March 28, 2014 - E-mail Claiming to be from the FDIC
Rabobank has reported multiple counterfeit cashier’s checks using a correct routing number of 122238420 are being presented for payment nationwide. The counterfeit checks do not resemble the bank’s authentic items. The first variety of these counterfeit checks may be identified by a scalloped border and the following security statement in the top border: “THIS DOCUMENT HAS A COLORED BACKGROUND AND HIGH RESOLUTION BORDERS. These counterfeit checks are missing the bank’s telephone number, (800) 942-6222, and may be made payable in amounts of $1,270.00, $1,493.27 and $98,000.00. For additional information or guidance and to verify the authenticity of Rabobank, N.A.’s cashier’s checks, please contact Rabobank, N.A. Customer Care at 800-942-6222.
Consumers who receive a counterfeit or fictitious item and associated material should file complaints with the following agencies, as appropriate:
February 1 - E-mail Claiming to be from the FDIC
- Federal Trade Commission (FTC): by telephone at (877) FTC-HELP or, for filing a complaint electronically, via the FTC’s Web site at www.ftc.gov.
- Better Business Bureau (BBB): The BBB system serves markets throughout Canada, Puerto Rico, and the United States and is the marketplace leader in advancing trust between businesses and consumers. The Web site www.bbb.org offers contact information for local BBBs, objective reports on more than 2 million businesses, consumer scam alerts, and tips on a wide variety of topics that help consumers find trustworthy businesses and make wise purchasing decisions.
- Federal Bureau of Investigation Internet Crime Complaint Center (to report scams that may have originated via the Internet). Its Web site is www.ic3.gov.
- If correspondence is received via the U.S. Postal Service, contact the U.S. Postal Inspection Service by telephone at (888) 877-7644; by mail at U.S. Postal Inspection Service, Office of Inspector General, Operations Support Group, 222 S. Riverside Plaza, Suite 1250, Chicago, IL 60606-6100; or via the online complaint form at https://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC. The e-mails are addressed to the attention of the "Accounting Department" and meant to notify recipients that the "ACH and WIRE transactions" are being blocked until "a special security software" is installed. It instructs recipients to go to a Web site for instructions on how to download the necessary files by clicking on a hyper-link provided.
This e-mail and link are fraudulent. The FDIC does not issue unsolicited e-mails to consumers or business account holders. If you receive such an e-mail delete it and do not click on the link. Learn more about recognizing phishing attempts.
June 8 - LinkedIn Passwords Compromised
There are reports that the social networking site LinkedIn has suffered a security breach resulting in the compromise of some users' passwords. This could give the hackers access to users' profiles and e-mail information. It is recommended that if you have a LinkedIn account you immediately change your password and if you have used that password elsewhere (e.g. online banking, shopping sites, etc.) to also change those passwords. There is a possibility of phishing or malicious e-mails resulting from this breach (e.g. LinkedIn invites from people you don't know) or offers to "verify" if your password was leaked. Do not respond to these e-mails, or click on the links. Read more about phishing and how to spot it.
February 24 - Fraudulent OCC Correspondence
The Office of the Comptroller of the Currency (OCC) is warning the public of fraudulent e-mails, faxes and letters being sent in a phishing attempt to gather personal and account information.
The correspondence has the appearance of coming from the OCC, the U.S. Department of Homeland Security, or the U.S. Department of Justice. It indicates that funds are being held for the individual or business by the OCC because of the need for payment of a 0.059 percent revenue charge to the U.S. Internal Revenue Service. It contains forged signatures of actual OCC officials and a fictitious mailing address.
If you receive a correspondence such as this do not respond. If you feel it may be legitimate, contact the OCC directly to verify at email@example.com or by calling the Special Supervision Division at (202) 874-4450.
February 16 - Tax Season Phishing Scams and Malware
As tax deadlines draw near there is often an increase in the number of tax related phishing scams and malware. Customers are reminded to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign. Some common tax time themes in fraudulent e-mails (but not all) are:
- Information that refers to a tax refund
- Warnings about unreported or under-reported income
- Offers to assist in filing for a refund
- Details about fake e-file websites
These messages may even appear to be from the IRS and often ask users to submit personal information via email or to follow a link to a website that requests personal information or contains malicious code. To protect yourself from these types of phishing scams and malware campaigns:
- Do not respond to request for personal information from an unsolicited e-mail
- Maintain up-to-date antivirus software
- Refer to the IRS website for information and samples of known scams
- Learn more about recognizing phishing scams and protecting yourself from malware.
January 27 - Fraudulent ACH E-mails
We have received reports of fraudulent e-mails being received that have the appearance of having been sent from NACHA (the National Automated Clearing House Association).
The e-mail claims to be from the "Electronics Payment Association" and appears to be coming from an e-mail address "@nacha.org." It says it is in regard to a rejected ACH transfer from your account and contains a link to a report with more information. The link contains a virus that when clicked on can infect your computer.
If you receive such an e-mail do not click on the link. Instead, you should forward the e-mail claiming to be from NACHA to firstname.lastname@example.org and then immediately delete the e-mail. NACHA does not process the ACH transactions that flow between organizations and financial institutions and will never contact individuals or organizations about individual ACH or Wire transactions. Learn more about recognizing phishing attempts.
December 20 - LinkedIn Phishing E-mails
There has been a recent increase in the number of phishing e-mails being sent to LinkedIn users. The e-mails can come in several forms including invitations from people you don't recognize and ACH transaction alerts. Clicking on links in the e-mail will take you to a phishing site where you will be asked to provide sensitive information or a virus/malware will attempt to download to your computer. By passing the mouse over the links (do not click on it) the phishing link is revealed as not being part of LinkedIn.
If you receive a suspicious e-mail from LinkedIn delete the e-mail and do not click on the links. As a reminder, Rabobank will never initiate a request for sensitive information (e.g. Social Security number, account number, etc.) through unsecured means such as telephone, text message or e-mail.