Fraudsters are persistent in their development of scams to outsmart the current controls put in place to protect you personal information. Below are some recent Fraud Scams.
Wendy's Payment Card Breach
The Wendy's Company updated its customers in a press release on July 7, 2016 regarding malicious cyber activity experienced at some Wendy's restaurants. The Company first reported unusual payment card activity affecting some franchise-owned restaurants in February 2016. Subsequently, on June 9, 2016, the Company reported that an additional malware variant had been identified and disabled.
The company, on behalf of affected franchise locations, is providing information about specific restaurant locations that may have been impacted by these attacks. The Wendy's in Sault Ste. Marie has been identified as possibly impacted.
Click here to read a statement from Todd Penegor, President and CEO of The Wendy's Company.
Old Mission Bank has been notifying customers that used their debit cards at a Wendy's restaurant during the time of the breach. If you have not been contacted yet and think you may have used your card at a Wendy's restaurant from December 2, 2015 through June 9, 2016, please contact us at (906) 635-9910.
IRS Imposter Scams are on the Rise
Click here to read an article by the Federal Trade Commission regarding threatening IRS Imposter phone calls and what to do if you receive one of these calls.
Russian Hackers Might Have Your Info – Now What?
You may have heard about it in the news: reports that Russian hackers have stolen more than a billion unique username and password combinations, and more than 500 million email addresses, grabbed from thousands of websites. What should you do about it?
Click here for more information from the Federal Trade Commission on steps you can take to protect yourself online.
New Threat Against Online Banking
A new type of malware, known as "iBanking," often masquerades as legitimate social networking, banking, or security applications. It is mainly being used to defeat out-of-band security measures employed by banks, intercepting one-time passwords sent through SMS. Any online banking user with an Android based cellular phone could be affected by this. It is important to note that this malware does not impact iPhone or Windows Phone users.
Attackers are using social engineering tactics to lure their victims into downloading and installing "iBanking" on their Android devices. The victim is usually already infected with a financial trojan on their PC, which will generate a pop up message when they visit a banking or social networking website. This pop up will ask them to install a mobile app as an additional security measure.
The user is prompted for their phone number and the device operating system and will then be sent a download link for a fake software by SMS. If the user fails to receive the message for any reason, the attackers also provide a direct link and QR code as alternatives for installing the software. In some cases, the malware is hosted on the attackers' servers. In other cases, it is hosted on reputable third-party marketplaces.
"iBanking" can be configured to look like official software from a range of different banks and social networks. Once it is installed on the phone, the attacker has almost complete access to the handset and can intercept voice and SMS communications.