2010-03-25 - Fake IRS notice
There have been reports of suspicious emails claiming to be from the IRS circulating. Obviously, these are phishing attempts to get you to think the IRS is trying to contact you.
The email looks something like (taken from isc.sans.org):
Subject: Underreported Income Notice
Taxpayer ID: <recipient>-00000198499136US
Tax Type: INCOME TAX
Issue: Unreported/Underreported Income (Fraud Application)
Please review your tax statement on Internal Revenue Service (IRS) website (click on the link below):
Internal Revenue Service
<link to fake IRS website executable>
The download in this particular link was "tax-statement.exe.". If you get this or any other claiming to be from the IRS or any bank, or tax representation firm, delete the email and then call your tax representative to see if they tried to contact you (there's always a chance this might happen when you use a tax preparation software). Suffice to say, the IRS will not contact you out of the blue like this.
2010-01-22 - Zeus Bot or ZBot
What makes this new virus so dangerous is that it can imitate many of the security features legitimate Websites typically use to alert a visitor that they are viewing a secure page. If affected by this virus, you might be directed to a false Web page that looks similar to one you intend to visit, including actual images and similar page design. The virus is commonly called “Zeus” and is relatively new.
The virus, known as ZeuS or Zbot Trojan, bypasses security safeguards to record online bank account details, passwords and credit card numbers. It also copies passwords for social networking sites before causing each computer to forward the data to servers under the control of the hackers. It has emerged in several guises, including a false Facebook page that encouraged users to download a software update.
How It Works
Once your computer is infected with the “Zeus” virus, it waits for your Internet browser to request a secure online banking page. It then redirects your browser to a false site that includes “screen shots” of the legitimate site so that the user suspects nothing is wrong. The false site may include a secure sign in block that, when used, prompts the user for multifactor authentication information much the same way that a legitimate secure site often will. At this point the false site is attempting to get the user to enter personal information such as a credit card number, expiration date, PIN number, etc.
What It Looks Like
What You Should Do
If you encounter similar screens when attempting to log in to Hometech, Please DO NOT enter any personal information. Close your browser and call us immediately at this phone number 877-266-8906. Please make sure your antivirus software is up to date. Once your antivirus software is updated please make sure to run a system scan.
2010-01-11 - Android Marketplace Phishing Scam
Recently in the Android app marketplace, there have been a new breed of Applications designed to try and steal your Internet Banking login and password. Not just at our institution, at any institution. As always, your information with UBI remains secure, but we wanted to warn you of the potential for your account information to be stolen by such rogue applications. If you are an iPhone, Android, Blackberry, or Windows Mobile user, please be aware, that the only applications that are approved to access your account with UBI are available through Hometech ONLY, nowhere else.
The application that crept undetected into the Android Marketplace was called Droid09. It was designed to steal login information from legitimate applications (such as ours). If you have downloaded and used Droid09, you should purge the application from your handheld, and change your Hometech login and password. You can read more about the problem here.
Again, we have had no reports of this impacting any of our members, but thought it wise to warn you about this. It's possible that other applications like this exist, and certainly there will be more. Be vigilant, and do not install programs you do not need, or from untrustworthy sources.