14 DAY TRIAL // The Federal Deposit Insurance Corporation (FDIC) warns users about an ongoing phishing campaign which produces fake emails purporting to come from the organization.
"The e-mail informs the recipient that 'in cooperation with the Department of Homeland Security, federal, state and local governments…' the FDIC has withdrawn deposit insurance from the recipient's account 'due to account activity that violates the Patriot Act'," the FDIC explains in its alert.
Recipients are asked to verify their account information through a system called "IDVerify," otherwise risk account termination.
The link to the ID verification system provided in the email takes users to a phishing page that asks them for personal and financial information.
FDIC also notes that malicious software may be loaded onto the recipient's computer, but doesn't specify if this is done transparently, in a drive-by download attack, or requires interaction from the user.
At least one other bank has reiterated FDIC's alert and are warning their customers about the phishing scam, which, apparently, is not entirely new.
Back in 2004, FDIC issued a very similar alert about a nearly identical scam. The rogue emails claimed to be signed by Donald E. Powell, FDIC's Chairman at the time.
People were threatened that failure to verify their account information would most likely result in a federal investigation and a visit from Homeland Security agents.
"This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers.
"Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media," the organization advises.
People should also run a capable antivirus program and keep all of their software applications and operating system up to date in order to avoid exploit-based attacks.