Security Alerts
CDC Phishing Email
Simply Put: A fraudulent email is currently circulating that appears to be from the Center for Disease Control (CDC). The email scam informs recipients that they need to register with the CDC due to the launch of a fictitious "State Vaccination H1N1 Program." There is a link within the email that will forward users to a fake website that will actually install the ZeuS Trojan.
Attack Details: The email appears to be from the CDC and the subject of the email states "Government registration program on the H1N1 vaccination" or "Create your personal Vaccination Profile." The email also includes a link to create your personal profile, which instead links to a fake, malicious website. This site attempts to exploit a recent Adobe software vulnerability to install the ZeuS Trojan. This Trojan is considered "crimeware" and will attempt to steal website credentials.
Countermeasures: Users should be notified of the email immediately and informed to delete the email. Any currently infected machines should be removed from the network and the necessary incident response measures enacted. Gladiator is adding recognition patterns to our eShield email service to deny emails matching the current phishing scheme and will continue to block sites at the firewall if they are found to be hosting this scam.
Reference Links:
ACH Fraud Emails
Random individuals and/or companies may have received a falsified e-mail with the subject title "Rejected ACH Transaction." This e-mail appears to be from NACHA-The Electronic Payments Association telling them that there is a problem with an ACH transaction they have originated. The e-mail includes a link which redirects the individual to a fake web page which appears like the NACHA website and contains a link which is almost certainly executable virus with malware.
Sample E-mail
From:nacha.org[mailto:report@nacha.org]
Sent: Thursday, November 12, 2009 10:25 AM
To: Doe, John
Subject: Rejected ACH transaction, please review the transaction report
Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:
Unauthorized ACH Transaction Report (this is the how the link is presented)
Unlawful Internet Gambling Enforcement Act (UIGEA) of 2006
The UIGEA, signed into law in 2006, prohibits any person engaged in the business of betting or wagering (as defined in the Act) from knowingly accepting payments in connection with the participation of another person in unlawful internet gambling. The Dept of Treasury and the Federal Reserve Board have issued a joint final rule, Regulation GG, to implement this Act.
As defined in Regulation GG, unlawful Internet gambling means to “place, receive or otherwise knowingly transmit a bet or wager by any means which involves the use, at least in part, of the internet where such bet or wager is unlawful under any applicable Federal or State law in the State or Tribal lands in which the bet or wager is initiated, received or otherwise made”.
As a customer of Flint Community Bank, these restricted transactions are prohibited from being processed through your account or banking relationship with us. If you do engage in an Internet gambling business and open a new account with us, we will ask that you provide evidence of your legal capacity to do so.
Privacy & Security
Featured events & news
VISA Credit Cards at Flint are better than ever with competitive pricing combined with a full range of reward options. Click here to apply now.
Find us
2910 Meredyth Drive
Albany, Georgia 31721
Mailing Address P.O. Box 70878
Albany, Georgia 31708
(229) 903-1405FAX:
Alerts
We are receiving reports of phishing emails being sent from what appears to be a NetTeller email address customer _service @cm.netteller.com with the subject line of NetTeller Watch Notice. More
A fraudulent email is currently circulating that appears to be from the Center for Disease Control (CDC). More
Random individuals and/or companies may have received a falsified e-mail with the subject title "Rejected ACH Transaction." More
