At VyStar Credit Union, we’re focused on keeping you, and your money, safe. Check back here for frequent updates regarding local, national and digital scams and other threats.
A new Ransomware attack being reported in the news called “Petyawrap”, which has very similar characteristics to the WannaCry campaign reported back in May 2017. As we did with WannaCry, we will monitor this event and take action as appropriate.
Local reports of Zeus have been brought to our attention. Zeus, which was first detected in 2007, is the most widespread and effective banking trojan malware in the world. A banking trojan typically infects a victim’s devices via a malicious email attachment or through an infected website that the victim visits.
Once they take over the device, banking trojans are designed to recognize when the victim is visiting a financial institution’s website. The trojan then captures the victim’s personal information—such as login credentials, PIN number, etc.—using keylogging and other software that allows the criminals to manipulate the website and add seemingly legitimate pop-ups and forms that the victim fills out. Banking trojans can also redirect the victim to a fabricated website that looks deceptively similar to the authentic financial institution website, which dupes the victim into providing their sensitive information and can trigger a second factor authentication code, such as an SMS message. The Zeus trojan, in particular, rose to popularity because it has helped criminals steal hundreds of millions of dollars from its victims’ financial accounts.
Here’s how you can prevent a banking trojan like Zeus from infecting your computer:
Mobile device users should consider the following tips:
Reports of threatening text messages and phone calls from scammers claiming to have personal information and/or a family member hostage have been reported in the Northeast Florida area. Scammers ask for money or their information will be made public or their family member will be hurt. While some information is of public record, if you receive a call or text of this nature, call the police and report it to the Better Business Bureau using their BBB Scam Tracker. Do not provide the caller money.
In the news today (May 15, 2017) is news of a new cyberattack noted as being the “biggest online extortion attack ever recorded”. Please note that VyStar was not affected by this.
'WannaCry' ransomware attack hit a 'limited number' of US companies representing many different branches of economy over the weekend, Homeland Security officials confirm to Fox News.
Here's what you can do to protect your PC:
A phishing email attack targeting Google users impacted millions across the country. Reports indicate that Google has shut the attack down. The messages can be identified by the recipients section, which show they were sent to “email@example.com along with others who were Bcc’d. Delete the message. Do not open it.
If you believe you have been a target of this phishing attack and already opened the email:
Members have been receiving text messages stating their direct deposits have been suspended. They are being asked to call 805-490-5546 and enter their debit/credit card number. This is not VyStar Credit Union. Do not enter your card number or any other information. Delete the message, do not reply.
Romance scams involve phony online relationships that deceive the victim into handing over their cash. Here’s how it works: A criminal posts a fake profile and photographs on a dating website or social media platform, posing as someone looking for a relationship. When they find you—their target—on those sites, they engage you in romantic conversations through email, messages or chat sessions. Once they’ve won your trust and you’ve established a long-term online “relationship” with them, the person who claims to be “in love” with you tells you they have a problem and need you to send/receive money or packages on their behalf. Once you agree to push those items from one place to another, you’ve been caught in the money mule web.
Work-from-home schemes are bogus job offers that have been crafted to appear legitimate. You can typically encounter them in spam emails, on job search websites or on social networking sites. In actuality, these “opportunities” are just bait used by fraudsters to excite you and trick you into providing your account details so they can send you a large counterfeit check. (Sometimes no account information is provided; a check is just mailed to you with further instructions.) You’re then asked to transfer that money to a third party, usually located in a foreign country, through a wiring service for a small commission. The criminals may even go as far as inviting you for an interview or asking you to sign an employment contract. You may think you’ve scored the job of a lifetime, but the truth is that you will never get paid. Not only that, but now that your personal information has been stolen, you run the risk of losing money or being arrested.
“Card cracking,” also known as “card popping,” is a ploy criminals use to target people who are in need of cash and trick them into facilitating fraud. It all starts with what seems to be a harmless post on social media outlets like Instagram, Facebook or Twitter that promises fast cash. After luring you in with the tempting deal, the con artist then fools you into giving them your financial account information, debit card number/PIN or online banking login credentials in exchange for a kickback (i.e., a small portion of illicit profits). They may also direct you to contact your financial institution and advise them that you will be traveling, even if you’re not. The fraudster uses that information to deposit counterfeit checks into your account and allows you to keep a portion of the money. The fraudster then quickly withdraws all the money from your funds before the financial institution catches on to the phony check. You are then forced to call the financial institution and falsely report that your information has been compromised—without mention that you gave the criminal your credentials—and ask that your money be returned, making you an accessory to the crime. Not only that, but you are also now on the hook for the stolen funds and may even be sentenced to time in prison.
The Internal Revenue Service (IRS) warns payroll and human resource professionals of an emerging phishing scheme that has already claimed several victims within payroll and human resources departments. This phishing scheme purports to be from company executives (e.g., the chief executive officer) requesting employee payroll data, including W-2 forms and other personally identifiable information. The employees have responded and mistakenly emailed the requested information.
Example fraudulent emails received are as follows:
We have been alerted to a phishing scam. Some of our members have reported receiving a text message from a 410 area code. The text message states this is from the Fraud Department and your credit/debit card information needs to be confirmed due to a possible compromise. Once the call is returned, you're asked to enter your full card number and other card details.
Do not call the phone number or enter your card information. Delete the message, do not reply. VyStar's Fraud Department does not contact members to verify information in this way.
According to Yahoo! Finance, there are reports of consumers receiving emails offering them an upgrade if their debit or credit cards have not yet had an EMV-chip sent by their credit union or bank. These emails are designed to look like they are from a consumer's financial institution. VyStar Credit Union has not sent an email regarding EMV-chip card upgrades. We will never ask for your card numbers through email. Do not reply with your personal information or click on any links if you receive this type of email.
Our members, the Better Business Bureau and news media have reported a text message scam. A text message similar to this is received:
The message asks the person to update information through a link on a website. When clicked, the link appears to be a banking website. Do not enter your internet banking or any other information. Delete the message, do not reply.