TO: | CHIEF EXECUTIVE OFFICER (also of interest to Chief Information Officer) |
SUBJECT: | Guidance on Safeguarding Customers Against E-Mail and Internet-Related Fraudulent Schemes |
Summary: | The FDIC is alerting financial institutions to the increasing prevalence of e-mail and Internet-related fraudulent schemes targeting financial institution customers. The attached guidance provides financial institutions with background information on these schemes and describes how institutions can assist in protecting their customers. |
In view of the recent increased outpouring of e-mail and Internet-related fraudulent schemes, the Federal Deposit Insurance Corporation (FDIC) has prepared the attached guidance to assist financial institutions in helping their customers avoid becoming victims. These schemes are being perpetrated with mounting frequency, intensity and creativity. They typically involve the use of seemingly legitimate e-mail messages and Web sites to deceive consumers into disclosing sensitive information, such as bank account information, with the ultimate goal of gaining access to financial accounts or committing identity theft and other illegal acts. Many of the schemes reported recently have targeted financial institution customers.
Financial institution customers who provide confidential information to criminals engaging in e-mail and Internet-related fraudulent schemes face immediate risk. Criminals will normally act quickly to gain unauthorized access to financial accounts, commit identity theft or engage in other illegal acts before the victim realizes the fraud has occurred and takes actions to stop it. In addition, a financial institution that has been impersonated is subject to risk to its reputation, as customers and potential customers may attribute the activity to a perceived weakness in the institution's ability to conduct business securely and responsibly.
Financial institutions should promptly notify their FDIC Regional Office and the appropriate authorities if an e-mail or Internet-related fraudulent scheme is detected. Financial institutions should also report the incident to the appropriate law enforcement agencies and file a Suspicious Activity Report. Any information about possible fraudulent schemes may also be forwarded to the FDIC's Special Activities Section, 550 17th Street, N.W., Room F-4040, Washington, D.C. 20429, or transmitted electronically to alert@fdic.gov.
For more information about safeguarding customers from e-mail and Internet-related fraudulent schemes, please contact your FDIC Division of Supervision and Consumer Protection Regional Office or William H. Henley, Jr., Examination Specialist, at (202) 898-6513.
For your reference, FDIC Financial Institution Letters may be accessed from the FDIC's Web site at http://www.fdic.gov/news/financial-institution-letters/2004/index.html.
Michael J. Zamorski
Director
Division of Supervision and Consumer Protection
Distribution
FDIC-Supervised Banks (Commercial and Savings)
Note
Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center , 801 17 th Street, NW , Room 100, Washington , DC 20434 (1-877-275-3342 or (703) 562-2200).