Current Fraud Alerts

Updated Apr. 6, 2013

04/06/2013

Scammers impersonate Microsoft

Webroot has reported an increase in fake Microsoft scams in which users are tricked into thinking that their PC is infected. Users receive a website message stating their computer is infected and are encouraged to run a "removal tool" called "security cleaner." However, the file is actually infected and, if initiated, will infect the PC. On its Safety & Security Center site, Microsoft warns users that they will not:

Make unsolicited phone calls to help you fix your computer

Request credit card information to validate your copy of Windows

Send unsolicited communication about security updates

03/25/2013

Scam alert

Fraudsters are scamming Alaskans today via text messages to gain debit card information. The fraudulent text message tells customers their debit card was cancelled and they should call a number provided in the message. Callers are then routed to voice mail and asked to enter or say their debit card number.

Customers should NEVER give out their card number or personal information over the phone unless they initiate the call. Alaskans who believe their information has been compromised by a fraudster should immediately contact their bank.

If any customer, at any time, receives a call or email they consider suspicious regarding their financial activity with First National Bank Alaska, they should hang up and contact the bank immediately using a reliable method such as via the bank's website and/or using a phone number from a reliable source.

03/12/2013

OCC fraud alert

The Office of the Comptroller of the Currency (OCC) issued an alert about fraudulent correspondence -- distributed via email, fax, or postal mail -- involving funds purportedly under the control of the OCC and other government entities.

Any document claiming that the OCC is involved in holding any funds for the benefit of any individual or entity is fraudulent. The OCC does not participate in the transfer of funds for, or on behalf of, individuals, business enterprises, or governmental entities. Read more about this fraudulent correspondence.

03/04/2013

Phone scam

Telephone calls from a fraudster attempting to sell magazine subscriptions as part of a drawing for a car or trip is a scam attempting to get the customer's account or credit card information. The caller claims to have gotten customer telephone numbers from the bank.

First National Bank Alaska does not share customer or cardholder information. Customers should NEVER give out their card number or personal information over the phone unless they initiate the call. Alaskans who believe their information has been compromised by a fraudster should immediately contact their bank.

2/22/2013

Fake airline emails

Fraudulent emails claiming to be from the Delta Airlines are currently circulating. The message informs the recipient that a ticket has been purchased with their credit cards. The attachment contains a malicious screensaver file, pdf_delta_ticket.scr. This file hides a version of the Citadel malware. Once it's executed, the threat attempts to connect to various command and control servers.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties, appear to be suspicious, or otherwise unusual. Instead, delete the email from your Inbox and Deleted Items folder.

1/10/2013

Scam email report

Fraudulent emails claiming to be from the EBAY using message@securebank.com in the FROM field are reportedly in circulation. These emails and the link included are fraudulent and were not sent by the Ebay.

Email is a convenient and powerful communication tool. Unfortunately, it also provides scammers and other malicious individuals an easy means for luring potential victims. The scams they attempt run from old-fashioned bait-and-switch operations to phishing schemes using a combination of email and bogus web sites to trick victims into divulging sensitive information. To protect yourself from these scams, you should understand what they are, what they look like, how they work, and what you can do to avoid them. Learn more.

If at any time during electronic communication with the bank you have a question or concern about the authenticity of a message, please contact First National directly.

1/3/2013

Chrome clickjacking vulnerability could expose user information on Google, Amazon

An apparent clickjacking, or UI redress vulnerability, in Google's Chrome web browser could make it possible for attackers to glean users' e-mail addresses, their first and last names and other information according to recent work done by an Italian researcher. Read more.

12/27/2012

Phishing Alert

Web users should be aware of an emerging security threat which attempts to steal online banking credentials or credit card data. Malware on your computer creates a pop-up window over the top of a legitimate site. Do not click on any suspicious ads or websites. First National Bank Alaska will never ask you to re-confirm your information after logging in and will never pop up any sort of form to collect data, if you see this behavior it is an indication that your PC could be compromised with malware and should be quarantined.

12/7/2012

Cell phone scam targets debit card customers

The Fairbanks / Healy area is experiencing a cell phone scam. Residents report receiving automated voice mails on their cell phones informing them their debit cards have been "locked" and will no longer work UNLESS information is provided. The unknown automated caller asks the customer to "press 1" to unlock their debit card after providing their card number.

It is important to be aware this type of scam is ongoing and is hitting close to home. Customers should NEVER give out their card number or personal information over the phone unless they initiate the call. Alaskans who believe their information has been compromised by a fraudster should immediately contact their bank.

11/20/2012

Holiday shopping tips

The FBI continues to remind shoppers to be wary of Internet fraud during the holiday shopping season. Scammers use many techniques to deceive potential victims, including creating fraudulent auction sales, reshipping merchandise purchased with a stolen credit card, selling fraudulent or stolen gift cards through auction sites at a discounted price and using phishing emails to advertise brand-name merchandise for bargain prices or emails to promote the sale of merchandise that is counterfeit.

In advance of the holiday season, the FBI, in partnership with the Merchant Risk Council (MRC), would like shoppers to be informed of the common scams that affect consumers and e-commerce. The MRC is an organization that works to increase networking and information sharing among merchants to better enable members to successfully fight online fraud.

Read more about "One Day Only" websites featuring the sale of a "hot item" and postings of popular items for free or drastically reduced prices here.

11/13/2012

Evolving virus/malware/Trojan alert

Citadel, an advanced variant of Zeus, is a keylogger that steals online banking credentials by capturing keystrokes. Fraudsters then use stolen login IDs and passwords to access online accounts, take over the accounts, and schedule fraudulent transactions. The latest version of Citadel launches fake pop-ups during online banking transactions. The social-engineering tool fools online users into re-entering bank account logins and passwords.

Suggested ways to protect your computer:

Keep the operating systems and other applications up to date by ensuring the automatic update feature is turned on. Out-of-date software versions pose a security risk. Malware often exploits vulnerabilities identified in older versions, which is why software companies are constantly issuing updates and patches.

Run full-system virus scan at least once per week.

Think before entering usernames and passwords. If something seems odd, stop, and think through the process. If it seems different, note what is different and close your browser. Contact the business to determine if it is a normal occurrence.

Of particular concern is the Trojan's pop-ups. Consumers can easily fall into a fraudster's trap when pop-ups appear. First National Bank Alaska never requires a customer to re-sign in during an active online banking session. First National will not solicit customers for information via e-mail, nor does it conduct customer authentication via e-mail.

If you receive an email at any time that you consider suspicious regarding your financial activity with First National Bank Alaska, delete the message and contact the bank immediately using contact information available via the bank's website and/or using a phone number from a reliable source.

For more information about phishing and how to protect yourself against identity theft, click here for tips from the Office of the Comptroller of the Currency (OCC).

11/06/2012

"USPS delivery problem" spam leads to malware

Help Net Security reported November 6 that fake emails seemingly coming from U.S. Postal Service (USPS) telling customers that they have failed to deliver packages on time actually contain a downloader trojan. Hoax-Slayer warned that the USPS logo, delivery bar code, and shipping numbers make the spoofed notification look rather legitimate. However, the link that supposedly takes users to a printable shipping label with instructions to take it to the nearest "UPS" office will actually lead users to a compromised Web site that will automatically download a file named Shipping_Label_USPS.zip. At the time when the spam campaign was first spotted the Trojan had an extremely low detection rate.Read more.

11/02/2012

Hurricane Sandy could cause problems in cyber space

With Hurricane Sandy colliding with the East Coast, cyber criminals are likely to take advantage of the historic storm to make money or steal personal information from the unsuspecting. Like with most major news events, users should be on the lookout for legitimate-looking scams that will use the hurricane's mainstream allure to dupe them. "If the past repeats itself, Facebook postings, tweets, emails and websites claiming to have exclusive video or pleading for donations for disaster relief efforts will appear shortly after the storm hits," security company Avast warned October 29. "These messages often include malicious code that attempt to infect computers with viruses, spyware or Trojan horses." Read more.

10/31/2012

Scam Warnings

The Internal Revenue Service and Better Business Burea issued warnings about fake charities and "storm chasers" that will undoubutedly arise as fraudsters attempt to take advantage of the post-hurricane recovery process. Consumers are encouraged to check the validity of the charity or the accreditation of business via the IRS's database of tax-exempt organizations and the BBB's site respectively.

ATM Security Practices

Be aware of your surroundings when using walk-up and drive-up ATMs to help foil would-be robbers. Helpful reminders can help keep you safe.

11/17/2011

Masquerading Web site: Helpwithmybank.com

The Office of the Comptroller of the Currency (OCC) reports that the above-mentioned Web site, "helpwithmybank.com," is attempting to masquerade as the legitimate Web site, "helpwithmybank.gov," and contains potentially damaging malware. The illegitimate site redirects the user to the legitimate site "helpwithmybank.gov" in an attempt to convince users that they are connecting to a legitimate site. Attempts to connect to the fake Web site could expose the user to harmful malware that may include computer viruses, worms, spyware and other unwanted software.

07/21/2011

National Security Agency/RSA latest to be phished

Fraudulent emails claiming to be from the National Security Agency are reportedly in circulation. These emails and the link included are fraudulent and were not sent by the NSA/RSA. The emails warn of an important vulnerability and the need to make sure your token device is safe. Recipients should consider the intent of these emails as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should NOT access the link provided.

07/14/2011

FDIC targeted in phishing attempt

Fraudulent emails claiming to be from the FDIC are reportedly in circulation, according to the Federal Deposit Insurance Agency. These emails and the link included are fraudulent and were not sent by the FDIC. Recipients should consider the intent of these emails as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should NOT access the link provided and should NOT provide any personal financial information through this media, warns Sandra Thompson, Director, FDIC Division of Risk Management.

07/06/2011

Phishing attempts were received by the bank today. These reported spam e-mails purportedly from the Internal Revenue Service (IRS) and U.S. Treasury are actually attempts to steal confidential information.

Consumers are advised that the IRS does not initiate taxpayer communications via e-mail. In addition, the IRS does not request detailed personal information via e-mail or ask taxpayers for the PIN numbers, passwords, or similar secret access information for their credit card, bank, or other financial accounts. Learn more about FBI warnings..

04/14/2011

Bank customers have reported receiving fraudulent emails that claim to be from NACHA (the Electronic Payments Association). These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

10/28/2010

First National customers targeted

An email purporting to come from "First National Bank Head Office" asks customers to open an attached file in order to avoid suspension of their online banking services. THIS EMAIL IS FRAUDULENT. If you receive such an email, do not click on any link(s) in this--or any--unsolicited email, or respond to the message in any way.

Learn more about how to protect against fraud.

4/05/2010

Fraud alert: Alaskans reminded to protect personal information

Scammers don't take a vacation, reminds First National Bank Alaska Security Officer Don Krohn. "The threat of identity theft from scammers is always out there." He reminds First National customers and employees to never give out personal, private financial information over the phone or the internet unless you originate the call.

Fraudsters may try any number of scams to get access to your personal financial information, including offering you an increase in your credit card limit. "Don't be taken in by these unsolicited offers," Krohn reminds Alaskans. "It's an attempt to steal your money."

First National Bank does not initiate calls to customers requesting personal financial information such as passwords, PIN or card number. If you receive such a call, hang up and contact your local banker immediately.

11/04/2009

Cell phone scam targets debit card customers

First National employees and customers in Sitka and Valdez report receiving automated voice mails and texts on their cell phones, informing them their debit cards have been "updated" or have been "restricted for security purposes" and will no longer work UNLESS information is provided. The unknown automated caller asks the customer to please contact the security department or "press 1 to be connected to the security department." Unfortunately, some bank customers responded as requested and have now compromised their information.

Employees report the information requested in the fraudulent call includes name, address (both physical and mailing), debit card number and PIN.

It is important to be aware this type of scam is ongoing and is hitting close to home. Customers should NEVER give out personal information over the phone unless they initiate the call. Alaskans who believe their information has been compromised by a fraudster should immediately contact their bank.

11/12/08

First National Bank Alaska target in phone scam:

Multiple Alaskans have reported receiving automated phone calls purporting to be from First National Bank in a fraudulent attempt to gain personal information. The calls suggest a ?card? has been put on hold because a third-party was trying to use the card. The automated voice goes on to ask for personal information. These automated phone calls are scams attempting to obtain personal information.

First National Bank Alaska never uses automated systems to contact customers. "The bank will never ask for a card number, expiration date or PIN," said Vice President Valerie Bale, the bank?s electronic banking manager.

The phone scam was first reported to Anchorage Police Department on Nov. 11, a day when banks in Alaska were closed, making it impossible for recipients of the fraudulent automated calls to contact their bank.

11/04/08

Federal Reserve Board Alerts Public to Instances of Questionable Solicitations Directed at Consumers

The Federal Reserve Board alerted the public to instances of questionable solicitations directed at consumers. These solicitations promise consumers access to personal loans through a nonexistent Federal Reserve lending program. Under this fraudulent scheme, targeted individuals are told that that they can work through a broker to access a Federal Reserve program that extends sizable secured loans to consumers. Consumers are encouraged to deposit large sums of money into a bank account, under the guise of a security deposit, in order to receive the purported loan. The Federal Reserve is advising consumers that it has no involvement in these solicitations and does not directly sponsor consumer lending programs.

10/10/08

FTC Report: Consumers warned to avoid fake e-mails tied to bank mergers

Online scammers are taking advantage of upheavals in the financial marketplace to confuse consumers into parting with valuable personal information.

The Federal Trade Commission urges caution regarding e-mails that look as if they come from a financial institution that recently acquired a consumer's bank, savings and loan, or mortgage. In fact, these messages may be from "phishers" looking to use personal information - account numbers, passwords, Social Security numbers - to run up bills or commit other crimes in a consumer's name.

Consumers are warned not to take the bait. The FTC has advice about how to stay on guard against this type of scam. To learn more, see the consumer alert "Bank Failures, Mergers and Takeover: A Phish-erman's Special."

9/03/08

Gustav phishing

Due to the current situation involving Hurricane Gustav, the US Computer Emergency Readiness Team (US-CERT ) reminds users to remain cautious when receiving unsolicited e-mail that could be a potential phishing scam.

US-CERT phishing scams may appear as requests for donations from a charitable organization asking users to click on a link that will take them to a fraudulent Web site that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises. Users are encouraged to take the following measures to protect themselves from this type of phishing scam:

Do not follow unsolicited web links received in email messages.
Review the Federal Trade Commission's Charity Checklist
Verify the legitimacy of the e-mail by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.

5/08/08

Phishing related to issuance of economic stimulus checks

The FBI warns consumers of recently reported spam e-mail purportedly from the Internal Revenue Service (IRS) which is actually an attempt to steal consumer information.

4/11/08

First National Bank Alaska checks part of Nigerian fraud scheme

Multiple people have reported receiving in the mail a check for some $4,000 as "lottery winnings." The checks appear to have been issued by First National Bank Alaska. Along with the check, the mailing includes instructions for verifying the funds and cashing the check.

Do not be fooled! This is a fraudulent attempt to obtain your information and/or your money. The check is NOT from First National Bank Alaska. It is a fake. Do not reply to the letter, cash the check, or call the telephone numbers listed in the mailing.

If you receive such a check or mailing, please contact us and/or mail the check to our Security Manager: First National Bank Alaska, Attention: Don Krohn, Security Manager, P.O. Box 100720, Anchorage, AK 99510.

04/10/08

Phishing alert

The bank's security experts report that two Alaska credit unions are being phished. Alaska USA (AK USA) and Denali Alaska Federal (Denali FCU). Customers who receive e-mails alerting them that something is wrong with their AK USA or Denali FCU account should not respond and should report these fraudulent e-mails to the corresponding financial institution. Both institutions are aware of the phishing activity and have posted alerts on their web sites.

Please note, First National Bank Alaska never solicits customer information via e-mail, nor does it conduct customer authentification via e-mail. Specific phishing attacks may last a few days or go on for a month or more. For more information about phishing and how to protect yourself against identity theft, click here for tips from the U.S. Comptroller of the Currency.

9/07/07

OCC warns of debt-elimination scams

The Office of the Comptroller of the Currency (OCC) this week warned national banks about the spread of fraudulent debt-elimination schemes. The schemes, in which fraudsters claim they can eliminate the most common types of loan debt, are designed to defraud victims of upfront fees -- typically $400 to $7,500 - and possibly steal their identities, OCC said in an alert. The alert describes the numerous variations crooks use to fool borrowers. Read the OCC alert.

6/11/07

OCC issues scam alert

The Office of the Comptroller of the Currency (OCC) issued an alert about fraudulent correspondence purporting to come from that agency. The scam involves e-mails, letters and faxes to individuals asking them to reply so that the agency can release restricted funds to them. Read the OCC alert.

8/03/05

Preventing, detecting spyware

Spyware refers to software that collects information about a person or organization without their knowledge or informed consent and reports such data back to a third party. Spyware is designed to collect personal information, some of which can be used to conduct identity theft. Spyware or other unwanted software can be installed on your computer when you access infected web sites or download software, such as music or video file sharing programs. There is also risk when accessing banking web sites from public computers - such as those in hotels, libraries or Internet cafes. Carefully read all disclosures, including license agreements and privacy statements. Sometimes the inclusion of unwanted software in a given software installation is documented, but it may appear at the end of a license agreement or privacy statement.

Take steps to prevent and detect spyware on your computer by:

Installing and periodically updating anti-spyware, virus protection and firewall software.
Adjusting browser settings to prompt you whenever a web site tries to install a new program or Active-X control.
Carefully reading all End User Licensing Agreements and avoiding downloading software when licensing agreements are difficult to understand.
Maintaining patches to operating systems and browsers.
Not opening e-mail from untrustworthy sources.

Guard against fraud:

Learn how to better protect your computer and yourself from identity thieves and online scams by reading the Federal Deposit Insurance Corporation's (FDIC) free publications. Visit the FDIC's Consumer Resources page and become a better informed consumer.

Learn more about identity theft from the Comptroller of the Currency.

Download a the bank's Identity Theft brochure (1.2 MB PDF).

Online Banking

First time login info

Trust accounts first time login

Learn About Our e-Services

Enroll in BankNow!

Enroll in PassMark Security

Mobile Banking

MasterCard® Registration

Online Security Information