A A

Active Fraud Alerts

Jan 17, 2019

Email Tries to Trick You Into Downloading Malware

A recent malware campaign has targeted bank customers in the US in an attempt to fool them into downloading malware. The email promises a refund and often has a subject line similar to "Regarding Refund $150". It asks you to click on a link which will grant remote access to your computer. The email comes from an email address such as RefundTeam.7675[@]gmail.com. Standard advice for avoiding online scams applies here. Never click links in email from unkown senders. If you aren't absolutely certain who an email is from, don't click. Your bank will certainly never email you from a Gmail address. Stay alert, and stay safe online!

Dec 5, 2018

US Postal Service and Marriott Breaches – What This Means To You

This week’s big cybersecurity news is a pair of large breaches involving the US Postal Service and Marriott/Starwood Hotels and properties. The scope of the breach is this:

USPS: 60 million users - usernames, email addresses, User IDs, account number, street addresses, phone numbers, and specific item mailing and tracking data

Marriott/Starwood: 500 million users (yes, half a billion) – Name/Address/Phone number, email addresses, passport numbers, birthdays, gender, Some records included payment card numbers and expiration dates. The payment card data was encrypted, but it is unknown if the hackers also got the information to decrypt the records. Anyone who made a reservation since 2014 is affected.

What Should I Do?

As always, standard cybersecurity rules apply.

  1. First, change passwords to those accounts, and any other accounts that may have had a similar or matching password. Don’t skip this step.
  2. Begin monitoring your payment card accounts and checking accounts (if your debit card was ever used). You may want to go so far as to request new cards for those accounts to ensure you are protected, especially for debit cards.
  3. Watch out for the pending wave of Phishing that’s sure to come. Email boxes will overflow with messages about these breaches, and links to click on for help. Most of those emails will be phishing emails, maliciously designed to get you to give up your own data.
  4. Take advantage of the credit monitoring services that will be offered by the two entities that were breached. Pay attention to the monitoring alerts once you are signed up.
  5. You can place a fraud alert on your credit files. A fraud alert warns creditors that you may be a victim of ID theft, and that they should carefully verify who you are. See the links below for information from the Federal Trade Commission about how to create fraud alerts.
  6. Consider placing a credit freeze on your credit reports. This will stop thieves from opening credit accounts in your name. In order to open credit accounts yourself, you would need to unfreeze the accounts first. See the Federal Trade Commission link below for information about how to place a credit freeze.

Please note: These links go to domains controlled by the Federal Trade Commission, Branson Bank cannot be responsible for it's content

Placing A Fraud Alert:      https://www.consumer.ftc.gov/articles/0275-place-fraud-alert

Freezing Your Credit Accounts:     https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs

Nov 30, 2018 - Why Should I Bother With Changing My Online Passwords?

The password is the key to all your resources on the internet. Everyone has heard that changing passwords frequently is a best-practice. Few people actually do it, because it can be a pain. But why is it considered good security in this age of constant data breaches? Lets imagine you had an account on the family history website MyHeritage.com, which was hacked a few months ago. Your password to that site was likely compromised. If you are one of the folks who likes to use the same password for everything, those hackers now have your password to email, credit card accounts, your online banking, and any other site where you used it. Changing your passwords regularly ensures that by the time a hacker tries to access your online accounts using a compromised password, it will have already been changed. In fact, changing passwords is the single most effective, simple thing you as an online consumer can do to protect your online security. The question is, will you bother?

Aug 24, 2018 - Ransomware Information

The ransomware threat continues to plague individuals and businesses everywhere. The current malicious SamSam package is still making its rounds, mostly through businesses, government agencies, and hospitals. It can infect individuals as well. Ransomware locks all files on a computer or network and demands a ransome in order to restore the files. The ransome can be anywhere from $300US to thousands, payable in Bitcoin. The best defense against ransomwere is to follow good basic internet security practices. Ransomeware is primarily distributed through links and attachments in email. Do not open emails from people you don't know. Never open an unexpected attachment.  The FBI advises not to pay the ransom. In case of a ransmware event, you can restore your files if they are properly backed up. Here is a link to a Public Service Announcement from the FBI concerning ransomware: FBI I-091516-PSA. Note: This link is outside of the bransonbank.com website.

Nov 17, 2017 - Online Security Tips From A Trusted Security Firm

The best way to avoid being scammed online is to be informed about how scammers trick consumers. Here is a very informative list of some of the most common schemes for stealing credit card numbers, log in information, online banking credentials, and more. Also found here are definitions for many of the common terms heard in the discussion about online security, such as phishing, malware, and ransomware. Please take a few minutes to read over this publication and arm yourself with the information you need to stay safe online. Check out the information here: Heimdal Security - Top Online Scams Used By Cyber Criminals To Trick You
** Link Disclaimer ** - this link goes to a domain not controlled by Branson Bank.
 

Sept 18, 2017 - Customer Information for Equifax Breach

Please find information about the Equifax data breach that concerns you as a customer below. Keep in mind that the links provided go outside the Branson Bank domain and we do not control the content of those sites.

1. Fraudsters are already using the Equifax incident as an excuse to call people and get private information. These are criminal social engineers who are calling to "verify your account information". Equifax is NOT calling consumers. Do not provide any information to a caller claiming to be from Equifax or  from any other financial service.. If you want to verify, you can contact Equifax's help line at 866-447-7559. Keep in mind that this line has been very busy and often unreachable since the incident occurred. According to various news sources, consumers are generally reporting difficulty receiving results when they are able to get through.

2. Email campaigns are designed to further compromise your information. Assume that any email you receive concerning the breach is fraudulent. DO not click on links or call numbers that come in these emails. The senders may use very convincing information making the email seem legitimate. Email may seem to come from Equifax, your bank or brokerage firm, or other financial service vendors. If you receive such an email, contact the firm using information you know to be correct to verify the authenticity of the email.

3. Here is what to do if you are concerned about your privacy. There are several things you can do to help prevent ID theft and other issues from affecting you. These include freezing your credit file, actively monitoring your credit reports, watching your credit and bank accounts for unauthorized activity, and more. For more information check out the Federal Trade Commission's Equifax info site HERE. The site belongs to the FTC and Branson Bank is not responsible for it's content.

August 8, 2017 - Internet Banking Malware Alert

As always, the bad guys so badly want your internet banking credentials. They keep trying the same old tricks to get them from you. Lately two of the most prolific viruses targeting internet banking have been making the rounds. These are Dridex and Trickbot. Generally they are delivered via email, either by sending you a malicious attachment or getting you to click on a link that goes to a malicious website that can infect yoru computer. Luckily these viruses are easy to avoid with standard internet security best practices. Up-to-date antivirus software is a must, but the best defense is simply good old you! Don't be fooled by these attachments they send out. Never open an attachment you aren't expecting, and especially watch out for ones related to an "invoice". Documents in Word, Excel, PDF, and even picture images can drop nasty little critters on your PC. Also don't click links in any unsolicited email. We want your internet banking account to be safe and secure and you are the first line of defense. Good internet security practices go a long way! Thank you for banking with us.

April 15, 2017 - Windows Ransomware Attack, Worldwide

The largest global ransomware attack to date has been in progress over the last several days. Ransomware is a virus that locks or encrypts your files and demands a payment in order to retreive them. This newest one requires $300 - $600. Microsoft has distributed a patch to help guard against this nasty malware. Please make certain your Windows computer is fully updated. Use Windows Update to do this. If it is uppdated, you are far less likely to be affected by this malware. It goes by several names, "WannaCry" being the most common. The best way to ensure you are safe from a Ransomware attack is to have current backups of all your files. Your friends here at Branson Bank want to help you keep away from threats like these.

January 31, 2017 - Mailbox Theft and Check Fraud Notice

From the office of Linda Spencer, Branson Bank Compliance Officer

There has been a rash of thefts of mail from mailboxes in the Branson area lately.  The thieves are then taking checks from the envelopes that have been written to pay mortgages, insurance premiums, taxes, and other bills.  They either alter the name of the payee or forge a signature on the back endorsing the check over to the perpetrator.

The US Postal Service is generally a very secure method to send payments.  However, in light of this recent enhanced theft activity, we encourage you to use extra caution when sending payments by mail.  Try to send mail containing checks via a locked mail box, Postal Service mail depository box, or directly at the Post Office.

If you want to avoid sending checks by mail altogether, consider making payments online (making sure you use legitimate and secure links, of course), use the Bill Pay service which is offered free of charge, or arrange to have your payments taken directly from the account you choose (automatic debits).

If you put checks in the mail to your creditors and that mail is stolen, report the theft to the bank immediately upon discovery, providing the account numbers, check numbers, and payees of the checks that were stolen.  Also, file a report with the police or sheriff's department (depending upon where the theft occurred).  Report the incident to the US Postal Inspection Service which is the Federal agency responsible for investigating mail theft, using this link:

https://postalinspectors.uspis.gov/investigations/MailFraud/fraudschemes/mailtheft/MailTheft.aspx

Please Note: The above link is not in the Branson Bank internet domain, and Branson Bank has no control over its content.
 

December 20, 2016 - Mobile  Devices See Holiday Threats Increase

Keep a close eye on your Apple or Android device during the holiday season. New ways to cause trouble through your mobile device are being brought to you by internet un-friendlies.  

When installing apps on devices, ensure that it is not asking for permissions that it should not have. For instance, a new version of mobile banking malware on Android devices will request access to  "Ignore Battery Optimizations". This allows the app to stay connected even while the device is asleep. Its a good idea to run a trusted antivirus solution on today's smartphones to help you stay safe from these types of applications.

Apple devices are having a holiday issue all thier own. Malicious software makers are offering apps that appear to be from major retailers such as Footlocker, Zappo's, Nordstrom and others. The apps are very convincing. For instance, a developer was able to publish an app called "Footlocke Sports", which appeared to be from shoe retailer Footlocker. These apps can do anything from creating annoying popup ads on your device, to harvesting credit card information if you attempt to buy items through the app. If you would like to install an app from a favorite retailer, ensure that it comes from a legitimate App Store source. Look for odd spellings, lack of branding and other signs that an app may not be legitimate. If there's any doubt, it's not worth it! Skip the app!.

 

October 18, 2016 - Scammers Pose As Publisher's Clearing House
Scammers are contacting people and claiming to be from Publisher's Clearing House. Contact is made via telephone, email, text message, and even sometimes through the mail. They tell you that you have won a cash prize, but they require a fee before the claim can be processed. Publisher's Clearing House states that there is NEVER a fee for winners of their prizes. The scammer will send you a check for "partial prize amounts" which looks real but is not valid. Generally, consumers are asked to deposit the check and return a portion to the scammer to pay the fee. The scammers are using real names of people associated with the Publisher's Clearing House Prize patrol and it's executive management team. Please do not be fooled by these scammers. If you receive such a call or message, contact Publisher's Clearing House directly. The link below goes directly to Publisher's Clearing House website. It provides contact information, fraud education, and lots of other good information. Help us keep you safe from fraud by taking the time to learn about these schemes. The best defense is education. Thanks for being a customer of Branson Bank.

Publisher's Clearing House Information Website
 

September 23, 2016 - New Version of IRS Tax Payment Scam
In a fresh version of the old IRS Tax Payment Scam, the criminals are getting more resourceful. Recently letters have gone out which look almost exactly like the IRS form CP2000, notifying you that you under-reported your income and must make a payment immediately. The form comes with a telephone number. When contacted, the thieves are very threatening and convincing. Many people have been taken by the scam. It is easy to avoid this by contacting the IRS directly to verify whether your letter is real. The IRS has a public number you can always trust, 1-800-829-1040. Regardless what telephone number is listed on the letter, contact IRS only at this number.  If you receive such a letter do not send money, nor any personal information. Please take time to check out any such correspondence with IRS directly. As your bank, we want to help keep you informed and safe from these and other collection schemes. We thank you for being a customer of Branson Bank.

June 21, 2016 - Elevated Email Attachment Concern
Emails with ZIP file virus attachments have become an elevated concern. These ZIP file attachments can contain viruses that steal your online credentials or demand a ransom to restore your personal files. Be very cautious of opening any attachment in email. Make sure you have backups of your personal pictures, documents, and other files on a USB drive or other external device. If you believe you may have been exposed to a malicious file, you should immediately scan your PC using an updated antivirus program, or seek professional computer repair assistance. Please remember that changing passwords to email accounts, credit card accounts, online banking, and other internet resources is the first step to ensuring they are secure after a suspected incident. Please let us know if you need assistance changing your Branson Bank Freedom Banking Online password. Call us at 417-334-9696 and ask for a CSR. Thank you for being our customer.

June 15, 2016 –  Debit/Credit Card Use at Wendy’s Restaurants - Level: Informational
The Wendy’s fast food chain has released information indicating that some franchise locations throughout our region may have been exposed to malware that can compromise debit and credit cards. If you have used your debit or credit cards at Wendy’s from February - June 2016, we recommend keeping an eye on your account for unauthorized transactions. If you notice unauthorized activity on your account, please contact a Branson Bank CSR at 417-334-9696 and we will be happy to provide assistance. You can view the actual Wendy’s release by clicking HERE.

May 31, 2016 - Emailed Invoice Phishing Attack - Level Critical
Today customers are receiving emailed "invoices" supposedly payable to Branson Bank. Please note that these emails are a phishing attack. The attached document likely contains a malicious payload and may compromise your computer if you open the attachment. If you have received such an email, it is safe to delete the email from your system as long as you do not open the attachment. If you have opened the attachment you should disconnect your computer from the internet and run a virus/malware scan on it. You may want to seek professional computer services to ensure your computer is clean. For your security, use a known clean computer to immediately change your Freedom Online Banking password and other passwords to your online accounts. Please call us at 417-334-9696 if you need assistance getting your password updated.

Here is an example of the malicious email: Click Here To View Image
 

May 25, 2016 - PIN Reset Scam - Source, U.S. Secret Service
In an attempt to reset debit card PIN numbers, criminals are calling customers and claiming to be a representative of the bank. In some cases they have personal information and are able to convince customers that they are legitimate. They usually claim to be from the bank's fraud monitoring department. They ask for the last 4 digits of your social security number and your transaction history. They then utilize this information to reset your debit card PIN number. If you receive such a call, do not give out any information. Hang up, contact us directly at 417-334-9696, and ask to speak to a customer service representative.

IRS Telephone Call Scam - A caller stating they are with IRS informs you that you must pay a fee, fine, or tax bill immediately or you will be incarcerated. Scammers will use Caller ID spoofing to make it look like they are calling from the IRS. Please go to the following link for full information on this scam from the IRS website.    
IRS Phone Scam Information 

"Family Member In Need" Telephone Scam - A person receives a call from a scammer who says they are a family member, usually a grandchild, niece, or nephew. The caller is in some type of trouble (auto accident or incarcerated) and needs you to wire money immediately. The caller is very convincing and knows personal details that lend credibility to their story. These scammers often obtain this personal information from social media sites. If you receive such a call, attempt to verify the story with other family members before wiring money.