• About Us
• Contact Us
• Staff
• Locations
• Rates

Security Threats & Alerts

The Federal Deposit Insurance Corporation (FDIC) is warning consumers, businesses and financial institutions to be aware of fraudulent e-mails allegedly from, or related to, financial institutions that have been the subject of recent news stories. Phishing e-mails often incorporate aspects of high-profile news stories - such as bank mergers, acquisitions and failures - to create a sense of urgency and legitimacy for requesting information or action.

These types of fraudulent e-mails may request recipients to verify computer logon credentials, update personal information, or activate new online security features. The fraudulent e-mails may include a link that directs the recipient to a fraudulent or "spoofed" Web site that looks similar to the subject institution's legitimate Web site. Once there, users may be prompted to provide information about online banking credentials or other personal and confidential information that could be used to gain unauthorized access to online banking services or perpetrate identity theft. These spoofed Web sites may also direct the user to download software updates or digital certificates, which may actually be malicious code or software attempting to collect online banking credentials or other personal and confidential information.

Consumers, businesses and financial institutions should be wary of unsolicited e-mails purportedly from financial institutions recently in the news and take the following precautions:

• Do not follow Web links in unsolicited e-mails from apparent financial institutions. Instead, use Web browser bookmarks or type your institution's Web address into the browser address bar when accessing your bank's Web site or online banking services.
• Always use anti-virus software and ensure the virus signatures are automatically updated. Ensure the computer operating system and common software applications are up-to-date with security patches installed.
• Do not open unsolicited or unexpected e-mail attachments claiming to be from a financial institution because of the risk of malicious code or software. As a precaution, call the financial institution using an appropriate telephone number, such as one from an account statement, to validate the e-mail and attached file before opening any attachment.
• Be aware that phishing e-mails frequently use new and innovative ways to trick recipients into providing logon credentials and confidential information or into unleashing malicious code.
• Regularly review financial account statements and immediately report any discrepancies to your institution.
• Be mindful that financial institutions generally deliver notices to consumers in writing about changes in account terms and conditions unless the consumer previously agreed to receive the notice electronically.

For additional information about safe online banking and avoiding online scams, visit http://www.fdic.gov/consumers/consumer/guard/.


The FDIC is aware of e-mails appearing to be sent from the FDIC that ask recipients to open and review an attached file. Currently, the subject line of the e-mail states: "Funds wired into your account are stolen." The e-mail is fraudulent and was not sent by the FDIC.

The fraudulent e-mail tells the recipient that proceeds from identity theft crimes have been wire-transferred into their bank account. The e-mail then directs the recipient to open and review an attached copy of their bank account statement and to contact their bank account managers.

The attached file is actually an executable file containing malicious code or software. Recipients should consider the attached file as a malicious attempt to collect online banking credentials or other personal and confidential information that could be used to gain unauthorized access to on-line banking services or perpetrate identity theft and other criminal activities.

Recipients of the fraudulent e-mail should not reply and should not attempt to open the attached file. According to reports received by the FDIC, many antivirus software programs have been detecting and removing the malicious attachment before the e-mail is delivered. However, if a recipient does open the attachment, the FDIC recommends updating anti-virus software patches and performing a complete scan of the computer and network, if applicable. If a computer becomes infected and the user encounters difficulties removing the malicious code, users should contact their anti-virus software vendor. The FDIC highly recommends using anti-virus software.

For additional information about safe online banking and avoiding online scams, visit http://www.fdic.gov/consumers/consumer/guard/.

For your reference, FDIC Special Alerts may be accessed from the FDIC's Web site at http://www.fdic.gov/news/news/SpecialAlert/2008/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit http://www.fdic.gov/about/subscriptions/index.html.












Information from at least 45.7 million credit and debit cards was stolen by hackers who accessed TJX's customer information in a security breach that the discount retailer disclosed more than two months ago. TJX Cos., the owner of about 2,500 stores, said in a regulatory filing late Wednesday that about three-quarters of those cards had either expired at the time of the theft, or data from their magnetic strips had been masked -- stored as asterisks rather than numbers. But TJX acknowledged it still knows little about the full scope of the breach, in part because the hacker or hackers accessed TJX's encryption software and could have known how to unscramble the information. More Information...

A lottery scam begins with an unexpected letter and check indicating that "You have won" a large sum of money in a lottery. The recipient of the letter is usually told to keep the notice secret, "due to a mix up in some of the names and numbers", and to contact a "claims agent". After contacting the agent, the target of the scam will be asked to deposit the check in their bank right away in order to pay for taxes on their winnings. The target is then asked to send money by Western Union or Money Gram. The deposited check is fraudulent and the target is out the money. There is no need to contact the Bank of Ann Arbor, but feel free to contact your local police department.

E-mails that fraudulently claim to be from ViewPoint Bank Financial Solutions and the FDIC request that recipients provide highly sensitive personal information, including bank account information. More Information...

Bank of Ann Arbor was recently notified by Visa that certain card information may have been compromised due to an intrusion into The TJX Companies' computer systems (TJ Maxx, Home Goods, Marshalls, etc., www.tjmaxx.com). The perpetrators may have obtained some Bank of Ann Arbor Visa CheckCard account numbers. We have seen no fraudulent activity on our cards; however, some fraud has been reported both domestically and abroad. To ensure security, we have taken the proactive step of issuing new Visa CheckCard.

If your card was one that may have been compromised, you will receive a letter from us. Then a new Bank of Ann Arbor Visa CheckCard and PIN would follow within 7-10 business days. As soon as you receive your new card, please activate it by using it at an ATM. Then destroy your old card. Your old card will be cancelled on 2/28/07. You may continue to use your current card until the new one arrives, or you may call (734)662-1600 to immediately cancel your card.

Everyone should continue to take steps to protect yourself by closely monitoring your account and double-checking monthly statements to ensure they match your records. You can view your account activity online anytime instead of waiting for your monthly statement to arrive. If you detect any suspicious activity on your account, notify us immediately.

Bank of Ann Arbor and Visa take very seriously our obligation to protect the security and privacy of our customers. We apologize for any inconvenience this may cause our clients. If you have any questions or concerns, please don't hesitate to give us a call at (734)662-1600.

http://www.occ.treas.gov/ftp/ADVISORY/2007-1.html

E-mails that falsely claim to be from the FDIC are requesting that recipients provide highly sensitive online banking information. These e-mails are fraudulent and were not sent by the FDIC. More Information...

There are many variations of the fake check scam, but the common thread is a stranger proposing to send the victim a check and have the victim wire money in return. "It may start with someone offering to buy something you advertised for sale, pay you to work at home, or give you an advance on a sweepstakes you won," explained Susan Grant, director of NCL's National Fraud Information Center and Internet Fraud Watch programs. "Whatever the set-up is, the bottom line is if someone you don't know wants to pay you by check but wants you to wire money back, it's a scam." More Information...

E-mails that fraudulently claim to be from the FDIC are requesting that recipients provide highly sensitive personal information, including bank account information. More Information...

E-mails fraudulently claiming to be from the FDIC are attempting to trick recipients into installing unknown software on personal computers. These e-mails falsely indicate that recipients should install software that was developed by the FDIC and other agencies. The software may be a form of spyware or malicious code and may collect personal or confidential information. More Information...





The company provided an update of its investigation in a regulatory filing made after business hours Wednesday. TJX says its computer systems were first breached in July 2005 by a hacker or hackers who accessed information from customer transactions dating to January 2003. TJX says it didn't find out about the breach until about three months ago. Information from 45.7 million cards was stolen from transactions beginning in January 2003 and ending Nov. 23 of that year, TJX said in the filing with the Securities and Exchange Commission. TJX did not give estimates of the number of cards from which information was stolen for transactions occurring from Nov. 24, 2003 to June 28, 2004. TJX said in the filing that ''substantially all stolen data'' from the latter period ''were deleted in the ordinary course of business subsequent to the believed theft but prior to discovery of computer intrusion.'' Lang said TJX was investigating why information stolen during the initial nine-month period in 2003 wasn't been routinely deleted. The filing also says, ''We believe that the intruder had access to the decryption tool for the encryption software utilized by TJX.''

The filing also said another 455,000 customers who returned merchandise without receipts had their personal data stolen, including driver's license numbers.The filing gives the first detailed account of the breach initially disclosed in January by Framingham-based TJX, the owner of T.J. Maxx, Marshall's and other stores in North America and the United Kingdom. The filing says the company ''does not know who took this action, and whether there were one or more intruders involved.'' Also unknown is whether there was a single continuing breach, or multiple, separate intrusions.

In Wednesday's filing, TJX said for the first time that Dec. 18, 2006, was the date it first learned that there was suspicious software on its computer system. TJX said it believes hackers invaded its systems in July 2005, on later dates in 2005 and also from mid-May 2006 to mid-January 2007. The company said no customer information was stolen after Dec. 18, one day before it hired General Dynamics Corp. and IBM Corp. to investigate. By Dec. 21, those investigators determined that the computer systems had been breached and that an intruder remained on the systems. TJX said it notified federal authorities Dec. 22, and on Jan. 3, TJX officials and Secret Service agents met with banks and payment card and check processing companies to discuss the computer intrusion. The company issued a news release Jan. 17 disclosing the breach but did not say how much data was stolen.

TJX is facing an investigation by the Federal Trade Commission and lawsuits from individuals and banks accusing it of failing to do enough to safeguard private data and of delaying disclosure of the problem. The company said in Wednesday's filing that its forensic investigation of the intrusion is ongoing and it is continuing to work to strengthen and protect its computer systems.


The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails that appear to be sent from ViewPoint Bank Financial Solutions and the FDIC. The e-mail requests the recipient to register for a "SON - Secure Online Network" code to protect against credit card fraud. The e-mail instructs the recipient to click on a hyperlink to initiate "SON" registration in an attempt to acquire the recipient's personal financial information. These e-mails are fraudulent and were not sent by either ViewPoint Bank or the FDIC. Financial institutions and consumers should NOT access the link provided within the body of these e-mails and should NOT, under any circumstances, provide any personal financial information through this media. The FDIC does not directly contact consumers, nor does the FDIC request personal financial information from consumers.

The fraudulent e-mails describe fictitious relationships between the FDIC and VISA, MasterCard, Yahoo, eBay, Amazon.com, and Half.com. The e-mails claim that consumers will receive a 15 percent discount at various Web sites upon completion of the form. These fraudulent e-mails may be modified over time, reflecting different financial institution names or business relationships.

The FDIC is attempting to identify the source of the fraudulent e-mails and disrupt the transmission. Until this is achieved, consumers and financial institutions should notify the FDIC at alert@fdic.gov of any similar attempts to obtain personal financial information.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Information related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.


The Federal Deposit Insurance Corporation (FDIC) has become aware of fraudulent e-mails appearing to be from the FDIC. The e-mails ask recipients to click on a hyperlink titled "Take the Corrective Action - Implement the LinkBank System." When accessed, the hyperlink takes the individual to a "spoofed" FDIC Web page. At that point, the individual is directed to provide online banking information, including bank name, username, and password.

The fraudulent e-mails appear in "memo format" and are purportedly from "Russell A. Rau, Assistant Inspector General for Audits." The e-mails include a "Subject" line that states: "Division of Supervision and Consumer Protection's Risk-Focused Compliance Examination Process for [recipient's name inserted] (Report No. 05-038)."

The FDIC does not directly contact consumers in this manner, nor does the FDIC request personal financial information from consumers. Financial institutions and consumers should NOT access the link provided within the body of these e-mails and should NOT, under any circumstances, provide any personal financial information through this medium.

Financial institutions and consumers should be aware that other similar e-mails may be sent that falsely claim to be from the FDIC.

The FDIC is attempting to identify the source of the fraudulent e-mails and disrupt the transmission. Until this is achieved, consumers and financial institutions should notify the FDIC at alert@fdic.gov of any similar attempts to obtain personal financial information.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov.


Often the crooks claim to be in other countries and say it's too difficult to make payment directly, so they'll have someone in the U.S. who owes them money send the victim a check. The amount of the check is more than the victim is owed, so the victim is instructed to deposit the check and wire the excess back. Or scammers may tell victims to wire some of the money back as fees to collect their "winnings."

The checks sent to victims are forgeries, but they're so realistic that even bank tellers may be fooled. By the time the checks bounce, the victims have already wired the money to the crooks. Because bank customers are responsible for the checks they deposit, the victims of these scams are left to repay the bank the money they withdrew against the bad check.

"Federal law requires banks to make the funds you deposit available quickly, but it's important for consumers to know that just because you can withdraw the money doesn't mean the check is good," said Edward Yingling, executive vice president for ABA. "We want to help prevent victimization by alerting consumers and bank personnel to this fraud."

NCL and the ABA have partnered to create new tips at NCL's www.fraud.org Web site about fake check scams and are conducting educational outreach to both consumers and bank personnel. Consumers should be aware that:

• There is no legitimate reason for someone who is giving you money to ask you to wire money back;
• Just because you can withdraw the money doesn't mean the check is good, even if it's a cashier's check;
• If a stranger wants to pay you for something, insist on a cashier's check for the exact amount, preferably from a local bank or one with a branch in your area.

For more details about how fake check scams work and how to avoid them, visit the telemarketing or Internet fraud section of www.fraud.org.


The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails appearing to be from the FDIC asking recipients to register for a "SON - Secure Online Network" code. The e-mail requests that recipients click on a hyperlink to initiate "SON" registration in an attempt to acquire the recipients' personal financial information. These e-mails are fraudulent and were not sent by the FDIC. Financial institutions and consumers should NOT access the link provided within the body of these e-mails and should NOT, under any circumstances, provide any personal financial information through this media.

The fraudulent e-mails describe a fictitious relationship between the FDIC and GoldLeaf Financial Solutions and suggest that the FDIC collaborated in the development of SON. The e-mails state that "SON":

• is "dedicated to protect payment cards against online fraud";
• "assigns a unique code to a payment card, therefore replacing random parts of the personal information"; and
• is "required for FDIC claims as it is part of the FDIC's new set of standards."

Variations of the e-mails have been reported. For example, at least three different subject lines are currently being used, including "Urgent Notification - Security Reminder," "Online Access Agreement Update," and "SON Registration." Some versions of the fraudulent e-mails include a salutation of "Dear FDIC beneficiary," while other versions include the recipient's name and e-mail address after the word "Dear." Some versions of the e-mails include the recipient's name and mailing address and a statement that "your personal information did not match any SON code." Other subject lines and modifications to the e-mails may occur over time.

Financial institutions and consumers should be aware that other similar e-mails may be sent that falsely claim to be from the FDIC. The FDIC does not directly contact consumers in this manner nor does the FDIC request personal financial information from consumers.

The FDIC is attempting to identify the source of the fraudulent e-mails and disrupt the transmission. Until this is achieved, consumers and financial institutions should notify the FDIC at alert@fdic.gov of any similar attempts to obtain personal financial information.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov.

For your reference, FDIC Special Alerts may be accessed from the FDIC's Web site at www.fdic.gov/news/news/SpecialAlert/2006/index.html.


The Federal Deposit Insurance Corporation (FDIC) is aware of e-mails appearing to be sent from the FDIC that are asking recipients to install unknown software on personal computers. Currently, the subject line of the e-mail includes the phrase "Urgent Notification - Security Reminder." The e-mail is fraudulent and was not sent by the FDIC.

The fraudulent e-mail describes "a small client utility"-referred to as "ProBank"-that recipients are asked to install on home and business computers. The e-mail claims:

"...this utility only starts whenever an online session is opened with a Financial Institution insured by the FDIC, thus it will never interfere with any programs installed on your computer. Please help us combat fraud by installing, ProBank on any computer that is used to open an Online Banking session."

The e-mail requests that recipients click on a hyperlink that appears to be related to the FDIC, which directs recipients to an unknown executable file to be downloaded. While the FDIC is working with the United States Computer Emergency Readiness Team (US-CERT) to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to on-line banking services or to conduct identity theft.

Financial institutions and consumers should NOT access the link or download the executable file provided within the body of the e-mail.

The e-mail also asks financial institutions to "advertise and market the ProBank's existence to employees, suppliers, third-party service providers and customers." Financial intuitions should NOT advertise the existence of the software. Rather, they should educate customers and staff about the existence of these and similar phishing e-mails.

The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers and financial institutions are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov.

For your reference, FDIC Special Alerts may be accessed from the FDIC's website at www.fdic.gov/news/news/SpecialAlert/2006/index.html.

Site Map | Privacy Policy | Careers | Staff Webmail