Consumer Alert

Some Savings Institute Bank & Trust customers recently received an email that indicated we were performing regular maintenance of our security measures. This email was a transparent and blatant attempt at illegally procuring some of our customers’ account information.

Fortunately, due to security measures already in place, this episode was limited in reach. However, some customers did receive the email and for those that may have responded to the email, we request that you visit the nearest Savings Institute branch office and let us issue new, replacement account numbers to protect your interests.

Remember, we will never send urgent or time-sensitive emails to you requesting that you confirm or provide sensitive information. This would include your user id, password, PIN, social security number, ATM/Debit card number, account number or any other personal data that could potentially be used in an identity theft scheme.

Despite the convenience and popularity of debit cards, there is a risk of fraud or theft.

In fact, it’s just as important to protect your debit card as you would protect cash, credit cards and checks. Debit cards are subject to a unique threat, called “skimming.” Skimming occurs when thieves set up a device that captures the magnetic stripe and keypad information from ATM machines and gas pumps.

To avoid becoming a victim of debit card fraud, consider these tips:
            -- Check your statements immediately. Make sure all payments are yours.
            -- Periodically check your account balance and transactions, by utilizing online banking, by telephone or by printing interim statements at the ATM.
            -- Contact us immediately if your card is lost, stolen or subject to fraudulent use.
            -- Keep a record (but not in your wallet or purse) of card numbers, PINs, expiration dates and 1-800 numbers for banks so you can contact the issuing bank easily in cases of theft.
            -- Memorize your PIN number. Do not use your birth date, address, phone number or Social Security number.
            -- Never store your PIN with your card, and do not make it available to others.
            -- Keep your receipts. You’ll need them to check your statement. If they have your account number on them, tear up or shred receipts before throwing them away.
            -- Mark through any blank spaces on debit slips, including the tip line at restaurants, so the total amount cannot be changed.
            -- Know your limits. Many issuers limit daily purchases and withdrawals for your protection.
            -- Do not use an ATM if it looks suspicious -- it could be a skimming device.
            -- Be wary of those trying to help you, especially if an ATM “eats” your card -- such people may be trying to steal your card number and PIN.
            -- Do not give your PIN number to anyone over the phone. Thieves often steal the cards and then call the victim for their PIN, sometimes claiming to be law enforcement or the issuing bank.

For more tips and information, visit the Federal Trade Commission’s Web site at www.ftc.gov.

The Internal Revenue Service recently warned taxpayers to beware of several current e-mail and telephone scams that use the IRS name as a lure. These include:
            -- A refund e-mail. Various e-mails supposedly from the IRS generally tell the recipient that he or she is eligible for a tax refund for a specific amount, and instructs the recipient to click on a link in the e-mail to access a refund-claim form. The form asks the recipient to enter personal information that the scamsters can then use to access the e-mail recipient’s bank or credit card account.
            -- An audit e-mail. In another scam, the e-mail notifies the recipient that his or her tax return will be audited. It may contain a salutation in the body addressed to the specific recipient by name. This e-mail instructs the recipient to click on links to complete forms with personal and account information, which the scammers will use to commit identity theft.
            -- Changes to tax law. This e-mail scam is addressed to businesses, accountants and treasury managers. It instructs them to download information on tax law changes by clicking on a series of links to publications on businesses, estate taxes, excise taxes, exempt organizations, IRAs and other retirement plans. Clicking on a link downloads malware onto the recipient’s computer.
            -- A paper check phone call. In this telephone scam, a caller claims to be an IRS employee who is calling because the IRS sent a check to the individual being called. The caller says that because the check has not been cashed, the IRS wants to verify the individual’s bank account number.

Note: Anyone wishing to access the IRS Web site should initiate contact by typing the irs.gov address into their Internet address window, rather than clicking on a link in an e-mail or opening an attachment.

Summary: Fraudulent loan offers that may claim to be from federally insured financial institutions are being widely distributed by unsolicited e-mail over the Internet.

The Federal Deposit Insurance Corporation (FDIC) is reminding consumers and financial institutions to be aware of advance fee loan scams. The FDIC has observed a significant increase in the number of unsolicited e-mails ("spam") advertising mortgage refinancing, debt consolidation and elimination, small business loans, and special loan programs for veterans and minorities. While some of these e-mails may advertise legitimate loan programs and lenders, advance fee loan scams are becoming more prevalent.

Advance fee loan scams prey on consumers who may be under financial duress and may be seeking quick and easy loan approval and funding. The scam typically involves the lender making false promises to arrange for a loan in return for fees paid upfront by the loan applicant. Scam artists may even design Web sites and online loan applications giving the appearance that the company is legitimate.

Fraudulent logos and letterhead of legitimate financial institutions or government agencies may also appear on documents that are faxed to the loan applicant. Potential borrowers may be asked to provide information through a Web site or be contacted by phone or e-mail by a "representative" who guarantees loan approval as soon as the borrower pays a required fee. The loan applicant may be told that the fees will be used to pay a third party for loan insurance or application processing, or to make the first month's loan payment. The loan applicant may also be told to send or wire transfer money to an individual overseas before receiving the loan proceeds.

In some cases, the loan applicant has been falsely directed to a legitimate financial institution with no knowledge of the transaction. In other cases, the loan applicant is told that the loan request was declined and is asked to forward additional money to qualify for a different loan program.

The following are warning signs that may indicate a loan offer is not legitimate:

The loan approval is "guaranteed." Lenders do not typically guarantee loans before analyzing the applicant's financial condition, credit history and ability to repay.
The loan applicant is required to pay upfront fees to a third party or individual. Loan fees are normally paid to a business after the loan has been approved.
The lender or loan processor may be located outside of the United States.
Fees are requested using a retail wire transfer system. A password is sometimes used by the overseas receiver to pick up the funds in an attempt to hide the true identity of the criminals and make funds more difficult to trace.

Summary: Fraudulent e-mails are being sent to consumers that claim to be from the FDIC in an attempt to obtain sensitive personal information, including bank account information. These e-mails falsely indicate that consumers can enroll in card insurance to protect against Internet fraud.

The Federal Deposit Insurance Corporation (FDIC) has received numerous notifications from consumers of an e-mail that gives the appearance of being sent from the FDIC. The "From" line of the e-mail displays the name "Federal Deposit Insurance Corporation " and the subject includes the words "Consumer Protection."

"Who is FDIC?

The Federal Deposit Insurance Corporation (FDIC) preserves and promotes public confidence in the U.S. financial system by insuring deposits in banks.

What can FDIC do for you?

Despite the efforts of law enforcement, Identity theft is becoming more sophisticated and the number of new victims is growing. In general, consumers are protected against liability for unauthorized accounts or transactions under federal and state law and by financial industry practices. Identity Theft can affect consumers in many ways, thats [sic] why FDIC is presenting a new card insurance which can restore you up to $500 if you are a victim of internet fraud.

Learn more about Consumer Protection > Card Insurance:
Clicking here will redirect you to a online signup page for this program."

The e-mail requests that recipients click on a hyperlink that is provided. This directs the recipient to a "spoofed" Web page requesting the user to enter personal information to receive $500 of "card insurance." The requested information (name, phone number, Social Security number, address, card number, bank name, card expiration date, card verification code, and electronic signature/ATM PIN) could be used to perpetrate identity theft and gain unauthorized access to bank accounts. Be aware that the appearance of the fraudulent e-mails can be modified and that additional variations are possible.

Consumers should NOT access the link provided within the body of the e-mail and should NOT, under any circumstances, provide any personal financial information through this media.

The FDIC has shut down the fraudulent Web site and is investigating the source of the e-mails. Consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

Information about counterfeit items, cyber-fraud incidents and other fraudulent activity may be forwarded to the FDIC's Cyber-Fraud and Financial Crimes Section, 550 17th Street, N.W., Room F-4004, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov. Questions related to federal deposit insurance or consumer issues should be submitted to the FDIC using an online form that can be accessed at http://www2.fdic.gov/starsmail/index.asp.