In The News
3/6/2014 - Scams Targeting Merchants
Public Service Announcement
Prepared by the Internet Crime Complaint Center (IC3)
The FBI is aware of various scams pertaining to re-loadable pre-paid debit cards, but specifically wants to alert the public on a bomb scare scam targeting businesses.
One scenario is scammers begin calling businesses and fraudulently representing themselves as a utility company employee and advising the utility bill payment is past due. The caller claims the service will be terminated unless payment is made immediately. Acceptable forms of immediate payment are Green Dot “MoneyPak” cards purchased from a local convenience store or a valid credit card or bank account information. Once the account numbers from the MoneyPak, credit cards, or banks are provided, the scammer removes the funds associated with the MoneyPak or steals funds from the accounts.
A second scenario involves a scammer who calls in a bomb threat to a retailer and demands to speak with the manager. Instructions are provided to the store manager to purchase and activate Green Dot MoneyPak cards with $500 loaded on each card. The card numbers are to be read to the scammer over the phone. If managers do not comply, the caller threatens to blow up the establishment and continues to threaten store employees’ homes and families.
In all reported instances, no manager has complied with the caller, and no explosive devices have been found.
According to MoneyPak.com, Green Dot MoneyPak cards are convenient and easy to use and can be purchased at participating retailers. There is a $4.95 charge associated with the MoneyPak card, but after purchase, it can be used to “reload prepaid cards, add money to a PayPal account without using a bank account, or make same-day payments to major companies.” MoneyPak cards are similar to wire transfers and are untraceable.
Several law enforcement agencies and media outlets across the United States have issued alerts on their websites pertaining to various scams associated with prepaid Green Dot MoneyPak cards.
2/13/2014 - Callback Scheme Used In International Revenue Share Fraud
Prepared by the
Internet Crime Complaint Center (IC3)
Telephone companies in the United States are seeing missed calls used to enable International Revenue Share Fraud (IRSF). Fraudsters are using call generators with automated spoofing capabilities to place calls to a large volume of US cell phone numbers. The calls typically ring once. The number displayed on the recipient’s caller ID is a high cost international number, usually located in the Caribbean. The recipient calls the number back and is greeted with a message designed to keep them on the line, such as “Hello, you have reached the operator, please hold.” The longer the caller stays on the line, the more revenue fraudsters generate.
Recipients do not realize they are calling an international number and that they will be billed for an international call. Businesses are also victims because recipients often use their work telephone to make the return call.
Telephone companies in the United States are charged when a return call is made because they are required to pay a fee to transfer calls to foreign countries. The payment is then shared with the fraudster who spoofed the calls. This is referred to as IRSF.
Area codes used in the spoofed numbers are from Anguilla, Antigua, Barbados, British Virgin Islands, the Commonwealth of Dominica, Grenada, Montserrat, and the Turks and Caicos Islands. These countries’ numbers are part of the North American Numbering Plan and do not require 011 to be dialed as with other international calls.
Recipients should not answer calls from numbers they do not recognize or initiate a return call. Recipients will not be charged for receiving the calls, however.
Companies that do not conduct business with companies in the above-mentioned countries may want to consider blocking these area codes to avoid this type of charge.
For more information regarding online scams visit our Press Room page for the most current Public Service Announcements. http://www.ic3.gov/media/default.aspx
The complete article can be read or printed online.
2/18/2014 - Back, back, back it up
by Nicole Vincent Fleming - Consumer Education Specialist
You’ve heard it a million times: Don’t click on links in an email unless you know who sent it and what it is.
But sometimes the link in an email is just so darned convenient. For example, you ship a package to a friend, and then you get an email with a link to track the delivery. It’s safe to click that link, right?
Scammers are sending emails that look like courtesy messages from legitimate companies — especially shipping companies — to spread a new ransomware called Cryptolocker. So what’s ransomware, and why should you care?
Ransomware is a type of malware that prevents you from using your computer until you pay a certain amount of money. It’s essentially extortion, with all the data on your computer at risk unless you pay.
Cryptolocker works by encrypting all the files on your computer — your photos, your documents, your tax refunds — anything you’ve saved to the hard drive or any shared folders. Once the files are encrypted you won’t be able to open them without the encryption key — which you can get only from the criminals behind Cryptolocker.
After Cryptolocker has encrypted your files, it displays a message like this:
The criminals demand payment through an anonymous payment type like Bitcoin or Green Dot cards, and promise to give you the key if you pay the ransom in time (for example, $300 to be paid within 72 hours).
Unfortunately, once Cryptolocker has encrypted your files, there’s no way to recover them. You could pay the ransom, but there’s no guarantee you’ll get the encryption key.
So what can you do?
Back up your files. Right now. And often.
An external hard drive is a good option, but be sure to disconnect it from the computer when you are not actively backing up files. If your back-up device is connected to your computer when Cryptolocker strikes, the program will try to encrypt those files, too.
What else can you do?
- Instead of clicking on a link in an email, type the URL of the site you want directly into your browser. Then log in to your account, or navigate to the information you need.
- Minimize “drive-by” downloads by making sure your browser’s security setting is high enough to detect unauthorized downloads. For example, use at least the "medium" setting in Internet Explorer.
- Don’t open “double extension” files. Sometimes hackers try to make files look harmless by using .pdf or .jpeg in the file name. It might look like this: not_malware.pdf.exe. This file is NOT a PDF file. It’s an EXE file, and the double extension means it’s probably a virus.
For more tips about how to avoid, detect, and get rid of malware, watch our video:
The complete article can be read or printed online.
2/18/2014 - Random text message? No real prize is waiting for you
by Cristina Miranda - Consumer Education Specialist, FTC
We’ve said it before, and we’ll say it again: Don’t reply to -- or click on -- a link for a random text message you see on your phone saying that you’ve won a prize, gift card or an expensive electronic like an iPad. It’s most likely a scam.
According to a text spam settlement announced by the FTC, two groups of companies known as SubscriberBASE Holdings, Inc., and Threadpoint, LLC, hired spammers to send millions of unsolicited texts to lure people to websites where they would get “free” gift cards. When people clicked on the links, they were led to bogus websites to register for the prizes. Registration required them to sign up for several third-party offers where they had to reveal personal information. At the end, no one actually got the gift cards that were promised. The whole operation was designed to allow these companies to collect people’s personal information and make money by selling it to third-parties.
This scam is avoidable:
- Delete random texts, especially those that ask you to enter a special code, or to confirm or provide personal information by following a link to a website. These are almost always bogus sites that exist to access your information.
- Never give your personal or financial information out online. Be guarded with your personal information, and treat it as if it were cash. Refrain from entering your Social Security, bank account, or credit card numbers online or by phone to someone who gets in touch with you. And remember, no legitimate company will ever text or email you asking for your personal information.
- Report spam texts to your carrier. Copy the original message and forward it to 7726 (SPAM) free of charge, if you are an AT&T, T-Mobile, Verizon, or Sprint subscriber.
The complete article can be read or printed online.
2/10/2014 - “One-ring” cell phone scam can ding your wallet
by Colleen Tressler, Consumer Education Specialist
Who’s calling now? That number doesn’t ring a bell. Hold the phone, says the Federal Trade Commission. You could be a potential victim of the growing "one-ring” cell phone scam.
Here’s how it works: Scammers are using auto-dialers to call cell phone numbers across the country. Scammers let the phone ring once — just enough for a missed call message to pop up.
The scammers hope you’ll call back, either because you believe a legitimate call was cut off, or you will be curious about who called. If you do, chances are you’ll hear something like, “Hello. You’ve reached the operator, please hold.” All the while, you’re getting slammed with some hefty charges — a per-minute charge on top of an international rate. The calls are from phone numbers with three-digit area codes that look like they’re from inside the U.S., but actually are associated with international phone numbers — often in the Caribbean. The area codes include: 268, 284, 473, 664, 649, 767, 809, 829, 849 and 876.
If you get a call like this, don’t pick it up and don’t call the number back. There’s no danger in getting the call: the danger is in calling back and racking up a whopping bill.
If you're tempted to call back, do yourself a favor and check the number through online directories first. They can tell you where the phone number is registered.
If you’ve been a victim of the “one-ring” scam, try to resolve the charges with your cell phone carrier. If that doesn’t work, file a complaint with the Federal Trade Commission and the Federal Communications Commission.
And as a general rule: Read your phone bill often — line by line. If you don’t recognize or understand a charge, contact your carrier.
I’ve got to go now; my cell phone is ringing.
The complete article can be read or printed online.
2/5/2014 - Phantom debts and fake collection notices
by Nicole Vincent Fleming, Consumer Education Specialist, FTC
Imagine getting an official-looking letter — with a seal, signed by a judge — that says you owe a lot of money for an unpaid payday loan. Awfully intimidating, right? Especially if it included your correct name, address, and maybe even your Social Security number.
In a new twist on an old scam, criminals are impersonating law firms, judges, and court officials. They send out scary letters and make threatening phone calls about phantom debts to try to convince people to send them money.
So, what should you do if you get one of these nastygrams? No matter how convincing a letter or phone call seems, check it out. Look up the real number for the government agency, office, or employee (yes, even judges) and get the real story. It’s likely to be a scam.
Be suspicious if anyone — no matter who they say they are — asks you to wire money, or load a rechargeable money card as a way to pay back the debt. There’s no legitimate reason for someone to ask you to send money that way.
Curious about other imposter scams? Check out some of our previous scams alerts. And if you haven’t already, sign up to get new scam alerts by email.
The complete article can be read or printed online.
1/31/2014 - An Online Payday Loan Or Window To A Scam?
by Cristina Miranda - Consumer Education Specialist, FTC
Strapped for cash? You might think an online payday loan is a quick and easy way to help stretch your money. But before you enter your bank account or any other personal information on a payday loan website, back away from the keyboard! That online payday loan might be a window to a scam.
A federal court has granted the FTC an order for contempt in the matter of Suntasia Marketing, Inc., a company previously involved in a telemarketing scheme that bilked consumers out of millions of dollars. This time around, the scammers took advantage of people looking for online payday loans by tricking them into completing an online application. The catch? The website and application were a pretense – an attempt to get people’s bank account information. Once the company had their account numbers, they enrolled unaware consumers in an ongoing membership program for an online mall. But because the terms of the program were obscure and buried deep in the website, there was no way for the consumers to know. And the company took their silence and failure to cancel as acceptance and permission to regularly debit money from their accounts on a regular basis.
So how can you avoid a scam like this one? It can be tough. But knowing how some scam operators work can make you think twice about the sites you visit and what you do when you get there.
- Keep a close hold on your personal information. Whether your visit to an online payday loan site results in a loan, simply entering information on the site may come back to haunt you. Even if you never hit "Submit" to complete the transaction, your information can be captured through keystroke logging – a program used to see and store everything you enter on application. Scammers can use this information to commit identity theft, or debit money from your accounts.
- Read the fine print. If the details of any online transaction, application or membership program aren’t apparent and understandable, don’t follow through. Incomprehensible or hard to find details could be warning signs of a scam.
- Review your bank account and billing statements for unauthorized charges. Regularly reading all your account statements can help you see where your money is going, and help you flag unauthorized billing charges. If you suspect an unauthorized charge, ask your bank or the merchant about it, and dispute it.
If you suspect a scam, file a complaint with the FTC. For more information, check out our Payday Loans and Online Payday Loans article.
The complete article can be read or printed online.
1/10/2014 - Ann Arbor State Bank adds positions as it increases lending
Ann Arbor State Bank is growing both in the money its lending and the staff its employing.
The 5-year-old bank, located n downtown Ann Arbor, has added employees in the last year, including positions in commercial lending and mortgage underwriting and operations, among others. The bank currently has a staff of 37 employees and the occasional intern.
"We had a pretty good growth year staff-wise," says Peter Schork, president & CEO of Ann Arbor State Bank.
Ann Arbor State Bank now has $174 million in deposits, which is up from $153 million last year. It's grown its revenues by 25 percent in 2013 and increased its profitability by 15 percent.
Driving that growth is Ann Arbor State Bank's loan portfolio. The bank has watched its loans jump from $98 million last year to $116 million to kick off 2014. Part of that is the bank’s hire of a mortgage originator in 2012 that has aggressively grown the bank’s portfolio.
"We're doing a lot of (mortgages for) existing houses," Schork says. "Last year we did $7 million in construction loans. That’s equal to the total we had in our first three years."
Schork expects that trend to continue as the economy improves and Ann Arbor State Bank adds more employees to facilitate more revenue growth.
Source: Peter Schork, president & CEO of Ann Arbor State Bank
Writer: Jon Zemke
The complete article can be read or printed online.
1/2/2014 - ANN ARBOR: New loan officer at Ann Arbor State Bank
New loan officer at Ann Arbor State Bank
Peter Schork, president & COO of Ann Arbor State Bank, recently announced that Erin Kennedy has joined Ann Arbor State Bank as Commercial Loan Officer. Her primary concentration will be originating commercial loans and deposits in the greater Jackson area.
Kennedy has seven years experience in banking, including extensive work with MF Global Inc., where she obtained Series 3 Certification as an Associate Person Registered. Her experience also includes Futures and Options Xecution in Chicago, Illinois, as well as Fifth Third Bank in Jackson.
Kennedy is a graduate of Western Michigan University and holds a Bachelor of Science and Business. She is also a graduate of Lumen Christi High School in Jackson.
“Erin is a highly motivated Sales Professional with a broad range of technical, creative and leadership skills,” Schork said.
Ann Arbor State Bank is locally owned and operated, and best known for providing the highest level of professional customer service, with an experienced, enthusiastic staff, serving local businesses and the community.
The complete article can be read or printed online.
1/6/2014 - Tech Support Scams: Part 2
Nicole Vincent Fleming
Consumer Education Specialist
No, not poltergeists. Scammers. And they want your last penny.
We’ve written before about tech support scams — where a caller claims that your computer has a terrible virus and needs immediate attention. The scammer asks for remote access and then charges you for “fixing” a problem that wasn’t there.
Now, they’re working the phones again, and they claim that if you paid for tech support services, they can get you a refund. We’ve heard about several variations of this scam:
- They might ask if you were happy with the service. If you say no (and you probably will), they claim they can get you a refund.
- Or they might say that the company is going out of business and providing refunds to people who already paid.
Once they’ve got you hooked, they claim that they need your bank or credit card account number to process the refund.
They might say that you need to create a Western Union account to receive the money. They may even offer to help you fill out the necessary forms — if you give them remote access to your computer. But instead of transferring money to your account, the scammer withdraws money from your account.
So, what can you do if you paid for bogus tech support services?
- File a complaint at ftc.gov/complaint.
- If you paid with a credit card, call your credit card company and ask them to reverse the charges.
- Hang up on callers who offer a refund in exchange for your bank or credit card account number or a Western Union account.
The complete article can be read or printed online at http://www.consumer.ftc.gov/blog/tech-support-scams-part-2.
We feel we have notified our customers that may have been impacted to have cards replaced, but check the link for Target’s official announcements. Please read Targets offical annoucement.
12/20/2013 - Unauthorized access to payment card data in U.S. Target stores affects up to 40M cards
Target acknowledged Thursday that data connected to about 40 million credit and debit card accounts was stolen as part of a breach that began over the Thanksgiving weekend.
Target's disclosure came a day after reports that the company was investigating a breach.
Customers who made purchases by swiping their cards at its U.S. stores between Nov. 27 and Dec. 15 may have had their accounts exposed. The stolen data included customer names, credit and debit card numbers, card expiration dates and the embedded code on the magnetic strip on back of the card.
We do not know which of our Ann Arbor State Bank debit cardholders has been affected yet, but we can order you new cards and reduce your current card limits in order to reduce the losses due to fraud. Please contact our customer service if you know you were shopping at Target around Black Friday and would like to order a new card. Please read Targets’ announcement regarding the security breach.
The complete Target article can be read or printed online at https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca.
12/4/2013 - The annual tradition continues with Ann Arbor State Bank's beautiful antique sleigh on display
The bank is displaying a sleigh made in 1889 by the Ann Arbor Carriage Company. This local company was known in its day for making top of the line carriages and light sleighs. It was a jewel for the City of Ann Arbor providing two vehicles to President Grover Cleveland's administration. The display is complete with two reindeer and loads of presents along with a decorated Christmas tree.
You’re invited to come to the bank through the month of December to view the display of this hidden Ann Arbor Treasure.
11/26/2013 - Public Service Announcement
Prepared by the Internet Crime Complaint Center (IC3)
Holiday Shopping Tips
The FBI reminds holiday shoppers to beware of cyber criminals who are out to steal money and personal information. Scammers use many techniques to defraud consumers, from phishing e-mails offering too good to be true deals on brand-name merchandise to offering quick cash to victims who will re-ship packages to additional destinations. Previously reported scams are still being executed today.
While monitoring credit reports on an annual basis and reviewing account statements each month is always a good idea, consumers should keep a particularly watchful eye on their personal credit information at this time of year. Scrutinizing credit card bills for any fraudulent activity can help to minimize victims’ losses. Unrecognizable charges listed on a credit card statement are often the first time consumers realize their personally identifiable information has been stolen.
Bank transactions and correspondence from financial institutions should also be closely reviewed. Bank accounts can often serve as a target for criminals to initiate account takeovers or commit identity theft by creating new accounts in the victims’ name. Consumers should never click on a link embedded in an e-mail from their bank, but rather open a new webpage and manually enter the URL (web address), because phishing scams often start with phony e-mails that feature the bank’s name and logo.
When shopping online, make sure to use reputable sites. Often consumers are shown specials on the web, or even in e-mail offers, that look too good to be true. These sites are used to capture personally identifiable information, including credit card numbers, addresses and phone numbers to make fraudulent transactions. It’s best to shop on sites with which you are familiar and that have an established reputation as trusted online retailers, according to the MRC, a nonprofit that supports and promotes operational excellence for fraud, payments and risk professionals within eCommerce.
If you look for an item or company name through a search engine site, scrutinize the results listed before going to a website. Do not automatically click on the first result, even if it looks identical or similar to the desired result. Many fraudsters go to extreme lengths to have their own website appear ahead of a legitimate company on popular search engines. Their website may be a mirrored version of a popular website, but with a slightly different URL.
Purchases made on these sites could result in one or more of the following consequences: never receiving the item, having your credit card details stolen, or downloading malware/computer virus to your computer. Before clicking on a result in a search engine, inspect the URL of the destination website. Look for any misspellings or extra characters such as a period or comma as these are indicative of fraud. When taken to the payment page of a website, again verify the URL and ensure it is secure by starting with “HTTPS,” not just “HTTP.”
Here are some additional tips you can use to avoid becoming a victim of cyber fraud:
- Do not respond to unsolicited (spam) e-mail.
- Do not click on links contained within an unsolicited e-mail.
- Be cautious of e-mail claiming to contain pictures in attached files; the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
- Avoid filling out forms contained in e-mail messages that ask for personal information.
- Always compare the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site.
- Log on directly to the official website for the business identified in the e-mail instead of “linking” to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
- Contact the actual business that supposedly sent the e-mail to verify that the e-mail is genuine.
- If you are requested to act quickly or there is an emergency that requires your attention, it may be a scam. Fraudsters create a sense of urgency to get you to act quickly.
- Remember if it looks too good to be true, it probably is.
Finally, check these additional sources to become even more informed on safe online shopping. Previous Holiday Shopping Tips public service announcements can be viewed on IC3.gov at the following links: http://www.ic3.gov/media/2012/121120.aspx, http://www.ic3.gov/media/2011/111121.aspx and http://www.ic3.gov/media/2010/101118.aspx.
US-CERT posted a Holiday Season Phishing Scams and Malware Campaigns release on Nov. 19, 2013, reminding consumers to stay aware of seasonal scams. The entire alert can be viewed at https://www.us-cert.gov/ncas/current-activity/2013/11/19/Holiday-Season-Phishing-Scams-and-Malware-Campaigns.
11/4/2013 -Induction of Honorary Members
Kiwanis Club of Ann Arbor
Volume 5, Issue 5
Ann Mattson, Editor
Alan Dailey, Publisher
George Gilligan emceed the induction program for our 5 outstanding new Honorary Members. We hope they will spend many Monday noons with us in the coming year. Entrepreneur and community volunteer Toni Rodgers was introduced by Jean Robinson. Toni owns 4 McDonalds stores in the Ann Arbor/Ypsilanti area and was honored as the first woman “Rookie of the Year” by the Michigan McDonalds owners. She has since served as President of that organization. Her community interests include serving on the Boards of the Washtenaw Community College Foundation and Ann Arbor State Bank. She is the Fundraising Chair for the Ann Arbor Chapter of Links. Clarence Dukes introduced Malcolm Cox. Mac is the former Asst. Director of Financial Operations at the U of M. He also served as Ombudsman for U of M’s financial operations. He now uses his financial expertise helping senior citizens file their tax returns as a volunteer with the Housing Bureau for Seniors and the Turner Resource Center. Rip Kinney introduced Bob Fletcher. Bob enlisted in the Army right after his high school graduation in May of 1950. By July he was serving in Korea and later that year when he was just 5 days shy of his 18th birthday he and 139 of his peers were taken prisoner. Bob was a POW until August of 1953. He was one of 39 who survived. He is a former National Commander of American Ex-Prisoners of War, a Congressionally-chartered not-for-profit veterans’ service organization that advocates for former prisoners of war and their families. He frequently speaks to high school and other groups about his experiences. Sheridan Springer introduced Jake Haas who is also an entrepreneur and Ann Arbor State Bank Board member. Jake owns Saline Construction Co., Airport Plaza in Ann Arbor, and North Face Farm in Chelsea. He is a past member of the Dexter School Board and the Greenhills School Board. Jake is the very generous landlord for our warehouse. In addition to donating the space for our use, he thanked us for providing him with a great way to give back to the community. Leticia Byrd introduced William Hampton. William commended us for our mission of “serving the children of the world”. He is Vice President of the Ann Arbor Breakfast Optimist Club and has been very active with the Washtenaw Area Council for Children, the Ann Arbor Shelter Association, and the Ann Arbor NAACP. Thank you all for joining us as Honorary Members.
The complete article can be read or printed online at http://a2kiwanisfoundation.org/wp-content/uploads/2013/11/AAK-News-Nov-4.pdf
10/28/2013 - CryptoLocker Ransomware Encrypts User’s Files
Public Service Announcement
Prepared by the
Internet Crime Complaint Center (IC3)
The FBI is aware of a file encrypting Ransomware known as CryptoLocker. Businesses are receiving email with alleged customer complaints containing an attachment that when opened, appears as a window and is in fact a malware downloader. This downloader than downloads and installs the actual CryptoLocker malware.
The verbiage in the window states that important files have been encrypted using a unique public key generated for the computer. To decrypt the files you need to obtain the private key. A copy of the private key is located on a remote server that will destroy the key after the specified time shown in the window. The attackers demand a ransom of $300.00 to be paid in order to decrypt the files.
*Unfortunately, once the encryption of the files is complete, decryption is not feasible. To obtain the file specific Advanced Encryption Standard (AES) key to decrypt a file, you need the private RSA key (an algorithm for public key cryptography) corresponding to the RSA public key generated for the victim’s system by the command and control server. However, this key never leaves the command and control server, putting it out of reach of everyone except the attacker. The recommended solution is to scrub your hard drive and restore encrypted files from a backup.
As with any virus or malware, the way to avoid it is with safe browsing and email habits. Specifically, in this case, be wary of email from senders you don’t know and never open or download an attachment unless you’re sure you know what it is and that it’s safe. Be especially wary of unexpected email from postal/package services and dispute notifications.
9/16/2013 - Vexing Texts
by Carol Kando-Pineda Attorney, FTC
Who doesn’t like to get something for free? That’s what scammers are hoping when they send out messages like this:
You've been selected for a free $1000 giftcard!
Enter the code 'FREE' at yourfavestore.com.shop.biz to get it now.
Only 112 left! Text OUT to stop.
But if you do as the text says, you’ll end up at a website that requires you to give up your personal information to claim your “free” gift. Once you’ve shared your information, the site pushes you to sign up for more than a dozen risky trial offers (which aren’t free) to qualify for the supposedly free gift card they promised you.
Hold the phone! If you get a spam text:
- Delete it! In fact, get rid of any texts asking you to confirm or provide personal information. Legitimate companies don’t ask for information like account numbers or passwords by text or email.
- Don’t reply, and don’t click on links provided in the message. Links can install malware and take you to spoof sites that look real but whose purpose is to steal your information.
- Don’t give out any personal information in response to a text. A spammer may want access to your Social Security number, credit card numbers, and bank and utility account numbers to open new accounts in your name.
- Report spam texts to your carrier. AT&T, T-Mobile, Verizon, Sprint or Bell subscribers can copy the original text and forward it to 7726 (SPAM), free of charge.
- Review your cell phone bill for unauthorized charges. Report them to your carrier.
Learn more about how to deal with text message spam.
9/11/2013 - Scam Targets Corporations; LARA alerts Michigan businesses of scheme collecting $125 fee to prepare annual minutes
Contact: Mario Morrow 517-373-9280
Agency: Licensing and Regulatory Affairs
Michigan Department of Licensing and Regulatory Affairs (LARA) Director Steve Arwood today warns Michigan corporations of a non-governmental entity called "Corporate Records Service" trying to collect a $125 fee to prepare corporate meeting minutes. The misleading compliance solicitation implies that Michigan requires corporations and limited liability companies to complete an Annual Minutes Form and is designed to look like an official document, but it is not.
"Michigan corporations are not required by law to file annual meeting minutes with LARA's Corporations Division," said Arwood. "Our corporation customers should disregard these deceptive notices as they are not from the State of Michigan."
Michigan businesses are receiving an official-looking form called the "2013 Annual Minutes Form." (See the attached sample document.) The form implies that the recipient is obligated to complete and return it with a fee payment for the preparation of corporate meeting minutes. The accompanying instructions for completing the form list a return address at 5859 West Saginaw Highway, #343, Lansing, MI, 48917-2460. In September 2012, LARA warned of a similar scam requesting $125 that involved a company with a similar name located at the same street address in Lansing.
"Unfortunately, these misleading mailings offering assistance for non-required services continue to go out and create confusion," Arwood said. "To clarify, Michigan corporations are legally required to file annual reports or annual statements (not annual minutes) and may do so online directly to the State of Michigan."
Michigan appears to be the latest state where corporations are being targeted to file annual minutes for a fee. Similar solicitation mailings have occurred in several other states including California, Colorado, Florida, Georgia, Indiana, Illinois, Massachusetts, and Texas where corporations have been victimized by such scams. These entities operate under identical or similar names and request payment fees ranging from $125, $150, $175 to $239 for the completion and submittal of an annual minutes statement.
The phony letters can look authentic. They may be addressed to the corporation, the resident agent, director or officers; cite a Michigan statute or a federal statute; and may appear to be issued by the Michigan Department of Licensing and Regulatory Affairs, Corporations, Securities, and Commercial Licensing Bureau, Corporations Division. If such notices are received, they are to be disregarded because they are neither issued by LARA nor any governmental agency.
Any Michigan corporation that receives a notice to have annual meeting minutes prepared and pay a fee to avoid dissolution of their corporation are advised to do the following:
Keep the notice, mailing envelope, and return envelope.
Contact the United States Postal Inspections Service to report mail fraud at: (877) 876-2455 or http://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx
Or contact the Michigan Office of the Attorney General at P.O. Box 30212, Lansing, MI 48909.
Legitimate notices and mailings to Michigan corporations are issued from LARA's Corporations Division and are mailed to the resident agent at the registered office address on record. When receiving any official-looking document, please review carefully and read the small print. If you are not sure, please contact the LARA Corporations Division at (517) 241-6470.
Customers with questions about their corporation, limited liability company or limited partnership are encouraged to use the Business Entity Search at www.michigan.gov/entitysearch to check their status. If an annual report or statement needs to be filed, customers may file online using www.michigan.gov/fileonline. Additional information is available on the Corporations Division website at www.michigan.gov/corporations or by calling the Corporations Division at (517) 241-6470.
For more information about LARA, please visit www.michigan.gov/lara
8/29/2013 - A GREAT EXAMPLE OF A COMMUNITY BANKER MAKING A DIFFERENCE
2013 | www.cbofm.org | Issue 6
Bill Broucek, Founder of Ann Arbor State Bank and Bank of Ann Arbor,
Named Best of Community Banking Award Winner for 2013. (Pictured on the right)
Judi Sullivan, President and CEO of Community Bankers of Michigan (CBM), has announced that Bill Broucek, founder and current executive chairman of Ann Arbor State Bank, will receive the Best of Community Banking Award for 2013.
“For 55 years, Bill Broucek has represented what is the best about community banking in Michigan,”Sullivan says. “Bill is a wonderful example of how a community banker can make a difference for customers and communities.”
Sullivan says the recognition and presentation of the award is planned during the Community Bankers of Michigan (CBM) Annual Convention and Trade Show, set for September 18-20 at the Grand Traverse Resort, near Traverse City.
“Receiving this award from the Community Bankers of Michigan is a great honor. I am so proud to be a community banker,” Broucek says.
Sullivan points to Broucek’s successful efforts organizing two successful banks in Southeast Michigan. He started Ann Arbor State Bank (AASB) in 2008 and served as its first chairman and CEO. He raised $12 million in capital, when only $10 million was required to get Ann Arbor State Bank up and running. The bank opened at the lowest point of the economic downturn in January 2009. AASB became profitable within the year. The bank now has assets over $190 million and just completed its most profitable quarter. In April 2013 Broucek was named the bank’s Executive Chairman.
In the mid ‘90s Broucek organized and started Bank of Ann Arbor (BOAA). He spearheaded the formation of the bank, writing its business plan, filing required start-up applications with the State of Michigan and FDIC, and raising $6 million in capital. Once he got the go ahead, Broucek guided the hiring of staff, writing policies, and developing products and services.
Bank of Ann Arbor opened in January 1996 and through 2004 Broucek directed the bank’s growth from 15 employees to 100, from one office location to five, with assets over $400 million. When he left in 2004, BOAA capital was $30 million, deposits stood at $350 million, and the bank recorded a $4.5 million profit that year.
“I have enjoyed every minute in the industry and the opportunity to work with many people,” Broucek says. “Community banking is helping people and you do that by listening to what is needed so that you can meet your customer’s needs.”
He believes community banking has a good future because of its long relationship in financing small businesses. “Small businesses are key to building the economy and community banks will continue their historic role keeping small businesses going.”
In addition, Broucek’s career highlights include:
At National Bank of Detroit from August 1958 to March 1967, he was a commercial lending officer in the Michigan Division and the International Division’s first International Lender in 1964.
At Ann Arbor Trust Company (now Key Bank) from March 1967 to January 1974, Broucek was Senior Vice President in charge of the Corporate Department. He then was responsible for filing the application with the State of Michigan FIB (now DIFS) and the FDIC that led to the conversion of Trust Charter to a Bank Charter, in August 1974. He then headed the bank division until 1987 when the bank was sold to Trust Corp. of Toledo, Ohio. At the time of the sale, the bank’s assets totaled approximately $550 million.
The complete article can be read or printed online at https://www.cbofm.org/document/docWindow.cfm?fuseaction=document.viewDocument&documentid=1048&documentFormatId=1088.
8/1/2013 - Ackk — My Email’s Been Hacked
by Amy Hebert
Consumer Education Specialist, FTC y Email’s Been Hacked
Friends and family are getting emails or messages you didn’t send. Or your social media accounts have posts you didn’t make. What can you do when it looks like someone’s taken over your account? Here are the steps you can follow if you get hacked (for details, read Hacked Email):
1. Update your system and delete any malware
2. Change your passwords
3. Check the advice your email provider or social networking site has about restoring your account
4. Check your account settings
5. Tell your friends
Haven’t been hacked yet? Steps you can take to lessen your chances of getting hacked include using unique passwords — and safeguarding them — only clicking on links or opening attachments in emails when you know who sent them and what they are, downloading free software only from sites you know and trust, and not treating public computers like your personal computer.
And last but not least — help your friends and family avoid getting hacked, or recover from a hack, by sending them the FTC’s Hacked Email article.
The complete article can be read or printed online at http://www.consumer.ftc.gov/blog/ackk-my-emails-been-hacked.
7/29/2013 - Citadel Malware Continues to Deliver Reveton Ransomware in Attempts to Extort Money
Prepared By the Internet Crime Complaint Center (IC3)
The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) and the Department of Homeland Security (DHS) have recently received complaints regarding a ransomware campaign using the name of the DHS to extort money from unsuspecting victims.
In May 2012, the IC3 posted an alert about the Citadel malware platform used to deliver ransomware known as Reveton. The ransomware directs victims to a download website, at which time it is installed on their computers. Ransomware is used to intimidate victims into paying a fine to “unlock” their computers. The ransomware has been called “FBI Ransomware” because it frequently uses the FBI’s name including the names of FBI programs such as InfraGard and IC3. Similar ransomware campaigns have used the names of other law enforcement agencies such as the DHS.
As in other variations, the ransomware using the name of the DHS produces a warning that accuses victims of violating various U.S. laws and locks their computers. To unlock their computers and avoid legal issues, victims are told they must pay a $300 fine via a prepaid money card.
This is not a legitimate communication from law enforcement, but rather is an attempt to extort money from the victim. If you have received this or something similar, do not follow the instructions in the warning and do not attempt to pay the fine.
It is suggested that you;
•Contact a reputable computer expert to assist with removing the malware.
•File a complaint at www.IC3.gov.
•Keep operating systems and legitimate antivirus and antispyware software updated.
The complete article can be read or printed online at Website:http://www.ic3.gov/media/2013/130729.aspx
7/18/2013 - RANSOMWARE PURPORTING TO BE FROM THE FBI IS TARGETING OS X MAC USERS
Prepared By the Internet Crime Complaint Center (IC3)
In May 2012, the Internet Crime Complaint Center posted an alert about the Citadel malware platform used to deliver ransomware known as Reveton. The ransomware directs victims to a drive-by download website, at which time it is installed on their computers. Ransomware is used to intimidate victims into paying a fine to “unlock” their computers. Paying the fine does nothing to solve the problem with the computer; do not follow the ransomware instructions. The ransomware has been called “FBI Ransomware” because it uses the FBI’s name.
The ransomware is pushed to victims’ computers when they browse common websites, specifically when they query popular search terms. Once the web browser is exploited, the victims’ computer displays a pop-up warning that appears to be from the FBI. Cyber criminals use “FBI.gov” within the URL to make the warning appear more legitimate.
Malwarebytes Unpacked – Jerome Segura
As the FBI saw in 2012, the warning accuses victims of violating various U.S. laws and locks their computer. To unlock the computer and avoid legal issues, victims are told they must pay a $300 fine via a prepaid money card. Attempts to close the warning page results in additional messages that reappear each time victims try to close their web browser.
The simplest way to remove the ransomware’s iframes is by clicking on the Safari menu and choosing “reset Safari,” make sure all check boxes are selected, or hold down the Shift key while relaunching Safari. This will prevent Safari from reopening windows and tabs from the previous session. Victims can also disable the reopening feature across OS X from the General pane of System Preferences.
Ransomware messages are an attempt to extort money. If you have received a ransomware message do not follow payment instructions and file a complaint at http://www.ic3.gov/
The complete article can be read or printed online at Website: http://www.ic3.gov/media/2013/130718-2.aspx
7/2/2013 - FBI Warns of Spear-Phishing Attacks
Mobility Linked to Uptick in Targeted E-mails
By Tracy Kitten
Spear-phishing attacks are up, and they are targeting individuals across all industries, according to a new warning issued by the U.S. Federal Bureau of Investigation.
And the uptick is at least partially linked to increasing use of mobile devices for e-mail access and online browsing, say financial fraud experts. Mobile communication poses new challenges for authentication and subsequent fraud prevention, says Aite consultant Shirley Inscoe.
"Out of band authentication is very effective," Inscoe says. "But as more people are using smart devices to initiate transactions, the device is no longer out-of-band to authenticate the customer. In other words, if I initiate a transfer from my iPhone, calling my iPhone is in-band, not out-of-band, to authenticate the transaction. This is an issue bankers are really struggling with currently."
In its latest warning, the FBI's Internet Crime Complaint Center points out that incidents of spear phishing - targeted phishing attacks - are increasingly taking aim at employees with administrative rights and access to access critical systems. This is a trend BankInfoSecurity confirms in preliminary results collected for its 2013 Faces of Fraud Survey. When asked how the number of phishing attacks aimed at employees had changed in the past 12 months, 45 percent of respondents note the attacks have increased.
In its release, the FBI points out that these attacks also are targeting consumers, by relying on personal information collected about these users from public posts on social media sites and blogs, as well as with data collected from other breaches, to make the fraudulent e-mails appear legitimate. They ultimately convince consumers to click links that take them to spoofed sites containing malware or to provide logins and passwords that allow the attackers to compromise online banking accounts, the FBI warns.
Experts say the best protection includes layers of security and the adoption of e-mail authentication strategies, such as DMARC - the Domain-based Message Authentication, Reporting and Conformance initiative. But even with these protections, the sophistication of these attacks, coupled with increased mobile usage, puts organizations in a position to assume that at some point their brands will be used for malicious purposes, such as spear phishing.
"In reality, any company with significant intangible assets - software code, very well followed Twitter accounts, financial services companies, etc. - is vulnerable to this type of attack," says Bob Pratt, vice president of product management for online security provider Agari.
The FBI's IC3 says spear-phishing attacks are targeting multiple industries, and that the end goal is to steal IP or compromise banking credentials. "Cyber-criminals target victims because of their involvement in an industry or organization they wish to compromise," the IC3 states. "Recent attacks have convinced victims that software or credentials they use to access specific websites need to be updated. The e-mail contains a link for completing the update."
Jenny Shearer, an FBI spokeswoman, says this latest warning is just one in a series of public notices the IC3 has issued in recent months about the increasing sophistication of spear-phishing attacks. "The FBI has become aware of new variations of spear-phishing attacks and has seen a slight increase in these particular schemes in the past 12 months," she says.
These increases have been noted by the FBI through the number of complaints it receives as well as from information collected during cyber-attack investigations, Shearer adds.
The FBI advises consumers that they will never be asked by their banking institution or merchant to provide usernames and passwords via e-mail, and that if there is doubt about the legitimacy of an e-mail, consumers should directly contact the company purportedly sending the e-mail. The FBI also suggests consumers update their anti-virus software and firewalls, and ensure their Internet browsers have built-in phishing filters as an additional layer of protection.
Spear Phishing: A Challenge to Detect
Online threat researcher Daniel Cohen, who works for security firm RSA, says most spear-phishing e-mails are successfully getting past conventional anti-malware and signature-based tools. "User education to spot potential spear-phishing e-mails can help," he says. "Still, education only goes so far, which is where rapid detection and response plays a very important role."
This is why security teams are more often fighting spear phishing with a combination of techniques and solutions that help to detect anomalous activity, he adds. "Threat intelligence feeds can help security teams with situational awareness of emerging malware or threat activity seen recently in the wild."
Real-time analysis, through the review of big data streams from multiple sources, such as network forensics and endpoint identification tools, can detect anomalies, even if they are faint, Cohen says. Those anomalies often reveal network intrusions that can be traced back to spear phishing, he adds.
Advice for Banks, Others
Security experts say individual adoption of security measures can only go so far. Most professionals and consumers alike are not well advised about their spear-phishing risks, which is why e-mail security initiatives such as DMARC are a better solution, says Agari's Pratt.
Pratt says DMARC adoption has stopped more than 85 percent of the phishing attacks hitting U.S. consumers and 60 percent of these attacks worldwide.
DMARC has made it more difficult for fraudsters to craft phishing e-mails that look legitimate, he says. "You're more likely to fall for a phishing message claiming to come from chase.com than one from jpmorganchaseemail.tv," Pratt says.
But other online security experts have been critical of DMARC. In order to be truly effective, all e-mail providers and hosting companies have to adopt it, says RSA's Cohen. And while many web-based e-mail providers such as Gmail have embraced DMARC, most corporate e-mail accounts using Microsoft Outlook have not, he says. This chasm in DMARC adoption leaves security holes for phishers, Cohen adds.
"Spear phishing is a tactic that is only part of the larger attack which is usually focused on obtaining credentials to gain access to private networks and sensitive information," he explains. "DMARC does not address this, mainly because of limited adoption and deployment on corporate e-mail servers."
This is why, Cohen says, more analytics are needed, to leverage different security and network device data streams. "These attacks are mostly going after corporate credentials in an attempt to get into the organization in order to steal valuable data that can somehow be copied and/or monetized," Cohen says. "Therefore, industries that are rich in sensitive and valuable information such as manufacturing, pharma, technology, healthcare, energy, government and defense are major targets."
Inscoe echoes that point, noting that the best protections, regardless of the industry, include complex device identification with proxy piercing, to address increased mobile-browsing, behavioral analytics, and out-of band authentication.
"Solutions that protect a browser session cannot be penetrated by the malware, and, thus, sessions cannot be taken over by the bad guys," she says. "Behavioral analytics are also highly effective unless the bad guys are very patient and keep activity within the norm for the accountholder they are stealing from."
The complete article can be read or printed online at Website: http://www.bankinfosecurity.com/fbi-warns-spear-phishing-attacks-a-5878
6/25/2013 - Cyber Criminals Continue to Use Spear-Phishing Attacks to Compromise Computer Networks
The FBI has seen an increase in criminals who use spear-phishing attacks to target multiple industry sectors. These attacks allow criminals to access private computer networks. They exploit that access to create fake identities, steal intellectual property, and compromise financial credentials to steal money from victims’ accounts.
In spear-phishing attacks, cyber criminals target victims because of their involvement in an industry or organization they wish to compromise. Often, the e-mails contain accurate information about victims obtained via a previous intrusion, or from data posted on social networking sites, blogs, or other websites. This information adds a veneer of legitimacy to the message, increasing the chances the victims will open the e-mail and respond as directed.
Recent attacks have convinced victims that software or credentials they use to access specific websites needs to be updated. The e-mail contains a link for completing the update. If victims click the link, they are taken to a fraudulent website through which malicious software (malware) harvests details such as the victim’s usernames and passwords, bank account details, credit card numbers, and other personal information. The criminals can also gain access to private networks and cause disruptions, or steal intellectual property and trade secrets.
To avoid becoming a victim, keep in mind that online businesses, including banks and merchants, typically will not ask for personal information, such as usernames and passwords, via e-mail. When in doubt either call the company directly or open your computer’s Internet browser and type the known website’s address. Don’t use the telephone number contained in the e-mail, which is likely to be fraudulent as well.
In general, avoid following links sent in e-mails, especially when the sender is someone you do not know, or appears to be from a business advising that your account information needs updated.
Keep your computer’s anti-virus software and firewalls updated. Many of the latest browsers have a built-in phishing filter that should be enabled for additional protection.
If you believe you may have fallen victim to a spear-phishing attack, file a complaint with the FBI’s Internet Crime Complaint Center, http://www.ic3.gov/
The complete article can be read or printed online at Website: http://www.ic3.gov/media/2013/130625.aspx
6/20/2013 - People & achievements in the greater Ann Arbor area, including Ann Arbor Bancorp, Inc. and United Methodist Retirement Communities
by ANNARBOR.COM STAFF
From new hires and promotions to industry awards, here's a roundup of achievements by businesses and individuals in the greater Ann Arbor area:
Michael A. Schork Jr. has joined Ann Arbor Bancorp Inc., the parent company to Ann Arbor State Bank and Ann Arbor State Advisors, as first vice president. Schork will focus on local businesses with their retirement planning. He is based in the Ann Arbor State Bank building on West William in Ann Arbor.
The complete article can be read or printed online at Website: http://annarbor.com/business-review/people-achievements-in-the-greater-ann-arbor-area-including-ann-arbor-bancorp-inc-and-united-methodi/
6/4/2013 - Going on Vacation?
by Rosario Méndez ttorney, FTC
What does summer mean to you? Barbecues? Darting in and out of splash pads in the park? Vacations with your family and friends? Planning a vacation can be overwhelming. And while there may be options for virtually every budget, there also are lots of pitches made that, frankly, may be a little generous for the situation. “Five star” accommodations may be on a scale of 15; “best location” may be okay for someone else’s priorities but not for yours; “all-inclusive” may be slightly misleading in terms of costs or services. The key to avoiding travel trouble? Ask a lot of questions and don’t commit until you get the answers in detail.
Some tips to get you started:
- Ask about refund and cancellation policies. Get them in writing.
- Speak to a person who is on the property about the details. Get current photos.
- Confirm all the travel arrangements yourself.
- Get details behind vague promises like “five-star” resort or “luxury” cruise.
- Read reviews critically – and evaluate the positives and the negatives.
Before you research travel offers, prepare yourself. Read these trip tips; and for a different take on vacation tips, see Gear Up for A Great Trip.
The complete article can be read or printed online at Website: http://www.consumer.ftc.gov/blog/going-vacation
5/30/2013 - Cyber Criminals Using Photo-Sharing Programs to Compromise Computers
The FBI has seen an increase in cyber criminals who use online photo-sharing programs to perpetrate scams and harm victims’ computers. These criminals advertise vehicles online but will not provide pictures in the advertisement. They will send photos on request. Sometimes the photo is a single file sent as an e-mail attachment, and sometimes the victim receives a link to an online photo gallery.
The photos can/often contain malicious software that infects the victims” computer, directing them to fake websites that look nearly identical to the real site where they originally saw the advertisement. The cyber criminals run all aspects of these fake websites, including “tech support” or “live chat support,” and any “recommended” escrow services. After the victim agrees to purchase the item and makes the payment, the criminals stop responding to correspondence. The victims never receive any merchandise.
The FBI urges consumers to protect themselves when shopping online. Here are a few tips for staying safe:
- Be cautious if you are on an auction site and lose an auction and the seller contacts you later saying the original bidder fell through.
- Make sure websites are secure and authenticated before you purchase an item online. Use only well-known escrow services.
- Research to determine if a car dealership is real and how long it has been in business.
- Be wary if the price for the item you’d like to buy is severely undervalued; if it is, the item is likely fraudulent.
- Scan files before downloading them to your computer.
- Keep your computer software, including the operating system, updated with the latest patches.
- Ensure your anti-virus software and firewalls are current – they can help prevent malware infections.
If you have fallen victim to this type of scam, file a complaint with the Internet Crime Complaint Center, http://www.ic3.gov/.
The complete article can be read or printed online at http://www.ic3.gov/media/2013/130530.aspx.
5/22/2013 - FDIC Consumer Newsletter Features Tips on Banking in a High-Tech World
Other topics include debt collection, branch closings, bank mergers, and buying a CD from a broker
New technology can dramatically change the way that people manage and save money. To help consumers learn more about banking in a high-tech world, the Spring 2013 issue of FDIC Consumer News features practical tips on how to reap the benefits and avoid potential problems. Other timely topics include dealing with debt collectors, finding affordable small loans, thinking about your options after a branch closing or a bank merger, and taking precautions before buying a bank certificate of deposit (CD) from a deposit broker instead of directly from a financial institution.
The latest issue can be read or printed online at www.fdic.gov/consumers/consumer/news/cnspr13.
The FDIC encourages financial institutions, government agencies, consumer organizations, educators, the media and anyone else to help make the tips and information in FDIC Consumer News widely available. The publication may be reprinted in whole or in part without advance permission. Organizations also may link to or mention the FDIC Web site. See the Web site above for more details.
The goal of FDIC Consumer News is to deliver timely, reliable and innovative tips and information about financial matters, free of charge. Current and past issues are online at www.fdic.gov/consumernews.
Please forward this e-mail to anyone else you think would be interested in reading FDIC Consumer News or learning about the FDIC’s other products and services for consumers. Others wishing to subscribe to this free online delivery service should follow instructions posted on the FDIC Web site at www.fdic.gov/about/subscriptions/index.html.
5/21/2013 - “Green Card” Lottery Scams
Consumer Education Specialist, FTC
The results for the 2014 Diversity Visa Lottery are now available at dvlottery.state.gov.
That’s good news for people who are hoping to become “lawful permanent residents” in the US (sometimes referred to as “getting a green card”).
But it’s also a good opportunity for scammers to try to confuse hopeful applicants.
If you’ve entered the diversity visa lottery, don’t be fooled by emails that say you’ve won, or that ask you to send money to claim your spot.
The truth is, the only way to check the status of your application is to visit dvlottery.state.gov. If you get an email or letter from someone telling you that you won, it's a scam.
If your entry is selected, you'll have to pay an application fee to the US Embassy or Consulate Cashier, but only when you go for your scheduled appointment. The US government will never ask you to send money in advance by check, money order, or wire transfer.
If you want to know more about the rules of the diversity visa lottery, check out this video. Link to Watch the Video: http://bcove.me/n9hzjm3e
If you suspect you’ve been contacted by a scam artist, please report your experience to the FTC.
The complete article can be read or printed online at http://www.consumer.ftc.gov/blog/green-card-lottery-scams
5/15/2013 - Innovation & Job News
Ann Arbor State Bank is in the news for adding staff and opening two locations in 2012. Read more...
5/10/2013 - The Affordable Care Act: When Scams Follow the News
The Affordable Care Act is in the news lately. And one thing we’ve learned at the Federal Trade Commission is that scams often follow the news. Natural disaster? Charity scams will follow. Implementation of a major new law affecting millions of people? Scammers will be there.
To cut through some of the clutter in the environment with all the articles and discussion of the Act, here’s one key fact to hold onto that can help spot and avoid scams:
You can’t sign up yet.
Enrollment in the new Health Insurance Marketplace doesn’t start until October 1, 2013. Anyone who claims to be able to sign you up sooner is trying to scam you. Please report them.
We’ve heard from consumers and from other federal agencies that scammers are trying to convince people to act now. Scammers always want to get your money before you have time to stop and think. So remember that date: October 1, 2013. That’s the first time anyone, anywhere can sign up for health insurance through the Health Insurance Marketplace under the Affordable Care Act.
And please: if you see someone trying to enroll people for health insurance under the Act before October 1, 2013, say something. We can only investigate the scams we know about, so every report helps us find and stop the bad guys. Thanks in advance!
The complete article can be read or printed online at http://www.consumer.ftc.gov/blog/affordable-care-act-when-scams-follow-news.
5/2/2013 - UNAUTHORIZED BANK ACCOUNT ACCESS IN THE PAYDAY LOAN SCAM
The payday loan scam involving threats and TDoS attacks was highlighted in the February 21, 2012 Public Service Announcement titled “New Variation On Telephone Collection Scam Related To Delinquent PayDay Loans” and in the January 7, 2013 IC3 Scam Alerts.
Based on IC3 complaint information, it appears the tactics used by the subjects continue to evolve. Information revealed subjects are now making unauthorized deposits for payday loans into victims’ bank accounts. The proceeds range from $200 to $300. After the initial deposit, victims reported unauthorized withdrawals every two weeks in increments between $60 and $90. The withdrawals are applied to accrued interest only, making it impossible to pay the loan in full. Victims reported all efforts to return the unwanted loan proceeds or pay the loan in full were unsuccessful. Some reported closing their bank account and holding the loan proceeds to prevent further fraud to their account. It has yet to be determined how the subjects are obtaining the victims’ bank account information, because some of the victims claim they have never applied for a payday loan.
The complete article can be read or printed online at http://www.ic3.gov/media/2013/130502.aspx.
5/2/2013 - FAKE EMAILS FROM HSBC WITH ATTACHED PAYMENT_ADVICE.ZIP CONTAINS TROJAN
MX Lab featured the following article on March 27, 2013
MX Lab, started to intercept a new trojan distribution campaign by email with the subject “Payment Advice – Advice Ref:[B32454525694]“. Please note that the numbers used in the subject and mail from may vary. The email is sent from the spoofed address “firstname.lastname@example.org ” and has the following body:
Upon your request, attached please find payment e-Advice for your reference. Yours faithfully,HSBC
We maintain strict security standards and procedures to prevent unauthorised access to information about you. HSBC will never contact you by e-mail or otherwise to ask you to validate prsonal information such as your user ID, password, or account numbers. If you receive such a request, please call our Direct Financial Services hotline. Please do not reply to this e-mail. Should you wish to contact us, please send your e-mail to email@example.com and we will respond to you. Note: it is important that you do not provide your account or credit card numbers, or convey any confidential information or banking instructions, in your reply mail. Copyright. The Hongkong and Shanghai Banking Corporation Limited 2005. All rights reserved.
The attached ZIP file has the name Payment_Advice.zip and contains the 96 kB large file Payment_Advice.exe.
The trojan is known as W32/Trojan.IWRE-9169, PWS.Win32.Fareit.AMN (A), W32/Yakes.B!tr, Trojan.Agent.RVGen5.
At the time of writing, 11 of the 46 AV engines did detect the trojan at Virus Total. Virus Total and SHA256:
The complete article can be read or printed online at http://www.ic3.gov/media/2013/130502.aspx.
4/25/2013 - BEWARE OF POSSIBLE FRAUD ASSOCIATED WITH THE BOSTON MARATHON EXPLOSIONS
The FBI reminds the public there is the potential for fraud in the aftermath of the Boston Marathon bombings. The FBI’s Internet Crime Complaint Center has received indications that individuals may be using e-mail and social networking sites to facilitate fraudulent activities.
The FBI is aware of a spam e-mail with the subject line "Boston Marathon Explosion" and similarly themed messages being circulated to lure potential victims to malicious software and exploits. Spam e-mails and Web sites to which they are linked use a wide variety of deceptions to trick a user into taking actions that put the user’s computer at risk for infection. Common techniques include links to compromised Web sites and pop-up messages prompting users to download software to view pictures, videos or other files.
Social media is another avenue criminals use to solicit donations. The FBI is aware that an account on a popular social media service using the Boston Marathon name and official logo was created soon after the explosions. Communications from the account represented that $1 would be donated to the Boston Marathon victims for every communication other users sent to the account. Though the account was suspended by the social media service, others may use similar methods to commit fraud.
The FBI is also aware of numerous questionable domains registered within hours of the Boston Marathon explosions. Though the intentions of the registrants are unknown, domains have emerged following other disasters for fraudulent purposes.
Individuals should always exercise reasonable caution and vigilance when using e-mail and social networking Web sites. Based on experiences from previous times of tragedy, it is reasonable to believe that criminals will continue to exploit such events to solicit fraudulent donations, to obtain victims’ personally identifiable information (PII), and to further other illegal activities.
Individuals can limit exposure to cyber criminals by taking the following preventative actions when using email and social networking Web sites:
- Do not agree to download software to view content. Messages may contain pictures, videos, and other attachments designed to infect your computer with malware.
- Do not follow a link you receive via e-mail to go to a website. Links appearing as legitimate sites (example: fbi.gov), could be hyperlinked to direct victims to another website when clicked. These sites may be designed to infect your computer with malware or solicit personal information.
Verify the existence and legitimacy of organizations by conducting research and visiting official websites. Be skeptical of charity names similar to but not exactly the same as reputable charities.
- Do not allow others to make donations on your behalf. Donation-themed messages may also contain links to websites designed to solicit personal information, which can be routed to a cyber criminal.
- Make donations securely by using a debit/credit card or write a check made out to the specific charity. Be wary of making donations via money transfer services; legitimate charities do not normally solicit donations using this method of payment.
If you believe you have been the victim of fraud by someone soliciting funds on behalf of disaster victims or want to report suspicious e-mail solicitations or fraudulent Web sites, please file a complaint with the FBI’s Internet Crime Complaint Center, http://www.ic3.gov/
The complete article can be read or printed online at http://www.ic3.gov/media/2013/130425.aspx.
4/24/2013 - Protect Your Computer from Malware (Video)
Malware is short for “malicious software." It includes viruses and spyware that get installed on your computer or mobile device without your consent. These programs can cause your device to crash and can be used to monitor and control your online activity. Learn more about how to avoid, detect, and get rid of malware.
Would it surprise you to learn that millions of computers in the US are infected with malware? That's a lot of computers. So what's malware, and why should you care?
Malware, short for malicious software, includes viruses and spyware that get installed on your computer or mobile device without you knowing it. Criminals use malware to steal personal information and commit fraud. For example, they may use malware to steal the login information for your online accounts or to hijack your computer and use it to send spam. An infected computer can lead to serious problems, like identity theft.
The good news, there's a lot you can do to protect yourself and your computer. One of the most important steps you can take, install security software from a reliable company and set it to update automatically. The bad guys constantly develop new ways to attack your computer, so your software must be up to date to work.
Set your operating system and your web browser to update automatically too. If you're not sure how, use the help function and search for automatic updates. Don't buy security software in response to unexpected calls or messages, especially if they say they scanned your computer and found malware. Scammers send messages like these to trick you into buying worthless software, or worse, downloading malware.
What else can you do? Use a pop up blocker, and don't click on links and popups. Don't click on links or open attachments in emails unless you know what they are, even if the emails seem to be from friends or family.
Download software only from websites you know and trust. Free stuff may sound appealing, but free downloads can hide malware. Make sure your web browser's security setting is high enough to detect unauthorized downloads. For example, use at least the medium security setting.
Even if you take precautions, malware can find its way onto your computer. So be on the lookout for these signs. Your computer runs slowly, drains its battery quickly, displays unexpected errors or crashes, it won't shutdown or restart, it serves a lot of popups, takes you to web pages you didn't visit, changes your home page, or creates new icons or toolbars without your permission.
If you suspect malware, stop doing things that require passwords or personal info, such as online shopping or banking. Use a different computer, maybe one at work or at your local library, to change your passwords. Update your security software and run a system scan. Delete files it flags as malware.
If you can't fix the problem on your own, get help from a professional. Your computer manufacturer or internet service provider may offer free tech support. If not, contact a company or retail store that provides tech support.
Keep in mind, the most important thing you can do to prevent malware is to keep your computer software up to date. And remember, it's easy to find trusted information about computer security. Just visit onguardonline.gov, the federal government site to help you stay safe, secure, and responsible online.
The Video & Source: http://www.onguardonline.gov/media/video-0056-protect-your-computer-malware
4/22/2013 - Fraud Affects 25 Million People: Recognize Anyone You Know?
The FTC is always working to know more about the types of fraud being committed and who spends money on them. Consumers provide us with useful information through periodic surveys that ask them to share the important details about their recent marketplace experiences and a bit about themselves.
Last year, we asked people about their experiences with 17 types of fraud, and learned that nearly 11 percent of U.S. adults, or an estimated 25.6 million people, had paid for fraudulent products and services in 2011. The most-reported frauds involved weight loss products, prize promotions, unauthorized billing for buyer’s clubs or internet services, and work at home programs.
We learned that how people get product information and choose to pay relates to the likelihood they’ve been defrauded. People who made a first time purchase by internet or telephone after getting a telemarketing call, watching a TV ad or infomercial, or opening a spam email, were three times as likely to be victims of at least one fraud as people who didn’t buy in those circumstances.
Those who’d faced a serious negative life event — such as divorce, death of a family member or close friend, serious injury or illness in the family, or job loss — in the two years prior to the survey experienced more fraud than people who hadn’t. They experienced nearly four times as much debt-related fraud, three times as many fraudulent prize promotions, and twice as much fraud in general.
Fewer than one in ten (9 percent) of non-Hispanic whites experienced at least one fraud. Among Hispanics, 13 percent experienced at least one fraud; among African Americans 17 did. People age 45-54 were more likely than others — from age 18 to 75+, to spend money on a fraudulent product or service.
The complete article can be read or printed online at http://www.consumer.ftc.gov/blog/fraud-affects-25-million-people-recognize-anyone-you-know
4/2/2013 - Infographic: How Criminals Guess Your PIN
Forget the security issues surrounding the ecosystem surrounding the nascent epayment economy for a minute. There’s a bigger problem – and it’s as obvious as your Personal Identification Number, or PIN.
Odds are you’ve used a four-digit PIN a lot. And that means a field day for criminals. Plain and simple, as the infographic below demonstrates, most folks don’t care or don’t bother to set up a four-digit PIN that’s difficult to guess after about 20 tries.
Try this on for size. According to a study of 3.4 million PINs by Data Genetics, nearly 27 percent of PINs could be guessed at correctly after just 20 tries. That isn’t just because popular pins like 1234 and 8888 reign – the most popular 1234 PIN accounted for 10 percent of the exposed PINs it studied. It’s also because, with four digits, there are only 10,000 possible combinations. Couple the two and you’ve got a situation that stands to expose an awful amount of people to a whole lot of felony theft — all over a PIN.
What to do? Check out the infographic and make sure your PIN isn’t among the most popular. Never write yours down. Change it frequently. And don’t be lazy about it. PIN theft is booming, for sure. But it takes two – you and the PIN thief working in concert – to tango.
The complete article can be read or printed online at http://www.techpageone.com/technology/with-holiday-shopping-well-upon-us-criminals-celebrate-too-are-they-using-your-pin-to-do-it-heres-a-great-infographic-with-facts-and-analysis-around-the-question-of-how-safe-your-pin-is-reall/
3/27/2013 - ANN ARBOR: PACE program helping to finance energy projects in local businesses
Five area businesses will soon kick off projects that will help reduce energy expenses and boost property values, thanks to Ann Arbor’s Property Assessed Clean Energy (PACE) program.
Energy-efficient lighting, high-efficiency heating and cooling systems, upgraded cooking equipment, roof and wall insulation, and solar shingles are just some of the projects that will receive financing through the first PACE program to launch in Michigan.
PACE financing, which is made available through the sale of a bond and repaid by property owners through annual special assessments, features long-term, low, fixed interest rates.
“PACE is a direct $560,000 investment in the local economy that will result in annual energy savings for local businesses of more than $56,000,” Mayor John Hieftje said. “The annual electricity and natural gas savings of the first five PACE projects will be equivalent to the electricity used by more than 50 homes in a year. Our city’s Climate Action Plan calls for reducing greenhouse gas emissions 8 percent from 2000 levels by 2015, and these projects – and others like them – are an important part of helping Ann Arbor reach its sustainability goals.”
The Ann Arbor City Council authorized the sale of PACE bonds during its Feb. 19 meeting. The first bond sale was completed with Ann Arbor State Bank, which had been awarded the bond during a Request for Quotes process that opened in January.
With this successful sale, the City of Ann Arbor is the first Michigan municipality to sell PACE bonds, joining dozens of municipal governments across the country in taking advantage of this financial tool to improve energy efficiency.
Proceeds from the sale of the PACE bond, estimated to be approximately $560,000, will be assigned to owners of five commercial properties within the city that have completed a thorough eligibility and application process in order to participate in the program. These properties include: Arrowwood Hills Cooperative Housing, Big Boy Restaurant, Bivouac, Goodyear Building, and Kerrytown Market & Shops.
Energy project work, which ranges in size from $16,000 to $245,000, is expected to begin immediately and be completed within 90 days. While the property owners are entering into financing reservation agreements with the city now, the funds will not be disbursed until energy projects are completed and inspected.
Property owners will repay PACE assessments annually, beginning in June 2014. As determined by the terms of the bond sale, property owners have 10 years to repay assessments at 4.75 percent interest.
“Besides the immediate impact of employing area contractors and energy experts, PACE will have a lasting benefit in the years to come,” said Peter Schork, president of Ann Arbor State Bank. “We anticipate that property values will increase with these investments, utility expenses will decrease, and the improved, energy-efficient properties become an asset for the entire community.”
In 2010, with the assistance of local state lawmakers Senator Rebekah Warren and Representative Jeff Irwin, the State of Michigan enacted the Property Assessed Clean Energy Act (Public Act 270 of 2010), enabling local governments to create special assessment districts to offer financing to commercial and industrial property owners for eligible energy efficiency improvements and renewable energy systems.
Under Ann Arbor’s program, interested property owners completed a thorough application process to ensure their properties complied with eligibility requirements regarding project size, scope, and payback period; property value; and debt ratios. Energy assessments were also performed on the properties to identify project and savings opportunities.
The Ann Arbor PACE program was developed and administered through a partnership between the city and Clean Energy Coalition. Funding for program development was made possible by the U.S. Department of Energy’s Energy Efficiency and Conservation Block Grant Program, through the American Recovery and Reinvestment Act. For information about PACE, visit a2energy.org/PACE.
The complete article can be read or printed online at http://www.heritage.com/articles/2013/03/27/ann_arbor_journal/news/doc51530c13204f0083393734.txt?viewmode=fullstory
3/27/2013 - Smartphone hacking comes of age, hitting US victims
Security researchers at Symantec warn that the next target for hackers will be your mobile device. NBC News' Bob Sullivan gets a demonstration of just how easy it is to hack a phone.
Not for long.
Criminals have been probing the systems that protect U.S. smartphone users for years, searching for the right combination of programming tricks and social engineering that would allow them to sneak onto users' phones. Recently, one hacker group hit the jackpot.
They took a year-old mobile virus named NotCompatible, which allows hackers to take complete control of a phone, and posted the malicious code on websites. Then they sent out enticing spam emails with links to the booby-trapped sites. The emails were all the more tempting because they appeared to come from friends or others on the recipients’ contact list. Victims who clicked on the link from their phones and downloaded the file surrendered control of their Android phones to the criminals. Security firm Lookout says 10,000 customers per day are still being tricked to click on the bogus link and landing on the booby-trapped pages, and virtually all of them are in the U.S.
Tim Strazzere, Lookout’s lead research and response engineer, said the sudden "staggering increase" in detection of the of the NotCompatible, which initially appeared one year ago, shows that the marriage of spam and mobile malware might be a recipe for real trouble.
"This Android malware is unique," he said. "It's exactly the same scheme and end game as before, but it's just being circulated through different means. And it's working."
U.S. smartphone users have been spared much grief from mobile malware so far for a variety of reasons. Chief among them: Most users get their apps from a centralized and safe source. Apple keeps tight controls on its App Store, so malware writers are largely ignoring that platform. And while Google's Play Store for Android is not as tightly controlled, criminals haven't had much luck sneaking infected software onto that platform, either. That leaves hackers with time-consuming, clumsy methods, such as tricking users to visit a rogue website and electing to install an app.
Android attackers in other parts of the world have an easier time. In China, for example, it's hard to access Google's Play store, so consumers often get their apps from websites. That means rogue apps on random websites raise less suspicion.
But Strazzere warns that the criminals behind NotCompatible have found a way to make U.S. users almost as vulnerable as those in Asia – a direct email invitation from a friend to install what turns out to be a bogus app.
Those who might dismiss this scenario should beware: Last month, when a report by Mandiant Corp. alleged that hundreds of U.S. companies had been hacked by an arm of the Chinese military, the initial method of attack was almost the same -- a "spear-phishing" email that appears to come from a co-worker or friend, sent to entice the recipient into clicking on a virus-laden link.
Smartphone users might fear that a criminal with access to their devices might destroy all their data, "brick" the phone or prank call all their contacts. But the real nightmare from a hacked phone is much more subtle, and can be much more expensive, than having to replace a phone.
Vikram Thakur, a researcher at Symantec Corp., studied one mobile phone hacker who turned compromised devices into an estimated $1 million annually.
“We found a mobile phone botnet, which had … maybe 200,000 cellphones which were compromised and in control of just this one person," he said. "(He) was able to send text messages, make these phones view videos, which were in turn giving him money; and he was doing so about 25,000 times a day."
Cellphone hackers don't do anything to call attention to themselves. Instead, their programs are designed to run in complete silence, in the background. And they cover their tracks. There's no log of calls placed to dicey overseas numbers, no evidence of text messages sent that can run up a monthly bill.
“Your phone bill might have extra data usage toward the end of the month,” Strazzere said. "That might be the only way you'd know." Hackers around the world have clearly trained their attention on the fertile ground of phone hacking. Kaspersky Labs, another security firm, says there has been "explosive growth," and offers numbers to back that up. In January 2011, it counted only eight new malicious mobile malware programs. At the end of 2012, it counted 6,300 such programs monthly.
Nearly all of that activity has until now targeted overseas users, sometimes with devastating results. A program aptly named "BillShocker" by researchers infected 620,000 users earlier this year, mostly in China, and ran up hefty bills through premium text message services.
Mobile malware writers are also developing hybrid threats designed to counterattack online banking security systems. In one sophisticated attack, criminals hacked both a victim's computer and cellphone, then lurked until an online banking transaction was initiated on the PC. When the bank sent a so-called "out of band" text message as a security confirmation, the criminals intercepted them and approved the transactions. A malicious program named Eurograbber is blamed for stealing $47 million from 30,000 bank accounts this way, according to a report by security firm F-Secure.
Those victims were in Europe, but now there are other indications that mobile hackers are circling the waters, aggressively looking for more ways into the U.S. market.
Computer security expert Brian Krebs reported earlier this month on his blog that criminals are selling authorized Google Play developer accounts on underground bulletin boards. A developer account would theoretically give a criminal the ability to post rogue software onto the Google Play store.
NotCompatible is a little less ambitious. Its main goal is to control a smartphone and turn it into a "proxy" device for overseas criminals, so they could pretend they were ordering expensive merchandise from within the U.S. Because many online sellers use geographic location to filter out fraud, and many trust cellphone location information, a hacked phone can be a perfect tool for foiling fraud-fighting software.
"Companies block transactions when someone in Romania is trying to buy concert tickets in the U.S., for example," said Strazzere. "NotCompatible allows them to hide where they are coming from ... gives them a little more mobility based on where they want to come from. With a hacked cell phone, they will look like they are where the endpoint is."
Strazzere sees the blended threat – part virus, part spam – as ushering a new style of cellphone attacks, just as such blended threats gave hackers the upper hand in the personal computer world during the last decade.
“This shows the progression of malware authors and what they are doing to experiment,” he said. It also shows impressive coordination in attacks. “It’s still a new space for them. But they are figuring things out.”
The complete article can be read or printed online at http://redtape.nbcnews.com/_news/2013/03/21/17390282-smartphone-hacking-comes-of-age-hitting-us-victims?lite&ocid=msnhp&pos=1ims .
3/12/2013 - Beware of Bogus IRS Emails
In reality, it's a scam known as "phishing," attempting to trick you into revealing your personal and financial information. The criminals then use this information to commit identity theft or steal your money.
The IRS has this advice for anyone who receives an email claiming to be from the IRS or directing you to an IRS site:
•Do not reply to the message
•Do not open any attachments. Attachments may contain malicious code that will infect your computer
•Do not click on any links in a suspicious email or phishing website and do not enter confidential information. Visit the IRS website and click on 'Identity Theft' at the bottom of the page for more information
Here are five other key points the IRS wants you to know about phishing scams.
1. The IRS does not initiate contact with taxpayers by email or social media channels to request personal or financial information
2. The IRS never asks for detailed personal and financial information like PIN numbers, passwords or similar secret access information for credit card, bank or other financial accounts;
3. The address of the official IRS website is www.irs.gov. Do not be misled by sites claiming to be the IRS but ending in .com, .net, .org or anything other than .gov. If you discover a website that claims to be the IRS but you suspect it is bogus, do not provide any personal information on their site and report it to the IRS
4. If you receive a phone call, fax or letter in the mail from an individual claiming to be from the IRS but you suspect they are not an IRS employee, contact the IRS at 1-800-829-1040 to determine if the IRS has a legitimate need to contact you. Report any bogus correspondence. Forward a suspicious email to firstname.lastname@example.org
5. You can help the IRS and other law enforcement agencies shut down these schemes. Visit the IRS.gov website to get details on how to report scams and helpful resources if you are the victim of a scam. Click on "Reporting Phishing" at the bottom of the page.
The complete article can be read or printed online at http://www.bizactions.com/n.cfm/page/e105/key/224941095G242J4397360P0P10235243T0/
Winter 2012/2013 – Ann Arbor State Bank is pleased to announce that our Board of Directors approved the promotion of six of our employees in recognition of their hard work and commitment to the success of the Bank.
Congratulations are in order for the following staff:
Jeremy Shaffer promoted to Vice President.
Kimberly Pearsall, Michelle Vesey, Jason Robinson, Nicole Mourning and Craig Orndorf promoted to Assistant Vice President.
3/6/2013 - Jackson Company Line: Nicole Mourning receives promotion at Ann Arbor State Bank!
2/14/2013 - Scheduled Website Maintenance for 2-18-2013
Our website www.a2sb.com will be down from approximately 9AM - 1PM on Monday, February 18th for maintenance but you will still have access to online banking by using this link. Please save this link if you know that you will need access to your online banking on Monday. We apologize for this inconvenience and thank you for both your patience and understanding.
2/6/2013 Washtenaw County Sheriff's Office has released an advisory for a Credit Card Scam Warning:
Be wary of those who come bearing gifts. The most recent credit card scam works like this:
A phone call from someone who says that he is from some outfit called: "Express Couriers" asking if someone was going to be home because there is a package, and the caller says that the delivery would arrive at your home in roughly an hour. And sure enough, about an hour later, a delivery man turns up with a beautiful basket of flowers and wine. What a surprise for you (especially if there is no special occasion or holiday), and no-one certainly expects anything like that! Intrigued you ask who the sender is. The deliveryman's reply was, he is only delivering the gift package, but allegedly a card is being sent separately; (the card never arrives). There is also an official looking ‘consignment’ note with the gift. He now goes on to explain that because the gift contains alcohol, there is a $3.50 ‘delivery charge’ as proof that he had actually delivered the package to an adult, and not just left it on the doorstep to just be stolen or taken by anyone. Sounds logical doesn’t it? You offer to pay cash but he tells you that the company requires the payment to be by credit or debit card only, so that no ‘cash’ is exchanged and everything is properly accounted for. You take out your (or your husbands) credit/debit card and the "delivery man" asks you to swipe the card on the small mobile card machine which has a small screen and keypad where you now enter the card's PIN and security number. A receipt is printed out and given to you.
Next week you will find that money has been charged/withdrawn from your credit/debit account at various ATM machines all over the country. It appears that the "mobile credit card machine" which the deliveryman carried now has all the info necessary to create a "dummy" card with all your card details, after you have swiped the card and entered the requested PIN and security number.
Please be aware of this most recent scam and share this information with your family, friends, and neighbors. Any suspect description or suspect vehicle information should be reported to your local police agency.
1/22/2013 - Skype Users change your Privacy Settings to only allow calls from people you have added to your contact list.
Skype users change your Privacy Settings to only allow calls from people you have added to your contact list.
It's easy to learn more about managing your privacy settings in Skype for Windows. The complete article can be read or printed online at
1/7/2013 - Most Popular 2012 Passwords Revealed
SplashData.com recently published the following information regarding the most popular 2012 passwords on the web. The ranking was based on password information from compromised accounts posted by hackers online. The article was also featured on blogs.avg.com. This year, the list is back! So it's time to see how, if at all, users have learned their lessons about what makes a strong password. The complete article can be read or printed online at www.ic3.gov/media/2013/130107.aspx.
12/17/2012 - A2SB Employees Adopt Two Family's
Ann Arbor State Bank Employees were happy to spread the Christmas cheer by sponsoring two family's this Holiday Season. We wanted to give back to the community and make Christmas brighter through the Salvation Army's Adopt-A-Family program.
For more information on adopting a family click on the link below: http://www.usc.salvationarmy.org/usc/www_usc_washtenaw.nsf
11/27/2012 - Poetry Night in Ann Arbor
The Neutral Zone is presenting “Poetry Night in Ann Arbor” with Patricia Smith, Shira Erlichman and Volume Youth Poets.
Please click on the link below for more information on these award winning poets.
The event is Thursday, 11/29/12 at Rackham Auditorium, 915 E Washington at 7:00 p.m.
11/21/2012 - HOLIDAY SHOPPING TIPS
The FBI continues to remind shoppers to be wary of Internet fraud during the holiday shopping season. Scammers use many techniques to deceive potential victims, including creating fraudulent auction sales, reshipping merchandise purchased with a stolen credit card, selling fraudulent or stolen gift cards through auction sites at a discounted price and using phishing e-mails to advertise brand-name merchandise for bargain prices or e-mails to promote the sale of merchandise that is counterfeit.
In advance of the holiday season, the FBI, in partnership with the Merchant Risk Council (MRC), would like shoppers to be informed of the common scams that affect consumers and E-commerce. The MRC is an organization that works to increase networking and information sharing among merchants to better enable members to successfully fight online fraud.
Purchasing any new product or gift card on an auction or classified advertisement site where the price is significantly lower than any sale prices in retail outlets
Many of these sellers, especially for gift cards and tickets, have purchased these items with a stolen credit card. Most likely, the gift card or ticket will be deactivated by the time the recipient uses the card or ticket.
Never provide credit card numbers, bank account information, personally identifiable information or wire money to a person who advertises items on these sites at a too good to be true price. Many times, fraudsters will post a popular item to obtain this information, and the goods will never be mailed, but your card or identity will be used fraudulently later. If you make a purchase from these sites, we encourage you to check a seller’s ratings and feedback to ensure he or she is reputable.
Phishing and scam e-mails, text messages or phone calls
Many times, e-mails, texts or phone calls will look or sound like they are coming from a well-known retailer, stating a need to “verify” the full credit card number you used for a purchase or ask you to click a link to update personal account information. If you receive an e-mail that asks you to click a link to verify information, delete it. Type the retailer’s or financial institution’s website into a browser to log into your account. If the fraudster is insistent, ask him or her to read you the card number first or ask to call back. If it is a legitimate call, the company representative will have no problem with your calling back through the customer service line.
"One Day Only" websites featuring the sale of a "hot item"
During the holiday season, there will be an increase in websites created to sell specific items in high demand. Typically, the cardholders never receive the product, but the credit card information they entered is used for fraudulent purchases. It is important to only make purchases with companies and sellers who have a history and can be identified when searching reviews and ratings.
Postings of popular items for free or drastically reduced prices
There are many gift card offers on social media sites claiming to be from major retailers. These offers are typically used to gain access to consumers’ social media accounts either to log in to other accounts you may have tied to this account or to post illegitimate offers on your behalf. Purchasing an item at a reduced rate based on a posting from someone you do not know can often lead to a credit card compromise or the purchase of a counterfeit item.
"Work from home" offers, to act as a private reshipper, often fronting the shipping costs on behalf of the fraudster
Offers to work from home to reship items to another country or another person often means the goods were purchased with stolen credit cards. Having these goods shipped to your home and sending them to another person could have legal implications. Also, many times the money promised for completing this service is never paid. These scams can sound legitimate at first, so be leery of anyone offering a lot of money for a simple task.
Remember, if an offer seems too good to be true, it probably is. Consumers are urged to be very skeptical of people offering a great deal outside of any established retail business.
Here are some tips you can use to avoid becoming a victim of cyber fraud:
•Do not respond to unsolicited (spam) e-mail.
•Do not click on links contained within an unsolicited e-mail.
•Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Scan the attachments for viruses if possible.
•Avoid filling out forms contained in e-mail messages that ask for personal information.
•Always compare the link in the e-mail to the link you are actually directed to and determine if they actually match and will lead you to a legitimate site.
•Log on directly to the official website for the business identified in the e-mail, instead of “linking” to it from an unsolicited e-mail. If the e-mail appears to be from your bank, credit card issuer, or other company you deal with frequently, your statements or official correspondence from the business will provide the proper contact information.
•Contact the actual business that supposedly sent the e-mail to verify if the e-mail is genuine.
•If you are requested to act quickly or there is an emergency, it may be a scam. Fraudsters create a sense of urgency to get you to act quickly.
•Verify any requests for personal information from any business or financial institution by contacting them using the main contact information.
•Remember if it looks too good to be true, it probably is.
11/8/2012 - The Washtenaw County Cyber Citizenship Coalitoin (WC4) Plans Cyber Security Class
The Washtenaw County Cyber Citizenship Coalition (WC4) is hosting a class on how to protect your business from cyber-attack. “Cyber Security for Business 101” will be led by local cyber security professionals Joe Eastman, Adjunct Faculty at Eastern Michigan University and Jeff Haller, consultant, Information Assurance.
"Understanding how vulnerable you are to attack and what you can do about it today is the first step to protecting your computers and data," says class facilitator Noël Quiton, an Information Assurance Independent Trainer.
A second class will be held on November 12 at the Ann Arbor Chamber of Commerce, 115 West Huron, third floor; the session starts at 9a.m. (Parking at First and Huron)
The classes will cover topics ranging from demonstrations on how easy it is for any business to become a target of a cyber-attack and what it looks like to get hacked, to providing insight on what happens when bad guys get in your system. A question and answer session will follow the discussion. Get information on simple steps you can take to make your computers and data less of a target as well as details about what to do if your business becomes a victim.
Founded in 2009, the mission of WC4 is to raise awareness and provide county residents with the tools and resources to be good cyber citizens. Coalition members include members of local, state and federal agencies who are involved in keeping residents and businesses safe online.
WC4 strives to empower community members through awareness and education to use the Internet and related technology safely and securely.
Participants are encouraged to pre-register.
• For the November 12 class,
For more information, contact:
Ann Arbor Ypsilanti Regional Chamber of Commerce
email@example.com / 734-665-4433
For more information check out WC4’s website at http://washtenawcybercoalition.org
10/24/2012 - 12th Annual Treat Parade in downtown Ann Arbor - Wednesday, October 31, 2012.
Stop by for your *treat at our Main Office and our Residential Lending Department from 11 AM - 5 PM.
Visit the website for participating businesses and other detailed
*Treats while supplies last.
10/15/12 - Credit is a fact of life for most Americans. Yet, the choices people make on how to use their first credit card, or handle their first loan, can change their life for years to come. That's why it's so critical to educate young people on the use of credit. View recommended credit resources http://www.fdic.gov/consumers/consumer/moneysmart/young.html .
10/12/2012 - SMARTPHONE USERS SHOULD BE AWARE OF MALWARE TARGETING MOBILE DEVICES AND SAFETY MEASURES TO HELP AVOID COMPROMISE
The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher. Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user's device. The malicious application steals contact details from the user’s address book and the infected device's phone number.
FinFisher is a spyware capable of taking over the components of a mobile device. When installed the mobile device can be remotely controlled and monitored no matter where the Target is located. FinFisher can be easily transmitted to a Smartphone when the user visits a specific web link or opens a text message masquerading as a system update.
Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.
Visit the website for Safety tips to protect your mobile device. http://www.ic3.gov/media/2012/121012.aspx
9/11/12 - September 17 is Constitution Day! On this day in 1787, all 12 state delegations that attended the Constitution Convention in Philadelphia ratified the new U.S. Constitution.
To help commemorate this important event, and to bring a greater understanding of our unique form of government to students, local lawyers in Ann Arbor are volunteering their time in our middle schools to help explain the Constitution to students in 6th, 7th and 8th grades. Ann Arbor State Bank’s legal counsel, Kevin Corbin, is working with 8th grade students at Forsythe Middle School.
“I appreciate the opportunity to work with other local attorneys to visit our schools and help students better understand our government. Everyone at Ann Arbor State Bank is committed to our community and our schools, and we are all very happy to be able to contribute to this learning experience,” said Kevin Corbin, Ann Arbor State Bank Vice President and General Counsel.
If you have middle school aged children, ask them about their experiences in school on Constitution Day. If you want more information about our Constitution, you can find it here at the United States National Archives website: http://www.archives.gov/exhibits/charters/constitution.html .
8/27/12 - FDIC Consumer Newsletter Features Tips on Getting the Most From a Bank Account. Other topics include managing a mortgage and adding others to accounts. The Summer 2012 issue of FDIC Consumer News features tips on how to choose and effectively use a bank account for routine financial needs. Also in this issue are practical suggestions for navigating the mortgage process -- from before a consumer buys a home through the final loan payment -- and a look at potential risks when adding other people to a deposit or loan account. The latest issue can be read or printed online at www.fdic.gov/consumers/consumer/news/cnsum12.
7/24/12 - With a perfect "0" Texas Ratio, Ann Arbor State Bank was recently listed as one of the top 359 banks in America. Click here to read the whole story at money.msn.com.
2/27/12 - Ann Arbor State Bank is a sponsor of an upcoming Lunch & Learn featuring Alison Davis-Blake, Edward J. Frey Dean of the Ross School of Business, the University of Michigan. The event is Wednesday, March 7, 2012 from 11:30 a.m. to 1:00 p.m. at the Ann Arbor City Club located at 1830 Washtenaw Avenue. The topic is The Future of Business Education. Reservations are required by March 2, 2012. Call 734-662-3279, ext 1 or email firstname.lastname@example.org.
2/7/12 - We continue to see a variety of phishing attempts coming into our email at Ann Arbor State Bank and are sure that our customers are seeing them also. We have found that several entities that experience a lot of phishing attempts have mailboxes where phishing emails can be forwarded to report them. Here is a short list:
For email claiming to be about a cancelled EFT, ACH Payment or wire transfer that appears to be coming from NACHA, forward to: email@example.com
For email claiming to be from the IRS regarding a cancelled EFTPS payment or other tax payment, forward to: firstname.lastname@example.org
For email claiming to be from Paypal regarding a suspended account or problem with an account, forward to: email@example.com
For email claiming to be from Western Union regarding a failed transfer, forward to: firstname.lastname@example.org
For email claiming to be from Intuit for a failed order or expiring accounting credentials, forward to email@example.com
12/15/11 - Ann Arbor State Bank is in the news for our participation in the US Marine Corp's Toys for Tots Program and having a beautiful antique sleigh on display. The bank is displaying a sleigh made in 1889 by the Ann Arbor Carrigage Company. This local company was known it its day for making top of the line carriages and light sleighs. It was a jewel for the City of Ann Arbor providing two vehicles to President Grover Cleveland's adminstration. The display is complete with two reindeer and loads of presents along with a decorated Christmas tree. The public is invited to come to the bank now through December 20th to make a donation to Toys for Tots and view the display of this hidden Ann Arbor Treasure.
11/30/11 - Consumers have important decisions to make when it comes to managing money and saving for their future, particularly in a tough economy when every dollar counts. To help consumers make choices based on practical information from reliable sources, the Fall 2011 issue of FDIC Consumer News offers simple strategies in three areas: saving for retirement, improving credit scores and buying vs. renting a home. In addition, the issue offers new tips and information related to Internet Banking.
Click here to be directed to the FDIC website to read or print the latest issue.
11/28/11 - On December 14, 2011, at 1:00 p.m. Eastern time, Visa will host a free webinar titled "U.S. Small Merchant Data Security and Authentication." This webinar will provide small merchants with an overview of the data security landscape, including potential impacts of new technologies such as chip, point-to-point encryption and tokenization. It will also cover Visa's recent announcement regarding accelerated chip migration in the United States. This one hour event is open to an unlimited number of Visa acquirers and merchants. To register click here.
11/15/11 - Ann Arbor State Bank supports 826michigan a local nonprofit writing and tutoring center in their second annaul festival of student-written one-act plays, "Five Bowls of Oatmeal: The Return of Oatmeal". The event will be held at Rackham Auditorium (913 E. Washington St) at 7:00 p.m. on Thursday, November 17.
10/24/11 - The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC. The e-mail appears to be sent from an "FDIC.gov Alert Service [mailto: firstname.lastname@example.org]" e-mail address and has a subject line that reads: "SA-28-2011: Counterfeit Cashier's Checks Alert".
The e-mail attempts to trick the recipient into clicking on a link directing the recipient to a fraudulent web site. This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided.
The FDIC does not issue unsolicited e-mails to consumers or business account holders.
9/15/11 - After spending nearly three years with the start up Ann Arbor State Bank, Barb Furman is retiring. The employees wish her a happy and enjoyable retirement. She will be greatly missed by both employees and customers.
8/22/11 - Mortgage rates are at historic lows. Now is a great time to call us for a no-cost, no-obligation personal analysis of your current mortgage. Contact us at 734-761-1475.
8/15/11 - Ann Arbor State Bank is proud to support the United Way of Washtenaw County by being a pacesetter company. We recognize how important it is to secure funds to meet the growing demands toward basic needs.
7/31/11 - William Broucek, CEO of Ann Arbor State Bank, has announced that Phil Weiss has recently joined the team as Vice President of Commercial Banking. Mr. Weiss will be specializing in business lending and Government Sponsored Loan Programs, including SBA 504 and 7A Loans, USDA Loan Programs and MEDC Loans.
7/14/11 - The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent emails that have the appearance of being from the FDIC. The emails appear to be sent from various "@fdic.gov" email addresses such as email@example.com, firstname.lastname@example.org or email@example.com.
The messages have various subject lines that read: "Update your banking account" or "ACH and Wire Transfers disabled" and "Banking Security Update".
The fraudulent emails are addressed to "Dear Clients" and state "Your Account ACH and Wire transactions have been temporarily suspended for your Security, due to expiration of your security version". The email requests the recipient to download and install updates by clicking on a link in the message.
The FDIC reminds Financial Institutions, businesses and consumers alike that the FDIC does not directly contact consumers in this manner. Recipients should NOT access the link provided in the email and should NOT, under any circumstances, provide personal financial information through this media.
07/11/11 - The Washtenaw County United Way and Young Leaders Society are hosting an Executive Lunch at the Carlyle Grill on July 26, 2011. Ann Arbor State Bank President, Peter Schork, is on the panel of speakers discussing economic trends in Michigan. Click here to read more.
6/6/11 - Congratulations to our very own Chairman and CEO, Mr. William Broucek! Mr. Broucek was recognized for over 53 years of experience in banking and business by being awarded an Honorary Doctor of Science in Business degree from Cleary University on June 4, 2011. Mr. Broucek was the key note speaker at the commencement ceremony and spoke to the graduates about how to be successful in business.
5/31/11 - Ann Arbor State Bank would like to thank the readers of Current Magazine for voting Ann Arbor State Bank as runner up for the Reader's Choice of favorite bank or credit union. Check out all of the Reader's Choice winners and runners up by clicking here to visit ecurrent.com.
5/10/11 - Ann Arbor State Bank Chairman and CEO, Bill Broucek, will address Cleary University Graduates on June 4, 2011. Mr. Broucek will also be awarded an honorary Doctor of Science in Business degree, click here to read more.
3/11/11 - Ann Arbor State Bank is sponsoring the NEF's March 17th event "Secrets of the Investor/Investee Relationship". Click here to read more.
2/3/11 - Ann Arbor State Bank achieves profitability in second year and adds staff, click here to read more.
01/29/11 - Ann Arbor State Bank is in the news for hiring Brad Johnson, Vice President Commercial Banking. Brad will be focused on servicing the needs of Jackson County where he is a lifelong resident.
01/12/11 - The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that "in cooperation with the Department of Homeland Security, federal, state and local governments…" the FDIC has withdrawn deposit insurance from the recipient's account "due to account activity that violates the Patriot Act." It further states deposit insurance will remain suspended until identity and account information can be verified using a system called "IDVerify." If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient's computer. This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to firstname.lastname@example.org.
01/04/11 - The Washtenaw County United Way and Young Leaders Society are hosting their first Executive Lunch at the Bell tower Hotel on January 19, 2011. Ann Arbor State Bank President, Peter Schork, is one of the featured speakers. Click here to read more.
01/01/11 - The Board of Directors at Ann Arbor State Bank is pleased to announce the election of a new Board Member, Toni Rodgers. Toni is the owner/operator of four local McDonald's restaurants. Toni earned her BA degree through Michigan State University in social work and later her MBA from the University of Detroit in marketing and economics. She worked as a Credit Analyst for Comerica Bank following some time as a Social Worker/Therapist. She also worked for General Motors in various marketing roles including Brand Management, Product Training, Strategic Planning and Economic Analysis. She acquired her first McDonald's store in April 2004. Toni resides in Ann Arbor with her husband and co-owner B.J. Rodgers. They have six grown children.
10/14/10 - Ann Arbor State Bank Grows Market Share in Washtenaw County. Click here to read more.
9/7/10 - Ann Arbor State Bank CEO, William Broucek, talks to Michigan Banker Magazine. If you are a member of Facebook, click here to read more.
8/31/10 - Ann Arbor State Bank became the nation's newest $100,000,000 bank, with nine profitable months in a row. Isn't it ironic that it is happening right here in Michigan, and in this economy? We believe in you. We believe in our community. We believe in old-fashioned values, and we are pleased that you believe in us. We may be a new bank, but we are not new to banking.
8/11/10 - Ann Arbor State Bank President, Peter Schork, offers his advice in an article from Our House Magazine. Click Here to download the pdf.
7/8/10 - Ann Arbor State will accept summer property tax payments for the City of Ann Arbor until July 30, 2010. Payments made after July 31st are subject to a late fee and cannot be made at the bank.
5/27/10 - The Spring 2010 issue of FDIC Consumer News is available at the FDIC website. Click on the link below and view information on new credit card laws, depositing money through an agent or broker and understanding risks and costs of a reverse mortgage.
3/8/10 - FDIC to Provide Quick Tips for Consumers Over the Internet
The FDIC, in observance of National Consumer Protection Week (NCPW) March 7-13 and its theme of helping people of all ages exercise their consumer rights, announced today that the agency will begin to regularly deliver timely tips on money management on the agency's Web site and through an e-mail subscription service. The FDIC's "Consumer Tip of the Week" may be found at www.fdic.gov/consumertips.
02/22/10 - New credit card rules go into effect today that mandate greater transparency and limitations on fee generating tactics. Click on the link below to visit a website created by the Federal Reserve to explain the new changes to consumers.
01/13/10—The FBI today reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause.
Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:
Do not respond to any unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
Be skeptical of individuals representing themselves as surviving victims or officials asking for donations via e-mail or social networking sites.
Verify the legitimacy of nonprofit organizations by utilizing various Internet-based resources that may assist in confirming the group’s existence and its nonprofit status rather than following a purported link to the site.
Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes.
Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.
Anyone who has received an e-mail referencing the above information or anyone who may have been a victim of this or a similar incident should notify the IC3 via www.ic3.gov.
10/22/09 - Annual FDIC report: Ann Arbor's local banks gaining market share
8/22/09 - Skyrocketing FDIC premiums depress Ann Arbor bank earnings