Phishing scam targets local financial institution

A barrage of fraudulent e-mails and phone calls claiming to be from Orange Savings Bank began over the weekend. So called “phishing” scams have been around for years, but normally portray national companies.

According to Nancy Vincent from Orange Savings Bank on 16th street in Orange, the bank has received calls from as far away as Colorado on the matter. “It’s amazing how many calls we’ve had,” she said. “We’ve got our fraud department working on it.”

A typical e-mail states that the user’s profile has been deactivated because of fraudulent activity, with instructions to log-on to a listed link to recreate the profile. You may receive a second e-mail stating it is from Orange Savings Bank warning of fraudulent e-mails circulating. This e-mail is also phony.

“No financial institution or credit card company will send you an e-mail or call you requesting your account information. They already have it,” said CEO Darby Byrd of Orange Savings Bank.

“They are just trolling,” Byrd said. “There has been no penetration into our database because it doesn’t matter if you have an account or not to receive the e-mails.”

There is also a phone campaign the scammers are using. It is a recorded message telling you of a fraud attempt on your account and gives you a phone number to call on this urgent matter.

“We have notified the FBI and the Federal Trade Commission,” said Byrd. If you receive one of these e-mails, “ ... don’t click on any links,” Byrd advises. Call or contact your financial institution directly from a phone number on the back of your card or on your monthly statement to confirm the legitimacy of the e-mail, not using a phone number or Web site listed in the e-mail.

“This is the third wave of attacks,” said Byrd.

He offers a few safeguards: • Do not reply to any unsolicited e-mail, pop-up message or phone call asking for personal and/or financial information.

• Be suspicious of anyone who contacts you with an urgent request for personal information.

It is unlikely that legitimate businesses will ever engage in these practices.

• Never send personal or financial information via e-mail.

• If you initiate an online transaction and are required to provide personal data, look for indicators that the web site is secure, like the “https” in the URL or padlock icon.

While these indicators do not ensure the security of the site or your personal data, sites without them should be avoided.

• You should also verify that the URL of the site you are visiting is displayed accurately in the address bar.

• Review account statements regularly to verify all transactions.

Frequently log into your online accounts and review all activity.

Immediately report any unauthorized activity to the account provider.

• Report all phishing attacks at once.

Notify the FBI by filing a complaint at http://www.ifccfbi.gov and forward the e-mail to [email protected].

For more information on safeguards, go to http://www.orangesavingsbank.com. Browse to the bottom of the page to the link, “ATM / Debit Card Safety.” From there, click on “identity theft and fraud.”