** Please be aware that documents from these alerts may contain links that connect you to other websites. First National Bank is not responsible for the content on other sites. Other websites may treat information they learn about you differently.
A group of security researchers uncovered a major vulnerability in the encryption technology used by millions of websites. Called "Heartbleed", it is a security flaw found in OpenSSL, which is used to protect sensitive data such as emails, passwords or credit card data.
The First National Bank of Newtown does NOT use OpenSSL and therefore is not affected by this discovery.
it is estimated that nearly two thirds of websites on the Internet use
OpenSSL in some way. Any secure information on those sites such
as passwords, email addresses, etc. could be compromised.
First National Bank always recommends that your online banking password
is a unique password that you have never used on any other website.
Also, we recommend changing your online banking password on a regular basis.
If you have any questions, please feel free to contact the Online Banking Department at 215-579-3415.
It has been reported to The First National Bank that some of our customers have received the following text message: Due to suspicious activity, your debit card has been temporarily blocked. In order to unlock, PLEASE call us immediately at: 1-713-988-6565. This is a scam. The First National Bank will never text or call you asking for your account information. If you have received one of these calls or texts, please report it to us immediately at 215-860-9100.
Attention Debit Card Users: As you have seen in the news, there was a data breach at Target® possibly affecting millions of debit and credit card users. The breach occurred from 11/27/13 through 12/15/13. Please check your account transactions. If you see anything unusual please contact our Customer Call Center at: 215-860-6351. First National Bank is working closely with our debit cardholders that were affected. Click here to read an official announcement from Target® on the breach.
Update as of 12/24/13: FNB is in the process of reissuing all debit cards affected by the Target store compromise. New cards should arrive in 7-10 business days. Please continue to check your account transactions. If you see anything unusual, contact our Customer Call Center at: 215-860-6351.
Please be aware that a group of criminals, commonly referred to as "The Felony Lane Gang" has been active in our area. Originating in Florida, this group preys on purses that have been left unattended in a vehicle. Common areas include, sports events, gyms, cemeteries and elementary schools. After breaking into the vehicle, the gang will facilitate fraud while assuming the identity of the victim. If you become the victim of this crime, please notify us at 215-860-9100.
It has been reported to First National Bank that some of our customers have received cell phone calls or text messages from someone claiming to be from First National Bank. This is a scam. First National Bank will never text or call you asking for your account information. If you have received one of these calls or texts, please report it to us immediately at 215-860-9100.
Office of the Comptroller of the Currency (OCC) has been informed that
the Web site, “helpwithmybank.com,” is attempting to masquerade as the
legitimate Web site, “helpwithmybank.gov,” and contains potentially
damaging malware. The illegitimate site redirects the user to the
legitimate site “helpwithmybank.gov” in an attempt to convince users
that they are connecting to a legitimate site. Attempts to connect to
the fake Web site could expose the user to harmful malware.
NACHA, the not-for-profit Association that governs electronic movement of money and data, like direct deposits and debit card transactions, has issued an alert concerning fraudulent emails. These emails, appearing to be from NACHA may ask for your personal information so that they can steal your identity, or ask you to open an attachment that will place a virus on your computer. Click on the link below to read NACHA's statement. If you think you may have become victim to this scheme, please call us today.
The Pennsylvania Criminal Intelligence Center has issued an alert regarding new Japan Disaster Scams. Please click this link for more information on this alert.
The First wants you to be aware of a phishing scam email that was received by one of our customers. The email directed the customer to visit a malicious site and download and install a piece of software. Below is the text of the email.
Subj: A NOTE FROM FNB
Due to the recent Malware and Phishing attacks encountered by our
customers, First National Bank has made it mandatory to all Customers
to download the Rapport Software that will help fight against it.
Our system shows that you have not downloaded the latest version of
this software that was introduced on 17-01-2010. It is your
responsibility to protect your account by installing this new patch as
a precautionary measure.
If you do not log on to download this software now, First national bank
will not be liable for any theft that may occur on your account.
If you receive this email, or any email similar to it, please delete it immediately. Do not click any links within the email, and do not reply to it.
The First does not:
The FDIC said that it has received numerous reports from consumers of fraudulent e-mails that appear to have come from the FDIC. The e-mails say that the FDIC in cooperation with the Department of Homeland Security has withdrawn the recipients’ deposit insurance "due to account activity that violates the Patriot Act."
It says that deposit insurance will remain suspended until identity and account information can be verified using a system called "IDVerify." If consumers go to the link provided in the e-mail, it is suspected they will be asked for personal or confidential information, or malicious software may be loaded onto the recipient's computer. Financial institutions and consumers should not access the link provided within the body of the e-mail and or provide any personal information through this media. Read FDIC Alert.
The First wants you to be aware of an email-based scam that attempts to collect confidential and financial information. These scams are often referred to as "phishing."
A phishing email has been sent out that fraudulently states that your account is being blocked and that you are required to update or verify your account information by clicking a link that takes you to a fake login site. Do not click the link in the email as the website you are taken to is not a website of The First, but rather a fraudulent website made to look like the Online Banking login page.
The First does not:
What to Do if you entered information on the Fraudulent Site:
If you have entered personal information after clicking on the link or suspect fraudulent behavior, please call us immediately at (215) 860-9100 or contact your local branch. If you have received a fraudulent email, please forward it to email@example.com. Please do not remove the original subject line, or change the email in any way when you forward it to us.
Between approximately 7:30 pm and 10:00 pm
on Wednesday, May 5th our public website that is hosted at our Internet
service provider was defaced by a hacker. The website displayed a
message that said "Hacked By GhoST61" and a picture of the first
President of Turkey. This did not infect our secure online banking
server which is housed at the bank. Customers saw the "hacked" message
after they exited from Online Banking and were directed back to our
public website or by visit our public website directly. There was no
account information compromised during the incident as the secure
server which contains that information was not penetrated. Likewise the
screen that customers saw did not indicate that there is anything wrong
with their computers. The defacing did not transmit a virus or any
malicious software onto any customer's computer.
We apologize for the concern and inconvenience that this caused our customers. If you have any further questions, feel free to contact the Online Banking Manager at 215-579-3415.
The Federal Bureau of Investigation has posted a warning regarding possible Haitian earthquake relief scams. The FBI reminds internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause. Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following:
Anyone who has received an e-mail referencing the above information or anyone who may have been a victim of this or a similar incident should notify the IC3 via www.ic3.gov.
Customers have reported getting text messages from someone claiming to be from the bank. The text message requests that personal banking information be texted back to the alleged bank representative. The First does not send text messages to customers. Please do not give out any information via text messaging.
The callers do not ask for your card number; they already have it. This information is worth reading. By understanding how the VISA & Master Card Telephone Credit Card Scam works, you'll be better prepared to protect yourself.
One of our employees was called on Wednesday from 'VISA', and I was called on Thursday from 'Master Card'.. The scam works like this: Caller: 'This is (name), and I'm calling from the Security and Fraud Department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in ?'
When you say 'No', the caller continues with, 'Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?'
You say 'yes'. The caller continues - 'I will be starting a Fraud investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800 -VISA) and ask for Security.'
You will need to refer to this Control Number. The caller then gives you a 6 digit number. 'Do you need me to read it again?'
Here's the IMPORTANT part on how the scam works. The caller then says, 'I need to verify you are in possession of your card'. He'll ask you to 'turn your card over and look for some numbers'. There are 7 numbers; the first 4 are part of your card number, the next 3 are the security Numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him. After you tell the caller the 3 numbers, he'll say, 'That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?' After you say No, the caller then thanks you and states, 'Don't hesitate to call back if you do, and hangs up.
You actually say very little, and they never ask for or tell you the Card number.. But after we were called on Wednesday, we called back within 20 minutes to ask a question.. Are we glad we did! The REAL VISA Security Department told us it was a scam and in the last 15 minutes a new purchase of $497.99 was charged to our card.
Long story - short - we made a real fraud report and closed the VISA account. VISA is reissuing us a new number. What the scammers want is the 3-digit PIN number on the back of the card Don't give it to them. Instead, tell them you'll call VISA or Master card directly for verification of their conversation. The real VISA told us that they will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you're receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually file a fraud report.
New threat: Phishing attempts that ask the
victim to call their bank to reactivate a credit card, then provide a
false phone number.
With consumers finally getting wise to phishing attacks, scammers are hitting the phones.
The U.S. Federal Bureau of Investigation's Internet Crime Complaint Center (IC3) warned Thursday that so-called "vishing" attacks are on the rise. These are scams where criminals send an e-mail or text message to a victim, saying there has been a security problem and the victim needs to call his or her bank to reactivate a credit or debit card.
"Upon calling the telephone number, the recipient is greeted with 'Welcome to the bank of ...' and then [is] requested to enter their card number in order to resolve a pending security issue," the IC3 said in its alert.
In the past few years, inexpensive VoIP (Voice over Internet Protocol) technology and open-source call-center software has made it inexpensive for scammers to set up phony call centers, paving the way for these new types of scams. Security experts say that vishing can be more effective than traditional phishing techniques -- which direct victims to fake Web sites -- because the voice-based attacks have not been as widely publicized.
A new vishing scam involves sending text messages to cell phones, instructing victims to contact the fake online bank to renew their accounts, the IC3 said.
Those who are unsure whether they have been targeted by this scam should look up the bank's phone number and call the bank directly, the IC3 advises.
Operated in partnership with the FBI and the National White Collar Crime Center, the IC3 is a clearing house for Internet crime complaints.
Pretext calling is a fraudulent means of obtaining an individual's personal information. Pretext callers may contact financial institution employees, posing as their customers, in order to access customers' personal account information. These callers may also contact consumers at home, posing as employees from a financial institution. Information obtained from pretext calling may be sold to debt collection services, attorneys, and private investigators for use in court proceedings. Identity thieves may also engage in pretext calling to obtain personal information for use in creating fraudulent accounts.
Steps you should take to protect yourself against identity theft and pretext calling include:
Do not give personal information, such as account numbers or social security numbers, over the telephone, through the mail, or over the Internet unless you initiated the contact or know with whom you are dealing.
Store personal information in a safe place and tear up old credit card receipts, ATM receipts, old account statements, and unused credit card offers before throwing them away.
Protect your PINs and other passwords. Avoid using easily available information like your mother's maiden name, your birth date, the last four digits or your social security number, your phone number, etc.
Carry only the minimum amount of identifying information and the number of credit cards that you need.
Pay attention to billing cycles and statements. Inquire of the bank if you do not receive a monthly bill; it may mean the bill has been diverted by an identity theif.
Check account statements carefully to ensure all charges, checks, or withdrawals were authorized.
Guard your mail from theft. If you have the type of mailbox with a flag to signal the box contains mail, do not leave bill payment envelopes in your mailbox with the flag up. Instead, deposit them in a post office collection box or at the local post office. Promptly remove incoming mail.
Order copies of your credit report from
each of the three major bureaus once a year to ensure they are
accurate. (A fee may apply)
If you prefer not to receive pre-approved offers of credit, you can opt out of such offers by calling 1-888-5-OPT OUT.
If you want to remove your name from many
national direct mail lists, send your name and address to:
DMA Mail Preference Service
P.O. Box 9008
Farmingdale, NY 11735-9008
If you want to reduce the number of telephone solicitations from many national marketers, send your name, address and telephone number to:
DMA Telephone Preference Service
P.O. Box 9014
Farmingdale, NY 11735-9014
There have been an increasing number of
Pennsylvanians reporting that they are being defrauded by counterfeit
In general, the fraud unfolds like this: A consumer is part of a fairly large financial transaction with someone who generally says that they live outside of the United States. The types of transactions that have been reported include payments for large items purchased through online auctions, deposits for apartments, and fees for nanny services, for example.
The so-called "buyer" sends an official-looking cashier's check to pay for the service. The consumer, then, takes the check to the bank and cashes it.
There are two ways the scam can unfold: In the first, the buyer sends a check for well over the amount of the purchase (with some excuse about why) and asks the consumer to immediately refund the difference once they've cashed the check. In the second, the buyer waits a day or two (but only a very short time) and makes some excuse for canceling the transaction and asks the consumer to wire all of the money back.
A similar scam suggests that the consumer has ''won'' a lottery or other prize but must send some of the proceeds of the check back for some specific reason, like processing or taxes.
The counterfeit cashier's checks are such good reproductions that they're difficult to spot, even by experienced financial professionals. Despite the fact that the consumer's bank cashes the check, it will not be honored when the bank presents it to the ''issuing'' institution for payment. The bank then, requires the consumer to return the funds.
The problem is that, by the time the fraudulent check works its way through the banking system (which can sometimes take more than 30 days), the con-artist has already taken the consumer's money.
If you believe that you've been the victim of this type of scam, please call the Pennsylvania Attorney General's office at (800) 441-2555, the U.S. Secret Service at (202) 406-5850, or the Pennsylvania Department of Banking at (800) PA BANKS.
The First encourages you to review this questionnaire about Fraud Scams. If you have any questions or can answer yes to any of the questions, please call us at one of our branches. Click here to see the questionaire.
Recently, many Americans have received a series of fraudulent e-mails, which direct recipients to websites where they are asked to verify sensitive personal information. The e-mails claim that the individual's personal information is necessary to assist in the fight against terrorism or for some other purpose supposedly required by law. These e-mails are purportedly sent from several government agencies or include content related to government agencies including the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, the Securities Investor Protection Corporation and others. The websites to which the email recipients are directed are often very similar to, if not actual clones of official government sites.
The fraudulent e-mails are part of a scam known as "phishing." Phishing is the fraudulent scheme of sending an e-mail to a user falsely claiming to be a legitimate company. The email attempts to con the user into surrendering private information that could later be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as name, account and credit card numbers, passwords, social security numbers and other information. The Web site, however, is bogus and set up only to steal the user's information.
As part of the Treasury Department's efforts to fight identity theft, we want to assure Americans that federal financial agencies do not communicate with consumers by e-mail requesting important personal information such as your name, account numbers, date of birth and social security number.
Consumers can protect themselves from this latest identity theft scam by following these useful tips, which were developed by the Federal Trade Commission:
The Treasury and federal financial regulators are working hard to combat identity theft including the use of new tools in legislation recently signed by President Bush. But all consumers must take reasonable precautions in the use of their personal financial information in order to help prevent themselves from becoming victims of identity thieves.
If you have any questions about these security and fraud alerts, please feel free to contact the bank at 215-860-9100.