New Web Server Exploit , Shellshock - posted 9/26/2014
A new vulnerability has been discovered in many devices connected to the internet. It has been named Shellshock and is a vulnerability found in a very popular program used to manage internet servers and devices. The exploit can allow an attacker to control the vulnerable device. IT Staff at Branson Bank has conducted a thorough survey of our systems. We found one system requiring an update, and that is complete. Branson Bank has no other exposure to the exploit, and we find all systems secure from the Shellshock exploit. As always, our commitment to the security of our customers is at the top of our priority list. Please contact us at 417-334-9696 if you have any questions about this security notice.
The Home Depot Credit/Debit Card Breach - posted 9/10/2014
Many have heard the news about a data breach at Home Depot affecting debit and credit card information. This breach may affect your Branson Bank account if you used a debit card at Home Depot from April to September of this year. Here are some updated facts about this breaking story along with some pointers for how to ensure your accounts are safe.
* Debit and Credit cards are both affected by this breach.
* Customers who purchased items from the Home Depot website are not at risk, only those who visited the store and used a card to make a purchase between April 1 and Sept 2, 2014.
* If you find your account at risk, you can sign up for free Identity Protection with Home Depot by calling 1-800-466-3337 to speak to an agent.
* Credit Card users will have zero liability for fraudulent charges, according to Home Depot's information release.
* Debit Card users will have zero liability in most cases.
* You should monitor your accounts that were used at Home Depot carefully and report any suspicious activity to your financial institution immediately.
If you have a Branson Bank debit card that may be at risk due to purchases made at Home Depot during the data breach, please feel free to call a new accounts representative to obtain a new debit card. You can reach us at 417-334-9696
Telephone Fraud Alert: Your Branson Bank Debit/ATM Card
5/15/12 We have become aware that some Branson Bank customers are receiving phone calls notifying them that their Debit/ATM Card has been deactivated. The recorded message instructs the customer to call a 1-800 number or Press 1 to reactivate the card. These calls are not from Branson Bank. Should you receive such a call, do not call the number or respond to the message in any way. Never provide card information to unsolicited callers. These types of calls are an attempt to obtain card information from various banks and customers to be used in fraudulent activity. If you have received a call and responded by giving out information related to your card, please contact Retail Customer Service immediately to close your card at 417-334-9696.
If you are the recipient of one of these calls and can provide us with the phone number from which the call came, along with the name of your phone service carrier, it would be helpful to us in investigating the fraud. Please call Retail Customer Service at 417-334-9696 with the information.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an email that has the appearance of being sent from the FDIC. The email informs the recipient that "in cooperation with the Department of Homeland Security, federal, state and local governments..." the FDIC has withdrawn deposit insurance from the recipent's account "due to account activity that violates the Patriot Act." It further states deposit insurance will remain suspended until identity and account information can be verified using a system called "IDVerify."
If consumers go to the link proveded in the e-mail, it is suspected they will be asked for personal or confdential information, or malicious software may be loaded onto the recpient's computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT, under any circumstances, provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to firstname.lastname@example.org.
Debit card scam targets bank customers
Published : Monday, 13 Jun 2011, 7:21 AM EDT
RALEIGH, N.C. - Authorities say thieves using text messages have scammed around $100,000 from Gateway Bank customers in North Carolina and Virginia.
North Carolina Attorney General Roy Cooper says customers have been receiving fake text messages saying their debit cards have been deactivated. They're then instructed to call a phone number and enter in their debit card number, expiration date and PIN number.
The thieves use that information to make new debit cards and withdraw money. Withdrawals have been made as far away as California.
At least 10 different phone numbers have been used by the thieves, mostly with North Carolina and Virginia area codes.
Gateway Bank officials and Cooper tell people that if they get the messages, they should contact police.
Bad Guys Use Text Messaging to Attack Bank Accounts
In today’s world of technology it seems that new terms are created everyday to describe the latest electronic criminal activity. Today is no different. A new form of attack that has come to be known as “SMiShing” (because it uses SMS text messaging) has emerged, and community banks and credit unions are the prime targets. Below is a description of a typical “SMiShing” attack. Please keep in mind that Branson Bank will NOT notify you of a suspicious ATM, Debit, or Credit Card activity via text messaging. If you receive an automated text message purporting to be from Branson Bank, requesting that you call a number, do not call the number in the text message. Instead, please call the main Branson Bank number, 417-334-9696, and ask for Operations in order to notify us of the event.
Here is an example of a currently common “SMiShing” attack:
"Notice - this is an automated message from (your bank), your ATM card has been suspended. To reactivate call urgent at 866-###-####."
In many cases, the SMiShing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone.
This information is then used to duplicate credit/debit/ATM cards. The system could also be used to direct your call to an official sounding electronic telephone system where you are asked to enter your account numbers, or even usernames and passwords to online banking.
Please know that the security of your information is always number one on our priority list. We will continue to do our best to help customers stay abreast of best practice measures for keeping their information secure as we continue to offer new and exciting products that move into new areas of accessibility and convenience for our customers. Your best defense is staying informed.
Your Branson Bank Team
Keep Your Banking Website Login Information Safe
From The Newest Attack
Hackers have found a new way to obtain customer's banking website log in information. The new hack is especially wicked because it doesn't matter if you have security software or not. Antivirus software cannot stop this from happening. Here is the deal:
A customer may visit their banking website and log in and do their business as usual. After they are done, they may continue to browse. If they land on a hacked website, the website sends a message to the people who wrote the malicious code. The user's temporary internet files folder is examined and if a recent banking website login is found, a pop-up appears that looks as though it is from your bank indicating that your session has expired and re-authentication is required. Many banks actually do request reauthentication once a login has expired, so this appears very legitimate. Once the customer "re-authenticates" his login info is passed directly to the hackers and the account is compromised.
There are a couple of ways to help protect yourself from this attack.
1. The Best Way -DO NOT reauthenticate to the banking website via any pop-up, even if you think it may be a legitimate request. Instead, close your browser and return the bank website and log back in from their main website.
2. When leaving your banking website, be certain to click Log Off instead of simply X-ing out of your browser. This closes the session.
3. When you are doing banking online, have only one browser window or tab open at a time. When you are finished, log off of your banking website, and close the browser. You can open a new browser window if you plan to do any further web browsing.
Remember, anti-virus software cannot stop this attack, because no malicious program is ever loaded onto your computer. The malicious software is actually located on the remote website. Please keep this in mind when using online banking, and help educate others about the issue.
Virus Alert! More Info
Fraudulent Cashier's Checks
Branson Bank has become aware of a Mystery Shopper scam distributing fraudulent cashier's checks purported to be from Branson Bank. We are not taking part in any such program and these checks ARE NOT valid checks issued by Branson Bank.
The fraudulent cashier's checks, thus far, have been identified in the amount of $4998.00, with the Branson Bank logo in the upper left-hand corner.
We are requesting that you contact your State Attorney General's Office to report if you have received any of these checks.
Customer Fraud Notification
Branson Bank has become aware of several unauthorized debit card transactions impacting local area residents. It is the policy of Branson Bank to move quickly to properly protect our customers from these incidents.
Branson Bank’s network and systems are monitored continuously and have in no way been compromised. Rather, this fraudulent activity is believed to be originating from the debit card transaction processing company of certain area businesses.
As always, we ask that you regularly monitor all of your accounts and notify the bank promptly if anything unusual is noticed. This can be done easily via your Freedom online banking account as well as Branson Bank’s telephone banking system.
To protect against unauthorized use of your debit card during online transactions, we're urging our customers to sign up for MasterCard® SecureCode.
Please do not hesitate to contact us with any questions at (417) 334-9696.