FDIC warns of scam targeting consumers' bank accounts

Computerworld - Consumers and financial institutions are being warned of a new e-mail scam that purports to be from the Federal Deposit Insurance Corp. and that advises consumers to click on an attached file for more information about alleged fraudulent activity regarding their bank accounts.
Instead, according to FDIC spokesman David Barr, the attached file is either a computer virus or a program that can steal personal information from a computer and send it to the scammer.
In an announcement yesterday, the Washington-based FDIC said the e-mails are sent from "security" at fdic.com, with a subject line called "fraud report." The e-mail tells recipients that their bank accounts have been temporarily closed because of fraudulent activity, then directs the recipients to open an attached file for details related to the fraudulent activity as well as for information on how to contact the FDIC.
The first report of the scam was made to the FDIC by a U.S.-based consumer yesterday morning, Barr said. "We got a complaint from a consumer that they had received one of these e-mails, and they wanted to know if it was true," he said.
The FDIC didn't send out the e-mails, Barr said.
"We've detected that the attachment has a virus," he said. FDIC security personnel are still working to determine what the virus does on target machines. As of late today, the agency had received about 100 inquiries by phone and e-mail from recipients of the fake messages. Warnings have already been circulated by the agency to more than 9,100 financial institutions across the country, Barr said.
The agency reminds consumers who receive any such messages to delete them without opening the attached file.
The FDIC was hit in January when a phishing scam was used to try to lure consumers into entering their personal bank-account information onto a Web page that claimed to be from the agency (see story). That scam told consumers that their federal deposit insurance had been canceled because of alleged fraud, then asked them to click a link to go to a Web page to report any problems. Instead, the link sent the user to a non-FDIC Web site overseas, Barr said.
The agency is still working with the FBI and other agencies to try to track down the originator of that scam, he added.
The FDIC, created by Congress in 1933 to restore public confidence in the U.S. banking system during the Depression, insures deposits at the nation's 9,182 banks and savings associations. It doesn't routinely contact consumers, Barr said, butmostly deals with its member financial institutions.