Online Banking

Current Scams

Fraudsters are relentless in their development of scams to outsmart the existing authentication controls put in place to protect account information.  Here some of the recent scams:

 

Fraudulent Credit Card Charges (2/5/2014)

If you see a $9.84 charge on your credit card statement, you should give it a hard look, the Better Business Bureau (BBB) is warning. The BBB says scammers are charging stolen credit card numbers for a small amount of money. Many recent victims were charged $9.84. The scammers believe many cardholders won't notice the relatively small charge, and the credit card companies won't aggressively investigate such a minor sum.

The BBB says that for the $9.84 scam, the source listed on the credit card bill is an unfamiliar website that turns out to be a generic landing page that claims to offer "Customer Support." Victims have reported calling the "customer support" site and receiving a verbal confirmation that the charge would be canceled. You should contact your credit card issuer to report the charges and request a new credit card.

Target Payment Card Data Breach (12/23/13)

Last week, Target confirmed reports of unauthorized access to its payment card data in the U.S. The unauthorized access took place in U.S. Target stores between Nov. 27 and Dec. 15, 2013. Canadian stores and target.com were not affected.

What should I do if I used my Isabella Bank ATM/debit card during this time period at Target?
Even if you shopped at Target during this time frame, it doesn’t mean you are a victim of fraud.   However, as a precaution, Isabella Bank identified the card holders who used their card during this time period, contacted each cardholder, and reissued them a new ATM/debit card and PIN.  We are happy to report that many of our customers have already started to receive new cards.  

What do I need to do when I receive my new ATM/debit card and PIN?  
You should immediately activate your new card.  You may activate it in 1 of 2 ways:  1. By using your new PIN with a PIN based transaction at a store or at any ATM Machine or 2. You may call Touchtone Banking and select option 8.  

What if I don’t like my new PIN?  
If you do not like your new or existing PIN, you may now change your PIN at any Isabella Bank ATM machine.  You will need your new or existing PIN in order to make the change.

What should I do if I used a card from another financial institution during this time period at Target?
If you have not heard from your financial institution, we recommend contacting them to determine the status of your card.  

How does Isabella Bank help keep my accounts safe?
Isabella Bank has special software designed to help detect fraud.  We also belong to a network which updates us on breaches, like Target, that take place across the country.  This allows us to be proactive in identifying possible fraud.

How can I help keep my accounts safe?
? Check your account activity regularly and report any unauthorized activity to your local office.
? Make purchases from companies you know.
? When shopping online, only put your card information into the site if it is secure. (Some ways you can tell: closed lock in the address bar, the address line has an “s” with https).
? To check your credit report for free, you may do so annually at annualcreditreport.com.

Avoid ID Theft and Fraud in the New Health Insurance Marketplace (11/08/13)

Obamacare scams come in a variety of forms. Consumers have complained about con artists contacting them by phone, fax, email and even in person. A common version of the scams involves fraudsters claiming to be from the federal government and directing consumers to purchase insurance cards in order to be eligible for coverage under the ACA. Scammers intimidate consumers to give them their bank account or make a direct cash transfer by using words like “it is the law” or “the government now requires it.”

Avoid ID Theft and Fraud in the New Health Insurance Marketplace

Most people don’t have to do anything. If you already have health insurance through your employer, Medicare, Medicaid, your school, the Veteran’s Administration, or some other program, you don’t have to sign up, get a new insurance card or make any changes.

The government is not calling. Or sending emails. Or knocking on people’s doors to sign them up for health insurance under the ACA. Don’t give your bank account number, Social Security number, or other personal information to anyone you did not contact or in response to any advertisements.

There is no rush. People who are eligible to buy plans through the marketplaces have until March 31, 2014 to do so.
Research before you sign up. At www.HealthCare.gov you can get answers to your questions about how the law works, see the plans that are available to you Or you can call 1-800-318-2596 (TTY users can call 1-855-889-4325). There are also trained people in every state to assist you, free of charge, if you need more help.

There is no application fee or charge to get help with the process. The only thing that people will have to pay under the ACA is their monthly insurance bill. If anyone wants to charge you for providing information or helping you sign up, it’s a scam.

Report anything suspicious. Call the HeathCare.gov hotline, 1-800-318-2596 (TTY users can call 1-855-889-4325) to report scams.

Get the facts from trusted sources. In addition to HealthCare.gov, there are many other sources for good information about the law and how to avoid problems. You’ll find more tips about fraud at www.healthcare.gov/how-can-i-protect-myself-from-fraud-in-the-health-insurance-marketplace/ and www.consumer.ftc.gov/articles/0394-suspect-a-health-care-scam.

Utility Scam (11/08/13)

The National Association of Regulatory Utility Commissioners (NARUC) warns utility consumers of a growing telephone scam across the country. The scam involves telephone callers claiming to be from a utility company and then employing a variety of techniques to defraud customers.

Some threaten customers with disconnecting electric service to their home or business if they don’t make a payment immediately. The scam artist instructs them to send money via prepaid card or online payment service, such as PayPal or GreenDot, before their power is shut off. The scammer’s caller-ID is falsified so it appears to originate from the utility company, a practice known as “spoofing.”

The Federal Trade Commission (FTC) advises consumers who receive suspicious calls to call their utility directly to verify the request for payment. Michigan Utilities have a variety of payment options available for customers, including the ability to pay over a secure Internet site, via U.S. mail, in person at an authorized pay agent location, and by Visa, MasterCard or an eCheck using an authorized utility agent.  

Additional Tips on avoiding utility fraud are available on the MPSC website at www.michigan.gov/documents/mpsc/mpsc-ca_utilityservicefraud_211946_7.pdf?20131106132231 or by visiting the FTC at www.ftc.gov.US-CE

US-CERT (United States Computer Emergency Readiness Team) has received reports of Department of Homeland Security-themed ransomware (04/08/13)

US-CERT (United States Computer Emergency Readiness Team) has received reports of Department of Homeland Security-themed ransomware. Users who are being targeted by the ransomware receive an email message claiming that use of their computer has been suspended and that the user must pay a fine to unblock it. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division.

Users who are infected with the malware should consult with a reputable security expert to assist in removing the malware, or perform a clean reinstallation of their OS after formatting their computer's hard drive.

US-CERT and DHS encourage users and administrators to use caution when encountering these types of email messages and take the following preventive measures to protect themselves from phishing scams and malware campaigns that attempt to frighten and deceive a recipient for the purpose of illegal gain.

  • Do not click on or submit any information to webpages.
  • Do not follow unsolicited web links in email messages.
  • Use caution when opening email attachments.
  • Maintain up-to-date antivirus software.
  • Users who are infected should change all passwords AFTER removing the malware from their system.
  • Refer to the US-CERT website (www.us-cert.gov) for additional information about ways to protect yourself.

 

Cybercriminals Take Advantage of Disasters to Spread Malware (11/02/12)

With Hurricane Sandy colliding with the East Coast, cyber criminals will take advantage of the historic storm to make money or steal personal information from the unsuspecting. You should be on the lookout for legitimate-looking scams that will use the hurricane’s mainstream allure to dupe you. Facebook postings, tweets, emails and websites claiming to have exclusive video or pleading for donations for disaster relief efforts will start to appear. These messages often include malicious code that infect computers with viruses, spyware or Trojan horses. Be very weary of clicking on links or making donations through unfamiliar websites.  

 

Emails From NetTeller (10/17/12)

We received reports of phishing emails being sent from what appears to be a NetTeller email address, customer_service @cm.netteller.com, with the subject line of NetTeller Watch Notice. These are “Phishing emails” trying to get customers to click on the embedded NetTeller access link.  These emails are not coming from NetTeller. If you receive an email like this, DO NOT click on the link. It is recommended to permanently delete the email.

 

Phishing Attempt Email Message from Isabella Bank (07/26/12)

We have been notified that Isabella Bank’s name is being used in a phishing attempt. If you receive an email like or similar to the one below DO NOT respond to it. It is NOT from Isabella Bank.

From: "Message Center" <oliver.riley @hotmail.co.uk> (This could be a different address)
To: YOUR EMAIL ADDRESS
Subject: YOUR NAME, Isabella Bank has just sent you a gift!
Date: Mon, Jul 23, 2012 6:48 pm

Dear YOUR NAME,
On behalf of Isabella Bank you have been issued a $1,000 Visa Gift Card free of charge.

Card type: Visa Gift Card
Issued to: YOUR NAME
Issuing branch: Village of Lake Isabella, Michigan (This could be a different branch location.)
Valid until: 08/2015

Please use the following website to claim your card and have it shipped to the address of your choosing:

Go to: www reward2012 com

Note that claims must be made within 48 hours from this email being sent, or the above link will become invalid.

Sincerely, Rachel
Customer Service
Employee Benefits Center, LLC


Better Business Bureau Warns: New Scam Claims President Obama Will Pay Your Utility Bills (07/13/12)

The BBB has issued a nationwide warning about a new scam claiming that President Obama will pay your utility bills through a new federal program.

Consumers have been contacted through telephone calls, fliers, social media and text messages with claims that President Obama is providing credits or applying payments to utility bills. To receive the money, scammers claim they need the consumer's social security and bank routing numbers. In return, customers are given a fraudulent bank routing number to pay their utility bills through the automated telephone payment service. The payment service initially ‘accepts’ the payment but then declines it within a few days when the bank account number is discovered to be fake.

The BBB has these tips to avoid becoming a victim of this scam:

  • Never provide your social security number, credit card number or banking information to anyone requesting to anyone who calls you, regardless of whom they claim to be representing.
  • If you receive a call claiming to be your utility company and feel pressured for immediate payment or personal information, hang up the phone and call the customer service number on your utility bill.
  • Never allow anyone into your home to check electrical wiring, natural gas pipes or appliances unless you have scheduled an appointment or have reported a utility problem. Also, ask utility employees for proper identification.
  • Always think safety first. Do not give in to high pressure tactics over the phone for information or in person to get into your home.

For more information about identity theft scams, please visit the Better Business Bureau at www.bbb.org.

High Yield CD Scam (07/09/12)

Representatives purporting to be from Legacy Brokers Corporation are calling people throughout the United States trying to sell them high yield CD's through Ally Bank or possibly other financial institutions. Ally Bank does not offer the high yields promised by Legacy. Victims are either mailing or using FedEx to send large dollar amount checks to Legacy Brokers, Merrill Lynch Building, 7825 Fay Avenue, Suite 200, San Diego, CA 92037. The checks are being deposited into a Bank of America account. Part of the confirmation packet sent back to the customer is a fraudulent Ally Bank letter, with misspellings and fraudulent signatures of Ally Bank Officers, with no telephone number, indicating the customers have CD's with Ally Bank. Ally Bank does not have CD's in the customer's names. Ally Bank does not have a financial loss but has "reputational risk" with these types of transactions and confirmation letters.

Ally Financial Global Security is working in concert with the U.S. Secret Service; Postal Inspection Service; Bank of America and United States Attorney's Office on the case. It anticipated that there may be additional victims or names of other financial institutions used on confirmation letters. Please refer this information to Ally Financial Global Security (215) 734-5380 so it can be shared with law enforcement and the U.S. Attorney's office.


Citadel Malware (05/30/12)

The IC3 (Internet Crime Compliant Center) has been made aware of a new Citadel malware platform used to deliver ransomware, named Reveton. The ransomeware lures the victim to a drive-by download website, at which time ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen is displayed warning the user they have violated United States federal law. The message further declares the user’s IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content. To unlock the computer, the user is instructed to pay a $100 fine to the U.S. Department of Justice using prepaid money card services. The geographic location of the user’s IP address determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud. This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online banking fraud. If you have received this or something similar, do not follow payment instructions. It is suggested that you:

  • Verify your bank accounts have not been affected
  • File a complaint at www.IC3.gov

Grandparent Scam (05/22/12)

A customer of a Michigan bank received a call from a male subject that called her “grandma”. The victim believed this to be her grandson and continued to have a conversation with the suspect. The suspect claimed that he was in an accident in Spain and needed money to pay for hospital bills. The customer went to Western Union and wired the suspect the requested amount. The suspect called back for the transaction number, thanked her and asked her not to tell his parents. The next day the suspect called back claiming that he had the money but needed additional funds to pay for the vehicle that he had hit. The customer went back to Western Union and transferred the additional funds. The suspect called a third time claiming to need funds for his broken nose. The victim went back to Western Union but their system was down. When she went to her bank in an attempt to send the funds the bank discovered the scam. ALWAYS verify the information provided before sending money to someone who claims an urgent emergency need, especially if the person says “please don’t tell anyone”.


Emails From NetTeller (04/09/12)

We received reports of phishing emails being sent from what appears to be a NetTeller email address, customer_service @cm.netteller.com, with the subject line of NetTeller Watch Notice. These are “Phishing emails” trying to get customers to click on the embedded NetTeller access link. These emails are not coming from NetTeller. If you receive an email like this, DO NOT click on the link. It is recommended to permanently delete the email.


Secret Shoppers (04/09/12)

We have received reports that ads for secret shoppers were placed in local newspapers. People who answered an ad are receiving checks with instructions to send money back to an account in London, England. This is definitely a scam. Do not send any money. If you cash the check it will be returned to you as a fraudulent check and you will be legally responsible to repay the funds.


Global payments Breach (04/09/12)

Recently, there was a data breach at a third party payment processor. Global Payments Inc. had a breach of credit and debit card information and while only a few if any of our customers may have been affected, there may be residual effects of the breach. Be on the lookout for the scams that will likely follow. Scammers will start sending out emails, texts and use other social engineering schemes to try to convince people they were hit and need to respond. If you are contacted about a problem with your credit or debit card, please remember that your credit card company or bank will never contact you to ask you to provide, confirm or verify information. Do not respond to this type of contact and only contact your credit card company or bank using a phone number you obtain from a statement, telephone book or valid website.
 


       > View Tips to Protect Yourself from Online Fraud

 

 


 

Learn More About Security