IRS Issues Warning About Latest E-mail Scam

Aug. 30, 2007—The IRS alerted taxpayers on Monday about a new e-mail scam that purports to come from the agency and claims the recipient can receive $80 by filling out an online customer satisfaction survey.
 
As with previous scams the IRS has warned about this year, the e-mail is believed to contain a link and attachment that open a Trojan Horse program which takes over a person’s computer. The Trojan Horse enables the hacker to remotely access the victim’s computer. The IRS is urging people to not click on the link or open the attachment. Instead, they should forward suspicious e-mails to phishing@irs.gov and follow the instructions, the agency said.

Mark Hanson, an IRS media relations officer, said the latest scam appears to be aimed at “business taxpayers as well as individual taxpayers.”

In issuing its warning about the latest scam, the IRS reiterated that it does not send out unsolicited e-mails or ask for detailed personal and financial information.

Acting IRS Commissioner Kevin M. Brown said in a press release that people should “always exercise caution when you receive unsolicited e-mails or e-mails from senders you don’t know.”

NCUA Phishing Scam Alert! Please Beware!

This is a fraudulent e-mail message being sent to members purporting to be from the National Credit Union Administration (NCUA). It directs recipients to click on a link to verify their credit union account number, PIN and other personal information. Please Note: Money One or NCUA will never ask you to provide account information via email.

Please notify us at 301-925-4600 or info@moneyonefcu.org if you responded to this scam and provided any confidential account information. Money One will assist you in changing your account, PIN, or any other action necessary to protect your account.

New Twist on "How" the Phishers Continue to Phish Credit Union Members!

Phishers seek every opportunity to find individuals who are willing to provide information for the criminals to tap into a financial gain. Once you provide your personal and/or financial information, the fraudsters are off and running to create financial losses to you and your credit union.

The phishers continue to change their phony e-mails by including false fraud protection techniques as a new twist to convince you the e-mail is from your credit union with the added educational information. Because of everyone's fraud awareness, the phishers lure you to "take action" and provide the information by using an "online banking" log-in which will re-direct this site to the fraudster.

The "take action" the phishers are asking you to perform is:

• deactivate your card(s) temporarily to guard against fraud
• activate your card(s) by having you log on to an "online banking system" where the phishers are able to obtain member's card information

The phishers convince you there is no need to contact your credit union to validate the email or telephone request involving the deactivation and activation process. It's critical that you are aware of the new twists in the phishing fraud arena and that you should confirm any changes with your credit union.

Be Educated on "Phishing"

• Never click on any links provided in an e-mail you believe is fraudulent.
• Do not open an attachment to an unsolicited e-mail unless you have verified the source.
• Do not be intimidated by an e-mail or caller who suggest dire consequences if you do not immediately provide or verify information.
• If you believe the contact is legitimate, go to the company's website by typing in the site address directly or using a page you have previously book marked, instead of a link provided in the e-mail.
• Use the FTC (Federal Trade Commission) website, www.onguardonline.gov. Consumers can take interactive quizzes designed to enlighten them about identity theft, phishing, spam and online-shopping scams. Elsewhere on the site, consumers can find detailed guidance on how to monitor their credit histories, use effective passwords and recover from identity theft.

Remember, Money One FCU will never ask you to provide account information via email.

New Phishing Scam targeting Online Banking Users

We previously informed you on fraudulent e-mail messages being sent to members purporting to be from the National Credit Union Administration (NCUA) directing recipients to click on a link to verify their credit union account number, PIN and other personal information. Fraudsters are now using social engineering and hacking to attempt new ways to gain access to members' funds.

Social engineering is a fraudster's clever manipulation of the natural human tendency to trust. The goal is to obtain information that allows unauthorized access to a valued system and the information that resides on that system. Fraudsters are also using software that performs key logging that collects every keystroke a user makes and hides that information in a file to obtain members' login IDs and passwords.

Once the fraudsters have access to a member account, they are setting themselves up as merchants in bill pay to gain access to member funds.

If you are an online banking member, we recommend that you use "trusted" PCs and load anti-virus and spyware products on your PC. Also, never give login and password information out and use complex passwords containing letters, numbers and symbols that are not easy to figure out. Please forward any e-mail scam/Phishing messages that you receive to us at info@moneyonefcu.org

IRS warns of 'tax refund' e-mail scam

Dec. 2, 2005-IRS is warning consumers against a phishing e-mail scam that directs them to a Web site to enter personal identifying and financial information in order to receive a tax refund.

The bogus e-mail, which claims to come from "tax refunds@irs.gov," tells the recipient that he or she is eligible to receive a tax refund for a given amount. It provides a link that recipients are supposed to follow to submit a form online. Recipients are also asked to provide personal identifying and financial information-the kind of information used by ID thieves to defraud consumers of their funds and credit.
Sophos, an online-security firm, says the scam exploits a security vulnerability at a legitimate government site to re-route consumers to the scammer's site.

IRS, in a warning issued Wednesday, says it never asks for personal identifying or financial information using unsolicited e-mail. It notes also that, contrary to the information in the scammer's e-mail, taxpayers do not have to complete a special form to obtain a refund.

IRS advises people not to open attachments in suspect e-mails because they can trigger computer viruses. Instead, it suggests calling IRS 1-800-829-1040 to find out whether the IRS is trying to contact them about a tax refund.

New Scam Directed at Credit Union Members

Money One has been alerted that credit union members nationwide have been targeted in email scams to gain access to their accounts. These false email messages appear to be generated from a legitimate credit union and ask the recipient to click on a link to verify their account information. If the recipient proceeds to do so, the link directs them to a false website that resembles the credit union’s site. The false site asks for their credit union account number, debit card number and PINs. Once the information is provided, funds can be withdrawn from the account using the debit card number and PIN.

New Scam Directed at Money One Visa Credit Card Holders

We have been notified that one of our members received a telephone call by someone pretending to be an employee of Card Services. Our member was told that we were going to lower the rate on his Money One Visa card, since he was a good member.

Please note:

• Money One would only notify our members directly by mail of any change in interest rate on your credit card.
  
• Never give out personal or account information to someone over the telephone or by email.
  

Money One and Card Services would already know your Visa account number, address and expiration date. BEWARE!

PHISHING SCAM ALERT!!!

Recently, there have been multiple "Phishing” scams that were initiated via email sent to both the general public and to some credit union members that appeared to be from National Credit Union Administration (NCUA).  This false email asked for the recipient to click on a link to verify their account registration. If the recipient proceeded to do so, the link directed them to a false website and asked for their credit union account number and PIN.
NCUA was alerted to this scam.  The website was shut down on 4/25/05.  However, you should be aware that these types of fraudulent schemes have a habit of reappearing in a same or similar fashion.

Please notify us if you responded to any of these scams and provided any confidential account information. Money One will assist you in changing your account, PIN, or any other action necessary to protect your account.

Please Note:
Money One or NCUA will never ask you to provide account information via email.

FBI FRAUD ALERT
If You Can Answer "Yes" to Any of the Following Questions, You Could Be Involved in a Fraud or About to be Scammed!

• Is the CHECK from an item you sold on the Internet, such as a car, boat, jewelry, etc.?
• Is the amount of the CHECK more than the item's selling price?
• Did you receive the CHECK via an overnight delivery service?
• Is the CHECK connected to communicating with someone by email?
• Is the CHECK drawn on a business or individual account that is different from the person buying your item or product?
• Have you been informed that you were the winner of a LOTTERY, such as Canadian, Australian, El Gordo, or El Mundo, that you did not enter?
• Have you been instructed to either WIRE, SEND or SHIP MONEY, as soon as possible to a large U.S. city or to another country, such as Canada, England, or Nigeria?
• Have you been asked to PAY money to receive a deposit from another country such as Canada, England, or Nigeria?
• Are you receiving a PAY or a COMMISSION for facilitating money transfers through your account?
• Did you respond to an email requesting you to CONFIRM, UPDATE, or PROVIDE your account information?

Tell our Branch Personnel Immediately!