Citadel Trojan - High Alert
- Always check the URL when you are logging in to your Online Banking account. If the URL does not look familiar, DO NOT LOG IN as this could be a pharming attempt.
- CapitalMark will not prompt you submit your login information in the middle of an online banking transaction. Only when first signing in to Online Banking or when you show 15 minutes of inactivity will you be prompted for your login credentials.
- If you are ever suspicious when prompted by an unfamiliar email, pop-up message or login screen, DO NOT click on any links or submit any information. Run a virus check or update your anti-virus software. Consult an IT professional if you are unsure if your system has been comprised.
- NEVER login to your Online Banking account from a public computer. Only use private computers with up-to-date virus protection programs that you trust to access your online bank accounts. Public computers can store your sensitive login credentials to be retrieved by criminals who will compromise your online bank accounts.
- Always keep your update anti-virus programs for maximum security. Consult an IT professional if you need additional support and guidance.
For more information on fraud-prevention best practices, visit CapitalMark’s Fraud Education page.
A series of FDIC phishing scams have been in circulation via email. One email pertains to the Bankruptcy Reform Act of 1978 and the Investor Protection Law under the Securities Act of 1933. A falsified attachment titled “FDIC Claimant Verification” form is also included. The second FDIC phishing scam requests a link be downloaded for to verify an ACH transaction for proper delivery. Both emails seek to gain sensitive personal information and criminally extort funds.
The FDIC does not send unsolicited emails to consumers or business account holders. Please remember to never remit payment for suspicious requests or click links in unsolicited emails. Fraudsters use links to download malicious malware to computers and extract personal account information. If you ever have concern that you remitted payment to an unauthorized vendor or might have compromised your personal information by clicking on a suspicious link, please contact your Banker Team immediately and (423) 756-7878.
The highly sophisticated Zeus malware variant Citadel is working in conjunction with a ransomware virus Reveton to form a dangerous threat for account takeover. The Citadel functions as a Trojan horse virus, gaining unauthorized access to a computer’s hard drive then freezing the computer so the end-user no longer has access. Next, the Reveton ransomware seeks to extort funds under false pretenses by displaying a message purportedly from the FBI fining the user for visiting a site housing illegal content. The end-user cannot regain access until payment is remitted to cover the ransom. While the end-user’s computer appears frozen, the Citadel malware works to hijack sensitive corporate files, extort credentials and steal bank account information from the computer’s operating system. Even if the user regains control of the computer, keyloggers and malware are still present in the computer. This double-pronged attack can lead to corporate account takeover and compromised funds.
If you encounter a frozen or locked computer with a ransomware message, beware of the possibility of this malware on your system. If you feel you may have been exposed to this criminal activity, contact a computer specialist for help and notify your Banker Team that your funds may be at risk. For your protection, avoid providing personal information or remitting payment for to a suspicious electronic entity.
Cyber Money Mule Fraud
As cyber hacking continues to advance in technology, one of the methods that has become increasingly popular amongst fraudsters is the use cyber money mules. A money mule is used to transfer stolen money from one place to another so the original source is untraceable. In the cyber world, fraudsters are electronically soliciting and employing businesses and individuals to accept deposits and remit payment as part of a scam. Cases that have come to surface thus far involved individuals or businesses winning monetary prizes or accepting donations for various ventures, then purportedly paying taxes or other made up expenses on the money deposited. This deposit and subsequent transfer of funds from unknowing mules makes the stolen money untraceable from its origin. As always, be wary of accepting funds into your account without identifying the source, and please call your Banker Team if you ever have questions.
A BBB phishing scam has been circulating via email. The email, purportedly from the Better Business Bureau, includes links to a proclaimed complaint the business received and threatens that lack of responding to the complaint will warrant a lower BBB accreditation score. Note - The BBB, IRS, Treasury or social security agencies will never correspond via email about business complaints. Should you click on a link in a suspicious email, run a full virus scan on your computer.
Corporate Account Takeover
BankInfoSecurity released an article alerting consumers of a new fraud scam that the FBI is currently investigating. The malware targets commercial bank accounts and has the ability to defeat two-factor authentication. To learn more about the nature of the malware and the measures you can take to protect yourself, read FBI Warns of New Fraud Scam written by Tracy Kitten of BankInfoSecurity.