Dear Digital Insight Client,
Digital Insight would like
to warn you about a current phishing scam directed at Digital
Insight client financial institutions and their end users.
This scam targets users by sending emails that appear to
be from an official Digital Insight source (for example, “Digital Insight Customer Care,” “Digital
Insight Administration,” etc.), and is designed to
trick the recipient into clicking a link in the e-mail for
the purpose of acquiring sensitive data, such as passwords
or financial information.
Users should be advised to NEVER click links or install
programs suggested in emails, even if the email appears to
be from an official or familiar source. Digital Insight will
never send client emails containing links to download software
or applications.
-- Sample Phishing Email --
From: "customer-care@digitalinsight.com" <administration@digitallnsight.com>
Date: July 16, 2008
To: <name>
Subject: Attention - Important Notification!
Dear Administrator,
We inform you that your account is about
to expire. It is strongly recommended to update it immediately.
Update form is located here. However, failure to confirm
your records may result in account suspension
The email described above is not from Digital Insight. Users
should be advised to immediately delete emails such as these,
and be careful not to take the actions requested.
If you have questions about this, or wish to report what
you believe to be a phishing incident, please contact your
Digital Insight Account Manager, or contact Digital Insight
Customer Service: 877-462-3446 / customerservice@digitalinsight.com
/ https://my.digitalinsight.com.
You are about to access services provided by Identity Fraud,
Inc.
While these services are brought to you through an agreement
between the Knoxville TVA Employees Credit Union and Identity
Fraud, Inc., Identity Fraud, Inc. is responsible for the
content.
Privacy and security policies may differ between Knoxville
TVA Employees Credit Union and Identity Fraud, Inc.
You should understand that if you conduct business here,
you are conducting business directly with Identity Fraud,
Inc.
Click
here to continue.
President Bush has recognized National Consumer Protection
Week by calling on you, the consumer, to learn more about the
risk of fraud and identity theft and take action to protect
yourself. The Federal Trade Commission is spearheading this
week's campaign, titled "Read Up and Reach Out: Be an
Informed Consumer." The campaign encourages people across
the nation to take advantage of the wealth of information that
can enhance confidence in the marketplace. Consumer information
can help you recognize a rip-off, smell a scam or find a fraud.
Fraudulent promotions seek to exploit people's financial fantasies,
needs and general optimism. But by being informed, you are
better able to see through frauds and deceptions, whether they
take the form of questionable claims in an ad, 'breathless'
offers that come in the mail or email, or schemes that sound
like sure-fire successes. Perhaps more important, by being
informed you will know where to go for information about your
rights, and how and where to complain.
You can find practical * and tactical * tips from NCPW partner
organizations about how to make well-informed purchase decisions,
avoid scams, protect your personal information and file a
complaint at www.consumer.gov/ncpw.
This site has information from federal, state and local government
agencies and national consumer advocacy organizations. You
can also get the FREE "Heloise" Consumer Information
Packet at http://www.pueblo.gsa.gov/rc/d52heloise.htm.
The president created a Federal Identity Theft Task Force
last year. The panel has begun work by seeking comments on
how the government and private sector can fight and respond
to ID theft more effectively. "This task force is implementing
a comprehensive strategy to prevent identity theft, prosecute
those who commit fraud and help victims," Bush stated. "Through
these and other efforts, we are helping to ensure that consumers
have the tools they need to secure their personal information,
monitor their financial accounts, maintain their privacy
and make responsible decisions to guard against fraud."
NAFCU, in an official comment to the task force, last month
recommended focusing not only on account-holding institutions
but also on consumer practices, education on a national level
and accountability for merchants, data firms and other largely
unregulated organizations. It recommended that programs such
as those offered by NAFCU and other trades also be incorporated
into the panel's strategy.
Related LinksFTC site, National
Consumer Protection Week
Recently, there have been multiple e-mail fraud attempts
that were initiated via e-mail sent to both the general public
and to some credit union members that appeared to be from
the National Credit Union Administration (NCUA) and the Credit
Union National Association (CUNA). No credit union association,
regulator, state league or association or the credit union
would send a message via e-mail asking for identification
numbers. Do not use the link in these messages and simply
delete the message.
These false emails asked for the recipient to click on a
link to verify their credit union account information. If
the recipient proceeded to do so, the link directed them
to a false website and asked for their credit union account
number and PIN, along with other personal information.
Neither the NCUA or CUNA ask credit union members for such
personal information. Anyone who receives an e-mail that
gives the impression that it is from NCUA or CUNA asking
for account information should consider it to be a fraudulent
attempt to obtain their personal account data for an illegal
purpose and should not follow the instructions in the e-mail.
If
you responded to such an e-mail and provided any confidential
account information, please notify your credit union immediately
of the scheme.
Cyber thievery
is big business. If you get caught in the thieves’ trap,
they can steal your money and your identity. These thieves
are “phishing” for your personal
financial information. They’d love to get their hands
on your account numbers, your passwords, your Social Security
number, and other confidential information. Once they get
it, they can loot your checking accounts, run up your credit
card bill, or steal your identity. If they are successful
in lifting your identity, they may take out loans, obtain
credit cards, or even a driver’s license in your
name. It’s a financial nightmare and can take years
to clear up.
The BEST defense is to understand how phishing
works and how to protect yourself. Be on the lookout for
emails that appear to come from a reputable company such
as your financial institution, a government agency or a
web-based business from which you have purchased items.
The fraudulent email will probably warn you of a serious
problem with your account which requires immediate attention.
It may come as a warning that a third-party has attempted
to access your account. The email will encourage you to
click on a link to go the institution’s website.
This phony website may look like the real thing. In some
cases, it IS the real website, but immediately a pop-up
window will appear. Either way, you’ll be asked for
personal information.
If you provide the requested information, you may find yourself
a victim of identity theft. If you suspect this, please contact
the company IMMEDIATELY and file a report. Use a phone number
you find on your actual statement or in a newsletter or other
information published by the company.
To help you protect yourself, please attach the information
below to your computer monitor.
- Never provide your personal information in response
to an unsolicited request, whether it is over the phone
or over the Internet. If you did not initiate the communication,
NEVER provide any information.
- If you believe the contact may be legitimate, contact
the financial institution yourself by phone or in person.
The key is that YOU should be the one to initiate the
contact, using contact information that you have verified
yourself.
- Never provide your password over the phone or in response
to an unsolicited Internet request. A financial institution
will never ask you to verify your account information online.
- Review account statements regularly to ensure all
charges are correct. Periodically review activity online
to catch suspicious activity as soon as possible.
|
