Subject: Heartbleed Security Vulnerability Update
April 10, 2014
In response to the Heartbleed Security Vulnerability, LNB has evaluated our internal and external systems to determine if any utilize the Open SSL technology that is referred to in the Heartbleed Flaw. We are pleased to inform users that there has not been evidence that any of our systems have been improperly accessed due to this vulnerability. We will continue to analyze and evaluate any possible vulnerability.
Subject: New phishing campaign targets ‘First Data’ merchant accounts
January 25, Softpedia
Researchers from e-mail security vendor AppRiver warn about a phishing campaign that targets merchant accounts from a payment processing vendor called First Data. The pool of phishing attacks targets online banking accounts, credit card information, personal details, and other online accounts. Scams aimed at merchants are not very common. “Once the hacker has gained access to the First Data account they will likely have gained control over that specific merchants account,” warned a security researcher at AppRiver.
First Data is an Atlanta-based provider of online and on-site payment solutions which caters to merchants, financial institutions and government agencies. Its product portfolio includes credit and debit card processing, check acceptance and cashing solutions, international payment processing, automated clearing house payments processing and PCI compliance.
The company explains on its site that "the Global Gateway Virtual Terminal is an online payment application that allows you to accept credit cards and other payment types using your PC.
"The Virtual Terminal also acts as your Global Gateway account management application and allows you to view gateway processing reports, edit fraud settings, manage users, and more."
Subject: Debit Card Phone Scam
January 24, 2011
To our valued customers:
A phone scam is being conducted requesting the reactivation of LNB debit cards. The phone calls are asking that you enter your 16-digit card number. This request should NOT be performed. Please be advised that LNB would NEVER request by phone or email a reactivation of your debit card. Please contact your local LNB branch with any questions or concerns you may have. Thank you for your cooperation and we sincerely apologize for any inconvenience this may have caused anyone.
Subject: Fraudulent E-mail requesting confidential information
January 12, 2011
E-mails fraudulently claiming to be from the FDIC are attempting to get recipients to click on a link, which may ask them to provide sensitive personal information. These e-mails falsely indicate that FDIC deposit insurance is suspended until the requested customer information is provided.
The Federal Deposit Insurance Corporation (FDIC) has received numerous reports from consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that "in cooperation with the Department of Homeland Security, federal, state and local governments…" the FDIC has withdrawn deposit insurance from the recipient's account "due to account activity that violates the Patriot Act." It further states deposit insurance will remain suspended until identity and account information can be verified using a system called "IDVerify." If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient's computer.
This e-mail is fraudulent. It was not sent by the FDIC. It is an attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.
The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to email@example.com.
For your reference, FDIC Special Alerts may be accessed from the FDIC's Web site at www.fdic.gov/news/news/SpecialAlert/2011/index.html. To learn how to automatically receive FDIC Special Alerts through e-mail, please visit www.fdic.gov/about/subscriptions/index.html.
Sandra L. Thompson
Division of Supervision and Consumer Protection
Distribution: FDIC-Supervised Banks (Commercial and Savings)
Note: Paper copies of FDIC Special Alerts may be obtained through the FDIC's Public Information Center, 877-275-3342 or 703-562-2200.