Banking Blog

Finance Blogs » Banking Blog » FBI warns of new banking scam

FBI warns of new banking scam

By David McMillin ·
Wednesday, January 11, 2012
Posted: 1 pm ET

Some crafty criminals are aiming to steal one of the most valuable pieces of your personal property: your banking information.

In a new warning, the Federal Bureau of Investigation warns account holders of a new spam email scheme that involves a type of malware called "Gameover." The scheme involves fake emails from the National Automated Clearing House Association, the Federal Reserve or the FDIC. These messages attempt to trick recipients into clicking on a link to resolve some type of issue with their accounts or a recent ACH transaction. Once you click on the link, Gameover takes over your computer, and thieves can steal usernames, passwords and your money.

The FBI also warns the thieves' hacking capabilities can navigate around common user authentication methods banks use to verify your identity, which is certainly a cause for concern. Those additional authentication steps -- often personal questions, birth dates or other pieces of private information -- are meant to provide some extra security padding.

While phishing scams are nothing new to the world of online banking, this type of warning serves as a reminder of just how susceptible account holders can be to malicious attacks. As more account holders begin to jump on the mobile banking bandwagon, it's important to remember that a smartphone essentially acts as another computer. While this additional connection to the Internet is convenient, it also serves as another outlet where your information can be compromised.

Here are a few crucial steps to take to avoid falling victim to this type of Internet crime.

  • Keep your computer and mobile device updated with the newest versions of anti-virus software.
  • If you have any doubts about an email sender's authenticity, do not click on any embedded links.
  • Remember, banks never request any personal information via email.
  • Be vigilant about checking your account balances. The sooner you notice and report any type of fraudulent activity, the more likely you'll be able to be reimbursed for any missing funds.

Have you ever fallen victim to an online banking attack? If so, do you have any tips for other readers to avoid the trap?

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
January 28, 2012 at 4:37 am

I was wondering ,with all the added fees that the bank charges ,the focus first should be on the bank .The bank should be rated no. 1 theives of the consumers. We can focus next on no. 2 theif that would be basically hackers ,in which I beleive that it is also a inside job sometimes. We must remember not to put all our peas in one pot. Dont let the right hand know what your left hand is doing.

January 27, 2012 at 9:02 pm

Where are my other posts? They are gone!!!!

January 27, 2012 at 8:59 pm

Ha ha I can't even get the name of the bank right!!!!!!!!!! It was not HSBC but BANK of AMERICA. Still impressed!!!!!

January 27, 2012 at 8:38 pm

My sister received a call from her bank HSBC for a $2.89 purchase at some game site..They called because it was not consistent with how she normally uses her card..she verified all of her info they cancelled that card then she had to go to the bank with id..she broke my rule #1 never give out info unless u initiate the call to a number that u know to be a legitimate number. I gave her hell because she is not savvy about this kinda stuff at all..I went to the bank w/her and the manager also said what alot of other posts said they start with a small "test" purchase and see if it get noticed. Weird thing is she doesn't shop on line or bank online. I asked the manager about that and he said they start making up numbers...till they get one that clicks

January 27, 2012 at 4:20 pm

how do we know these are not scams being committed by the justice department since no one is ever arrested seems mighty suspicious. If this was a murder case they would be found guilty on circumstantial evidence?

January 27, 2012 at 12:44 pm

This is another reason not to sign up for on-line banking.
I always mail checks to pay for bills, etc and never have a problem.

January 27, 2012 at 1:43 am

Don't just delete a email you think is phishing or a scam. Most banks have a email address in their contacts section of their website. Forward the email to the bank the email is trying to misrepresent so they can forward the link information to the appropriate authorities. If the "Contact Us" link doesn't have an address for fraud or phishing, you can look for a "Privacy" link at the bottom of the web page.

David Pickell
January 26, 2012 at 5:04 pm

The banks exacerbate the problem.

When there really is a problem with your account, they send you an e-mail and ask you to click a link or call your phone, and ask you to give them your identifying information. When I've explained to bank personnel that they're asking me to respond to unsolicited e-mails, they reply, 'but this one is real.'

They should advise you to call them at the number on the back of your card, or check your account at the login given you when you signed up for online banking.

January 26, 2012 at 4:52 pm

PattiT have you heard of "virtual" account numbers ? - ability to generate a "one time use" credit card number with an exact $ limit on the traqnsaction and ONLY the merchant transacted can use it. This is done at order time on your screen Citi offers this. It is linked to your "actual" credit/debit card number. This is the best kept secret I have seen. It saves setting up separate accounts

January 26, 2012 at 3:45 pm

I opened up a separate checking account with a separate debit card that I use ONLY for internet purchases.
The account is set up to NEVER go past a 'zero' balance & I deposit ONLY the price I need for the purchase so NO additional charges are EVER taken out.
AND, if someone does get a hold of my information, this stops any kind of 'shopping spree' & I have an alert system set up with 'paypal' and my bank if anyone tries to remove more.
Where nothing is 'fool proof' I am assured by my bank that next to NEVER purchasing online this is about the SAFEST way to do it.