as state, local, and international agencies, which are combating Internet crime and, in many cases, participating in Cyber Crime Task Forces.

Received as email from http://www.fdic.gov/:

The Federal Deposit Insurance Corporation (FDIC) has received numerous notifications from consumers of an e-mail that gives the appearance of being sent from the FDIC. The "From" line of the e-mail displays the name "Federal Deposit Insurance Corporation consumer" and the subject includes the words "Consumer Protection."

Current versions of the fraudulent e-mail state:

"Who is FDIC?

The Federal Deposit Insurance Corporation (FDIC) preserves and promotes public confidence in the U.S.financial system by insuring deposits in banks.

What can FDIC do for you? Despite the efforts of law enforcement, Identity theft is becoming more sophisticated and the number of new victims is growing. In general,consumers are protected against liability for unauthorized accounts or transactions under federal and state law and by financial industry practices. Identity Theft can affect consumers in many ways, thats [sic] why FDIC is presenting a new card insurance which can restore you up to $500 if you are a victim of internet fraud.

Learn more about Consumer Protection > Card Insurance:
Clicking here will redirect you to a online signup page for this program."

The e-mail requests that recipients click on a hyperlink that is provided. This directs the recipient to a "spoofed" Web page requesting the user to enter personal information to receive $500 of "card insurance." The requested information (name, phone number, Social Security number, address, card number, bank name, card expiration date, card verification code, and electronic signature/ATM PIN) could be used to perpetrate identity theft and gain unauthorized access to bank accounts. Be aware that the appearance of the fraudulent e-mails can be modified and that additional variations are possible.

Consumers should NOT access the link provided within the body of the e-mail and should NOT, under any circumstances, provide any personal financial information through this media.

The FDIC has shut down the fraudulent Web site and is investigating the source of the e-mails. Consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W. , Room F-4004, Washington , D.C. 20429 , or transmitted electronically to alert@fdic.gov. Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.

For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2008/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.

The IRS has advised taxpayers of several new email and telephone scams for the tax return filing season in a new press release. These scams, including one involving rebates, attempt to trick taxpayers into revealing sensitive information regarding financial accounts which the scammers then use to commit identity theft. The press release, which describes each of these scams and what to do about them, is summarized below.

Rebates are advance payments made available under the new government economic stimulus package. They are already being used as lures to get consumers to give up personal information which can then be used by the scamsters to steal from the victim's bank account. This identity theft starts with a phone call from someone impersonating an IRS employee. The target of the phone call is told that in order to receive a rebate, the caller must be given sensitive bank account information. This phone call is a scam. The IRS does not gather information by telephone.

The IRS is also warning of bogus email that claims to have a link to a tax refund claim form. Clicking the link opens a fake form in which the victim enters bank account or credit card information. The IRS does not send unsolicited email about tax account matters to taxpayers.

Another new email scam may be especially deceptive. It contains a salutation using an actual name and a notification that an audit is being made on the recipient's tax return. Other email scams have been typically based on spamming techniques in which names are not used. Not only is the use of an individual's name unusual, the scam is unique in that it involves the audit notification. The IRS has not seen such a scam before this one appeared.

The IRS press release also describes a bogus tax law email wherein the recipient is instructed to click on a link that will download for them information on tax law changes. In reality, clicking the link could introduce malware that gives remote access to the victim's computer.

The final new IRS alert involves another phone scam. Here, a target of a phony telephone call is advised that a check from the IRS has not been cashed and that the individual's bank account number must be supplied. Again, the IRS does not contact taxpayers over the phone for personal information. In this case, if a taxpayer is expecting a direct electronic deposit of a refund, it is up to the individual to supply the IRS with the bank routing and account numbers on the tax return.

Forward questionable email to the IRS mailbox, phishing@irs.gov, using instructions contained in the article "How to Protect Yourself from Suspicious E-Mails or Phishing Schemes." This mailbox may also be used to notify the IRS of scams involving telephone calls.

Received as email from http://www.privacyrights.org/:

As of November 2007, the three credit bureaus -- Equifax, Experian and TransUnion - began offering security freezes nationwide.  A security freeze is stronger and more effective than placing a fraud alert on your credit report, because it prevents anyone from accessing your credit file for any reason unless you instruct the credit bureaus to unfreeze your report. Most businesses will not issue credit without first reviewing the applicant's credit report or credit score. If an individual's credit report is frozen and a fraudster applies for credit in that individual's name, a creditor would deny the application, preventing an instance of identity theft.

The procedures and costs for placing a security freeze vary from state to state (in some states, security freezes are free for identity theft victims).  Non-victims who want to activate the security freeze must pay a fee in most states. When applying for credit, the consumer can lift the freeze so that legitimate applications for credit or services can be processed.

For state-by-state information on security freezes, visit this Consumers Union Web page:
http://www.consumersunion.org/campaigns/
learn_more/003484indiv.html

For additional tips on avoiding identity theft, see our fact sheet "Reducing the Risk of Identity Theft" at http://www.privacyrights.org/fs/fs17-it.htm.

Received as email from http://www.privacyrights.org/:

Registrations on the Federal Trade Commission's (FTC) popular Do Not Call list were set to expire in 5 years. For individuals that registered at the list's inception, the 5 year expiration would have occurred in 2008.  The FTC has now decided that it will not drop any telephone numbers from its Do Not Call Registry based upon the five-year expiration period pending further action to make registration permanent.

When the Do Not Call list was developed, the FTC adopted a five-year re-registration mechanism and said that the list - which now contains more than 145 million phone numbers - would be periodically purged of disconnected or reassigned numbers. This was done to ensure that the Registry was as accurate as possible. The Registry now includes a scrubbing program that removes disconnected and reassigned numbers each month.

The FTC has pledged to continue its efforts to maintain the Registry's accuracy and ensure the continued success of the Do Not Call program. It recently levied substantial penalties against several companies alleged to call individuals on the Do Not Call list. Bedmaker Craftmatic has agreed to pay $4.4 million to settle claims that it called consumers at home despite their inclusion on the Do Not Call registry. The Craftmatic penalty is the second-largest to date behind DirecTV's $5.3 million fine in 2005.

The Card Trap is a very simple and easy way to capture cards in an ATM. The criminal begins the process by inserting a thin piece of folded plastic into the throat of the card reader. This plastic will “trap” the next inserted card and prevent it from fully entering the card reader of the ATM.  A parasite devise can also be attached to read a card’s number. PIN data is also collected by means of a hidden camera or signs attached to the ATM directing the customer to perform any number of tasks that will allow the PIN to be ascertained. Often the criminal will pose as a fellow customer in line and offer help to the customer having difficulty. Customers who have their ATM card captured should immediately call into the Bank to report the incident, have their lost card blocked, and request a new card.

• We are aware of the fraudulent emails being sent about the suspension of FDIC Insurance and want to assure our customers their accounts at Community First Bank are FDIC protected.  Please talk to one of personal bankers if you have concerns about the level of your FDIC insurance protection.
• The Federal Deposit Insurance Corporation (FDIC) has alerted banks that they have been made aware of a scam where consumers receive an email that has the appearance of being sent from the FDIC.  The fraudulent email presents the recipients with an opportunity to secure their credit cards against fraud and to apply to be part of a secure online network launched by the FDIC in collaboration with various credit card providers. By accessing an embedded link, the email claims that the recipient can sign up for a free trial membership which provides shopping coupons for some of the more popular online retail outlets.  This scam is an attempt to obtain personal information from consumers or to implant a computer virus onto the recipient’s computer.   DO NOT ACCESS the link or attached files provided within the body of the email and DO NOT PROVIDE any personal information to unknown sources.
• Another scam occurring recently is a consumer receiving an email from what appears to be your bank advising you that an internal security breach has occurred.  The email tells the consumer that while everything has been stabilized, it still may be a good idea for you to visit the company website to change your personal information “just in case”. When the consumer clicks on the hyperlink inside the email, they are instantly transferred to your bank’s website. A pop up window appears with fields for your debit card number, current PIN and a new PIN.  DO NOT PROVIDE any personal information to unknown sources or pop up boxes.  If you comply with this request to protect your information, you will fall prey to the latest Internet scam. These crooks then use your information to make counterfeit debit cards to make unauthorized withdrawals against your account.