ATTENTION BANK CUSTOMERS
PLEASE BE ADVISED that we have received several reports of phone calls being made to our customers informing them that their debit card is locked, and to press 1 to receive help to get unlocked.
THIS IS A SCAM
It is an attempt to steal your information. Please do not give any information to the people making these calls; just hang up.
Please contact Laona State Bank if you receive a call like this.
Dridex Banking Trojan: Worldwide Threat
Phishing Campaign Uses Malware Embedded in Word Documents
Attackers are targeting online banking users' account information worldwide through sophisticated phishing attacks designed to deliver Microsoft Word documents containing malicious macro code known as Dridex. Dridex is a variant of the Cridex malware, which is also designed to steal personal information.
Attackers leveraging this new banking malware have dusted off a legacy tactic in which infection occurs through a believable spamming campaign. The new banking Trojan may not be as significant as other variants because it relies heavily on social engineering to get someone to open an infected file, something that in our modern times of security awareness isn't as successful as it used to be. However, once installed, the malware is just as dangerous as other variants currently out. Still, accountholders can be fooled through this latest social engineering scheme, so we are continuing to educate our customers about phishing threats.
How It Works
To launch an attack, criminals send a spam message with a Word document attached that contains the Dridex malware. If a user opens the Word document, they must enable the macro feature, which is disabled by default, in order for the malware to be downloaded. Some malicious attachments state that the content will not be visible unless the macro feature is enabled.
Once downloaded, Dridex monitors for activity related to online banking. The malware then performs information theft through such methods as form grabbing, screenshots and site injections.
By collecting online banking data, cyber-attackers can access bank accounts and transfer funds to their own accounts. Like any Trojan infection, Dridex is a highly harmful infection that must be removed upon detection.
Effective October 17, 2014, MasterCard is extending its zero liability limitation in the U.S. to include all MasterCard PIN-based and ATM transactions. This is in addition to coverage already provided on signature debit and credit transactions. To be covered by the zero liability limitation, the cardholder must promptly report the loss or theft as soon as becoming aware of it.
What's My FICO Score and Why Does It Matter?
Many adults become aware of their FICO score when applying for a home mortgage or other loan. They may learn that their score is 690 or 740 or 770. But what does it really mean?
FICO is a firm once known as Fair Isaac Company. It specializes in analyzing data to create a financial grade for each potential borrower. The score is used to help banks and other lenders predict how likely it is that a consumer will pay his or her bills on time and be able to handle a mortgage amount or credit line. The score is also a factor in the interest and terms of your loan.
To create a score ranging from a low of 300 to a high of 850, FICO uses information provided by the three major reporting agencies: Equifax, Experian, and TransUnion. When creating a score, FICO considers the following factors:
What does your score mean?
By now, you may be wondering how to find your FICO score. While you can find your scores based on information from the three major reporting agencies online at www.myfico.com, these are not free. In addition, they may not be the precise scores used by your lender.
A better value is to request a free credit report from the three major reporting agencies online at www.annualcreditreport.com or by toll-free phone at 877-322-8228. Keep in mind the factors that FICO considers when reviewing your credit reports to get a handle on your approximate score. Also be sure to check these reports annually and inform the agencies if you spot any errors or inaccuracies.
To learn more about your financial health, visit the Wisconsin Department of Financial Institutions' Financial Wellness Checklist Center at www.wdfi.org/ymm/wellness_checklist.htm.
Scammers, hackers, and identity thieves are looking to steal your personal information – and your money. But there are steps you can take to protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.
Don’t buy security software in response to unexpected pop-up messages or emails, especially messages that claim to have scanned your computer and found malware. Scammers send messages like these to try to get you to buy worthless software, or worse, to “break and enter” your computer.
Treat Your Personal Information Like Cash
Don’t hand it out to just anyone. Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. So every time you are asked for your personal information – whether in a web form, an email, a text, or a phone message – think about whether you can really trust the request. In an effort to steal your information, scammers will do everything they can to appear trustworthy.
Check Out Companies to Find out Who You’re Really Dealing With
When you’re online, a little research can save you a lot of money. If you see an ad or an offer that looks good to you, take a moment to check out the compnay behind it. Type the company or product name into your favorite search engine with terms like “review,” “complaint,” or “scam.” If you find bad reviews, you’ll have to decide if the offer is worth the risk. If you can’t find contact information for the company, take your business elsewhere.
Don’t assume that an ad you see on a reputable site is trustworthy. The fact that a site features an ad for another site doesn’t mean that it endorses the advertised site, or is even familiar with it.
Give Personal Information Over Encrypted Websites Only
If you’re shopping or banking online, stick to sites that use encryption to protect your information as it travels from your computer to their server. To determine if a website is encrypted, look for https at the beginning of the web address (the “s” is for secure).
Some websites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, the entire account could be vulnerable. Look for https on every page of the site you’re on, not just where you sign in.
Protect Your Passwords
Here are a few principles for creating strong passwords and keeping them safe:
Back Up Your Files
No system is completely secure. Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files