A scam email that poses as a survey from the U.S. Census Bureau is being used to collect personal and sensitive information. If you receive a questionable email, do not submit personal data. The Census Bureau will not request personal information from the public via email, such as PIN codes, passwords, Social Security numbers, credit-card numbers or other financial account information.

Always make sure to follow best security practices and always consider why a person or business needs personal information about you before you provide it.

Census Bureau Scam

SmiShing Attacks
(Text Phishing by Cell Phone)

A Scam has been identified which is impacting cardholders of financial institutions located primarily in the eastern region of the United States.

As you may or may not know "SmiShing" is a type of social engineering that uses cell phone text messages to persuade victims to provide personal information such as card number, CVV2, and PINS.  The text message may contain either a website address or more commonly, a phone number that connects to an automated voice response system, which then asks for personal information.

Following are examples of SMiShing messages recently sent to cardholders from various institutions.

Text message originating from either "notice@jpecu or message@ccca


ABC CU - has - deactivated-your-Debit-Card to re-activate-contact: 210-957-XXXX

Text message originating from

- (Card Blocked) Alert. For more information please call 1-877-269-XXXX














The Federal Deposit Insurance Corporation (FDIC) has become aware of e-mails appearing to be sent from the FDIC that are asking recipients to download and open a "personal FDIC insurance file" to check their deposit insurance coverage. These e-mails are fraudulent and were not sent by the FDIC. The FDIC is attempting to identify the source of the e-mails and disrupt the transmission.

Currently, the subject line of the fraudulent e-mails includes the wording "check your Bank Deposit Insurance Coverage." The e-mails state: "You have received this message because you are a holder of a FDIC-insured bank account. Recently FDIC has officially named the bank you have opened your account with as a failed bank, thus, taking control of its assets."

The e-mails ask recipients to "visit the official FDIC website" by clicking on a hyperlink provided, which appears to be related to the FDIC and directs recipients to a fraudulent Web site. The Web site includes hyperlinks that appear to open forms. However, it is believed that clicking on the hyperlinks will cause an unknown executable file to be downloaded. While the FDIC is working with the United States Computer Emergency Readiness Team (US-CERT) to determine the exact effects of the executable file, recipients should consider the intent of the software as a malicious attempt to collect personal or confidential information, some of which may be used to gain unauthorized access to online banking services or to conduct identity theft. Financial institutions and consumers should NOT access the Web site or download the executable files provided on the Web site.

Sandra L. Thompson
Division of Supervision and Consumer Protection

Fraudulent FDIC email
Email claims that the user's email account has exceeded its storage limit and instructs him or her to reply with the account username and password in order to increase the mailbox size and restore full functionality .

Email Exceeded Storage Limit Phishing Scam

Errors in Social Security Statement "Trojan Email"

Email purporting to be from Social Security Administration claims that the recipient's Social Security statement may contain errors and urges him or her to click a link to review the statement

Internet Crime Prevention Tips

New Bredolab Virus Targets Unsuspecting Facebook Users

There is a new virus spreading around the web via email which targets Facebook users.  According to MXLab, the email includes downloadable files which include the Trojan virus:  Bredolab.  While you would think Gmail and more aggressive spam blocking email services will filter this out, anybody who receives an email with the Subject of:

"Facebook Password Reset Confirmation"

Should delete the email completely and immediately.

According to MXLab, the body of the email is as follows:

Hey "your facebook name",

Because of the measures taken to provide safety to our clients your password has been changed.

You can find your new password in the attached document.

The Facebook Team

This virus only appears to work on Windows computers as it runs an executable file when downloaded.  Spoofing official emails from large companies is a pretty standard method for spammers.  You should always avoid any email which asks you to download a file.


Be aware of "Antivirus Live"
It is a virus in disguise
aka."Windows XP Internet Security"
and "Windows Vista Internet Security"

The "Antivirus Live" virus or "Antivirus Live Platinum" virus as it is sometimes called is actually a virus, to be more exact it is spyware.  If you haven't caught it yet, feel lucky and just be careful not to "get" it in the future.

The virus spreads by the user (that's you) downloading games, music, videos and the like without being sure the source of these files.  Once the virus infiltrates your computer it will begin displaying popup windows that basically say "you have a virus" and "click here to buy the latest version of Antivirus Software.   Don't do it.   Legitimate antivirus software providers will not randomly prompt you to buy there product.   You should already know what antivirus software you are running and what it's prompts look like. 

If, on the other hand you think you already have this virus please consult with your computer support company or person and have it removed immediately. 

This seems to be a widespread virus.

Click here for:
Click here for:
Click here to be taken to the FBI Internet Crime Complaint Center to read about Internet Crime Prevention tips.