Alerts

Text Message:  "Your Debit Card Has Been Deactivated"

Bank customers have reported receiving text messages purporting to be from their financial institution stating "regarding your debit card BEGINNING in 4492, your pin has been deactivated. Please call this number to have it reactivated." If you receive this message, or a similar message, please do not call the number as it is likely a scam. If you want to verify the status of your account you can call the number on the back of your card or look up the published number of your financial institution.

How could the Epsilon data breach affect you?

Although Anchor Bank has no affiliation with Epsilon, customers of as many as 50 firms (including Ameriprise Financial, Barclays Bank of Delaware, Bebe, Best Buy, Brookstone, Capital One Bank, Citi, City Market, The College Board, Dillons, Disney Destinations, Eddie Bauer, Ethan Allen, Food 4 Less, Fred Meyer, Fry’s, Hilton Hotels, Home Shopping Network, JPMorgan Chase, King Soopers, Kroger, Lacoste, LL Bean Visa Card, British retailer Marks and Spencer, Marriott Rewards, McKinsey & Co., Moneygram, New York & Company, Ralphs, Red Roof Inns, Ritz-Carlton Rewards, Target, TD Ameritrade, TiVo, U.S. Bank, Verizon and Walgreens) found out over the weekend that their email addresses were exposed to hackers who had broken into the system of Epsilon Data Management, a Dallas company that provides online mail services to 2,500 companies.

According to Epsilon’s press release: On March 30th, an incident was detected where a subset* of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.

“Hackers could send fake emails pretending to be your bank, pharmacy, hotel or any business that was a customer of Epsilon,” said Amol Sarwate, vulnerabilities research lab manager at California security firm Qualys, in a press release. He suggests asking yourself the following questions before you open an unsolicited email, even if it has official logos or matches the color scheme and other “look-and-feel” elements of the institution:

1. Does my institution usually send me an email? If customers get only monthly statement reminders via email, they should be cautious about any “out-of-band” email.

2. Does my institution ask me to click on links in an email? It is dangerous to click on links received in emails. A safer approach to visit your institution’s website would be to type in the URL manually, or to save the website among your favorites.

3. Is my institution asking me for personal information such as my Social Security number or credit-card numbers? If a web page that was opened as a result of an email link is asking for this kind of information, it is most probably a fraud.

4. Does this email really come from my institution? Because of how email works, it is not possible for everyday users to distinguish between emails sent by their institution and those sent by hackers.

Real Estate Scam

real estate scam that surfaced recently in Arkansas serves as timely warning to all property owners about a new variation of the notorious advance fee fraud. Advance fee scams come in two main varieties. One involves the victim receiving a bogus check as a supposed upfront payment, a portion of which they then have to wire as untraceable "electronic cash" to a third party. The other advance fee scam is the familiar email that invites you in on a share of a big stash of cash, provided you pay some fees to get your hands on the money (which of course never materializes). More

Hackers Spoofing iTunes receipts

Hackers gunning for credit cards have turned to spoofing iTunes receipts in a bid to trick email recipients into installing Zeus (aka Zbot) financial malware, which is designed to steal passwords and financial website access credentials. "Victims receive a cleverly crafted email informing them that they have made an expensive purchase on iTunes," according to antimalware security firm PandaLabs. "The user, having never made the purchase to begin with, is concerned by the email and naturally tries to resolve the problem -- in this case by clicking on the proffered (fake) link." The link leads to a malicious website which attempts to install a bogus PDF reader. If successful,  malicious files get downloaded and installed from a website based in Russia, then the user is redirected to a malicious website containing the Zeus Trojan. More

Callers claiming to be collecting debts for FDIC

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of suspicious telephone calls where the caller claims to represent the FDIC and is calling regarding the collection of an outstanding debt. To date, the callers have alleged that the call recipient is delinquent in payment of a loan that was applied for over the Internet or made through a payday lender. The loan may or may not actually exist. The caller attempts to authenticate the claim by providing sensitive personal information, such as name, Social Security number, and date of birth, supposedly taken from the loan application. The recipient is then strongly urged to make a payment over the phone to "avoid a lawsuit and possible arrest." In some instances, the caller is said to sound aggressive and threatening. More

How to recognize phishing e-mails or links

A few clues can help you spot fraudulent e-mail messages or links within them. Phishing e-mail messages are designed to steal your identity. They ask for personal data, or direct you to Web sites or phone numbers to call where they ask you to provide personal data. More

Please click here to find a branch location near you or call us toll-free (800) 562-9744.