News & Alerts
What's new at F&M Bank? Stay up-to-date with recent highlights and headlines, so you don't miss out on recent security updates, alerts, specials, and promotions that matter to you.
ACCOUNT TAKEOVER THREAT RESURFACES
August 21, 2012 — Warning to All F&M Online Banking and DirectConnect clients The U.S Federal Bureau of Investigation is warning about an increase of online extortion scams that impersonate the FBI and frighten people into paying fines to avoid prosecution for supposedly downloading child pornography and pirated content. These virus or malware based attacks are known as 'ransomware attacks' and aim to extort funds under false pretenses.
How the attack works - Hackers using the Citadel virus hijack victims' computers with drive-by downloads on websites that automatically install malware to overtake a machine. Once launched, the malware freezes the computer, and in the case of recent U.S. attacks, displays a message or warning that the user has violated some federal law. Often, the message appears to come from the FBI, declaring the user's IP address has been identified as one that has visited websites featuring child pornography and/or other illegal content.
In order to unlock the computer, the user is asked to pay a fine to the U.S. Department of Justice using a prepaid money card service; but, of course, the message is a scam. The virus then runs in the background to capture sensitive personal or business information in order to commit online banking and credit card fraud. The malware also encrypts the computer and will not decrypt it until the hackers' ransom is paid. Many innocent victims will pay this scam to get their data and files restored to them.
The FBI's Advice
- Report any suspicious activity of this nature to your banks and the Internet Crime Complaint Center at www.IC3.gov
- Stay informed of identified attack methods by regularly visiting IC3's website for updates
- Contact a computer expert if you experience a ransomware event to ensure malware is removed and not operating in the background of your computer
- Never pay money or provide personal information to any suspicious entity online
- Keep virus protection up-to-date
- Keep all computers current on updates especially Browsers, Flash, Java, and Adobe Reader
- Keep computer data backed up on a frequent basis to avoid losing access to critical information
May 24, 2012 — Warning to All F&M Online Banking and DirectConnect clients – A new scam is underway to attempt to steal online banking credentials and fraudulently move funds by making a victim believe they are responding to an offer for free insurance protection against online fraud. The scam is perpetrated by malware on a victim's computer which then presents a fake insurance account that claims to cover the total amount of funds in the victim's bank account and asks the victim to authorize a transaction to activate the insurance coverage. To approve the activation transaction, the victim is instructed to enter a password sent to a mobile device. Unfortunately, the victim is actually approving a transfer of funds from their account to a criminal as a result of this fraud scam.
Please be aware F&M Bank does not offer free insurance protection against online fraud through the Online Banking or DirectConnect sites. If you observe this behavior when using a F&M Bank site, please call F&M to report the behavior so we can assist you in the best steps to clean the infected machine and take precautions to watch your account for unusual transaction behavior.
May 2, 2012 — Warning to F&M Online Banking and DirectConnect clients – A phishing scam has been reported by the FDIC. Fraudulent emails with subject line "Survey Code: STJSPNUPUT" claiming to be from the FDIC are circulating and requesting computer users to click a link and receive $100 for taking the survey. This email is a scam. Do not click on links provided in this email as it is intended to obtain personal or business information and load malicious software onto a computer.
March 9, 2012 — Warning to F&M Online Banking and DirectConnect clients - A new security threat has emerged which advises online banking clients that new 'security checks' must be performed followed by a series of notifications claiming a representative of the bank will assist in an online chat session to avoid a lockout. The online chat session then requests sensitive information such as names, passwords, and other banking credentials. Please contact F&M Bank if you see this behavior during online banking sessions with F&M Bank. Do not respond to online chat requests for sensitive information. F&M Bank does not use online chat to perform security checks and does not use online chat to request any online banking information from F&M customers.