The FDIC is aware of e-mails appearing to be sent from the FDIC that ask recipients to open and review an attached file. Currently, the subject line of the e-mail states: "Funds wired into your account are stolen." The e-mail is fraudulent and was not sent by the FDIC.
The fraudulent e-mail tells the recipient that proceeds from identity theft crimes have been wire-transferred into their bank account. The e-mail then directs the recipient to open and review an attached copy of their bank account statement and to contact their bank account managers.
The attached file is actually an executable file containing malicious code or software. Recipients should consider the attached file as a malicious attempt to collect online banking credentials or other personal and confidential information that could be used to gain unauthorized access to on-line banking services or perpetrate identity theft and other criminal activities.
Recipients of the fraudulent e-mail should not reply and should not attempt to open the attached file. According to reports received by the FDIC, many antivirus software programs have been detecting and removing the malicious attachment before the e-mail is delivered. However, if a recipient does open the attachment, the FDIC recommends updating anti-virus software patches and performing a complete scan of the computer and network, if applicable. If a computer becomes infected and the user encounters difficulties removing the malicious code, users should contact their anti-virus software vendor. The FDIC highly recommends using anti-virus software.
For additional information about safe online banking and avoiding online scams, visit http://www.fdic.gov/consumers/consumer/guard/.