Security Alerts

01/13/14: It is Tax Identity Theft Awareness Week! Read more here.

12/22/2013: Beware of New Twist on Corporate Account Takeovers

The FBI is warning businesses to take precaution against a new fraud tactic referred to as the Man-In-The Email scheme. Learn More.

10/01/2013: October is Cyber Security Month!

October 2013 marks the tenth annual National Cyber Security Awareness Month (NCSAM) sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance (NCSA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). Learn More.

04/26/2013: Boston Marathon Bombing Is Being Used to Disseminate Malware and Conduct Financial Fraud

According to the Massachusetts Governors Homeland Security Council and the Center for Internet Security, the bombing of the Boston Marathon, on April 15, 2013, does not just mean an increased threat level across the country and globe, but includes new and recycled Internet scams. Major events tend to attract malicious individuals who use the event for their gain.

Internet watch groups and cyber security experts have already identified multiple fake domains/websites, and charity efforts taking advantage of the Boston Marathon bombing. Based on previous tragedies, more scams will follow in the coming days. Internet users need to apply a critical eye and conduct due diligence before clicking links, visiting websites, or making donations.

02/07/2013: Federal Deposit Insurance Corporation (FDIC) issues Fraudulent Email Alert

The FDIC has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC. The fraudulent e-mails are addressed to the attention of the “Accounting Department” and indicate that “ACH and WIRE transactions” are being blocked until “a special security software” is installed.

The email includes instructions on how to download the necessary files by clicking on a hyper-link (Note: the Web site addresses (URL) vary widely). This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers and should not click on the link provided.

01/28/2013: Today is Data Privacy Day - read more here!

01/23/2013: Fraudulent Emails from Federal Trade Commission (FTC)

The Federal Trade Commission is warning small businesses that an email with a subject line “NOTIFICATION OF CONSUMER COMPLAINT” is not from the FTC. The email falsely states that a complaint has been filed with the agency against their company. The FTC advises recipients not to click on any of the links or attachments with the email. Clicking on the links may install a virus or other spyware on the computer. Additional information can be found at

Click for more information on protecting your business from Corporate Account Takeovers.

1/16/2013: NOW AVAILABLE! Webroot SecureAnywhere Identity Shield software. Download for free.

02/10/2012: Phishing Campaigns Target Tax Season

In recent years, US-CERT (the United Sates Computer Emergency Readiness Team) has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include, but are not limited to information that refers to a tax refund; warnings about unreported or under-reported income; offers to assist in filing for a refund; and details about fake e-file websites. These messages, which may appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.

01/26/2012: Fraudulent Email Alert - "eNFACT Case" containing malicious link

Numerous fraudulent emails referencing an “eNFACT case” and presenting a list of foreign ATM or debit transactions that have been purportedly detected as potentially fraudulent have been reported. The email accounts sending the messages are shown as “eNFACT Notifications (”. These fraudulent emails request that the recipient click a malicious link to report the transactions as not being initiated by the recipient.

01/11/2012: Fraudulent Email Alert - Phishing scam using spoofed US-CERT email addresses

US-CERT (the United Sates Computer Emergency Readiness Team) has received reports of a phishing email campaign that uses spoofed US-CERT email addresses. This campaign appears to be targeting a large number of private sector organizations as well as federal, state, and local governments. US-CERT began receiving reports of this campaign on January 10, 2012.

11/18/2011: Fraudulent Website -

The Office of the Comptroller of the Currency (OCC) has been informed that the Web site, “,” is attempting to masquerade as the legitimate Web site, “,” and contains potentially damaging malware. The illegitimate site redirects the user to the legitimate site “” in an attempt to convince users that they are connecting to a legitimate site. Attempts to connect to the fake Web site could expose the user to harmful malware.

10/29/2011: Fraudulent "Mystery Shopper" programs. Learn more here.