Earlier this week, the FBI issued a Private Industry Notification involving fraudulent emergency data requests. An emergency data request is from a government authority used in emergency circumstances to request information immediately from a business. The process also bypasses additional reviews of the request for legitimacy. What is most alarming about the alert is the indication cyber-criminals are selling guides …
Fraud Alerts
November 2024
July 2024
-
July 23, 2024
Commercial new account fraud rears up in Oklahoma
There is a new fraud trend hitting Oklahoma financial institutions involving U.S. Treasury checks, ID theft and new accounts. Losses can be significant as many of these checks exceed $100,000. Please share this information will all areas of responsibility involving new business accounts and check deposits. Legitimately issued checks are being stolen in bulk. Individuals involved in the scheme travel …
-
July 19, 2024
Be aware of Crowdstrike update, scams involving encrypted email, web-shared documents
Krebs on Security published an article detailing the latest on the Crowdstrike update leading to issues across the globe. Click here to read the article. Additionally, ABA President and CEO Rob Nichols released this letter addressing the issue. Starting earlier this month the OBA and many other financial institutions across the country have received malicious emails purportedly from employees at …
June 2024
-
June 4, 2024
Jackpotting attacks on ATMs increase across country
The U.S. Secret Service is alerting financial institutions to an increase in ATM jackpotting attacks. ATM jackpotting attacks can cause significant loss, and a new type has been seen lately. On June 3, between 2:30-3:30 a.m., suspects in a light blue Chevy Cruze with a temporary tag expiring Aug. 1, 2024, attempted to conduct malware-style jackpotting attacks on drive-up ATMs …
February 2024
-
February 21, 2024
Be aware of scams involving crytocurrency ATMs
OBA-member banks and banks across the nation are seeing an alarming increase in customers withdrawing large sums of cash and entering the cash into a local cryptocurrency ATM based on instructions received from a scammer. The Oklahoma Bankers Association urges our bankers to have conversations with their customers about these prolific scams. Bank employees should notify a supervisor when they …
February 2023
-
February 22, 2023
Counterfeit savings bonds becoming issue in Oklahoma
SSA Lantz Stuart, with the U. S. Secret Service, one of our federal partners, has shared information that counterfeit U.S. Savings Bonds are being fraudulently negotiated in financial institutions across Oklahoma. He has notified us that losses were large ($176,000) for the impacted banks in Nevada where it originated and nationwide losses are estimated at over $50 million. This activity …
February 2022
-
February 23, 2022
Agency shares info, tools on cybersecurity as Ukraine crisis heats up
The following link is a compilation of Cybersecurity and Infrastructure Security Agency info and tools the OBA’s fraud expert, Elaine Dodd, wanted to provide our bankers. Some of it will not necessarily be new information, but CISA wanted to focus attention to it now due to the escalation of the Russia/Ukraine crisis. https://www.cisa.gov/shields-up
January 2022
-
January 31, 2022
ATM jackpotting attacks continue in Oklahoma
We continue to hear from our bankers asking for more information on ATM jackpotting and MITM (Man-in-the-Middle) attacks in our state. A recent Texas Financial Crimes Intelligence Center Intelligence Brief (click here to download) contains updated details on the crime, as well as pictures from convenience store ATMs in Tulsa. A bit of good news is Oklahoma City Police Department recently …
-
January 24, 2022
Security agencies release alert on foreign cyber threats
The Cybersecurity and Infrastructure Security Agency, FBI and the National Security Agency have recently issued an alert titled “Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure“. It is a valuable addition to your bank’s cyber toolbox and includes mitigation tactics as well as a technical history of these state-sponsored actors. Detection and incident response are also covered …
December 2021
-
December 16, 2021
Security advisory released about logging utility
The U.S. Cybersecurity & Infrastructure Security Agency recently released a security advisory related to a specific logging utility (Log4j) that is embedded in a variety of software enterprise applications. Log4j is very broadly used in a variety of consumer and enterprise services, websites and applications as well as in operational technology products to log security and performance information. …