Fraud Alerts

Identity Theft    ι   Reporting Fraud     ι    Order Your Free Credit Report     ι    Online Banking Brochure

Consumer AlertsThere are constant reports of internet scams, infectious spyware, keystroke logging, and more, which is used by criminals who are seeking to profit illegally by obtaining and using your financial information or identity.  Fight back against this crime by arming yourself with the knowledge to protect your identity and personal financial information. NOTE:  Refrain from clicking on links in e-mail messages or opening any attachments that are not expected, even if the sender appears to be known.  Never share confidential information via email, nor when requested from an unsolicited telephone call.  Be sure to delete suspicious email. Jackson County Bank will not send unsolicited emails or call asking customers to provide, update or verify personal or account information, such as passwords, Social Security numbers, PINs, credit or Check Card numbers, or other confidential information. Below is just a sampling of attempts to steal your information.

If you believe you have been a victim, please visit Reporting Fraud.


Google Docs Phishing Scam

A phishing scam uses an email with the subject line of “[Name goes here] has shared a document on Google Docs with you.” The body of the email contains a box that reads “Open in Docs.”  Public school districts throughout Wisconsin were particularly experiencing a barrage of these phishing emails which appeared to come from known and unknown senders.

Google took steps to curb the scam and advised people to report the phishing emails within Gmail.

“We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts. We removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again,” a series of Tweets from the verified Google Docs account said.

Anyone who clicked through the link and granted access to their Gmail accounts can revoke it by visiting https://myaccount.google.com/permissions and removing an app called “Google Docs.”  Steps should also be taken to monitor your financial and personal information.

CEO Fraud

This type of fraud targets businesses usually by infecting an email that appears to come from an officer of the company who is requesting a payment, usually by wire transfer, to a supplier. The scam is initiated by compromising one of the business’s email accounts, usually through a phishing scam that starts with a legitimate looking email that contains a malicious link or attachment. Once the phishing malware is installed, the computer may be used to access the victim’s data, or the email account may be used to send out requests to employees to make payments to crooks posing to be business vendors.

Texting Scam Regarding Compromised Debit Cards

A scam has been reported that uses a text message to notify you that “Your debit card has been compromised and/or closed”.  To get a new card you must provide information to receive a new card.  Do not reply to a message of this type. PLEASE BE AWARE that Jackson County Bank does utilize a Debit Card Fraud Center to alert customers to card compromises.  To understand the difference between a scam and our legitimate service please note these facts about JCB’s Debit Card Fraud Center:

  • The Fraud Center will not ask for account numbers or personal information such as social security numbers or test questions to verify your identity.  The Fraud Center will use recent card activity for identification purposes when necessary.
  • When the Fraud Center is unable to contact you at the phone numbers listed in our records, the Fraud Center will leave a message with a phone number for you to return their call.
  • Individuals calling from the Fraud Center will identify themselves as calling on behalf of Jackson County Bank and will call only when there is suspicious or unusual activity on your Debit Card.

Common Phishing or Texting Scams

Beware of emails, texts or calls that include the following topics:  IRS payment due, account status warnings, we need to talk subjects, UPS, FedEx or other shipment related emails, emails fasking you to wire money, work from home offers.

IT Support Emails or Phone Calls

An IT support scam may come as an email or call from someone claiming that there is something wrong with your computer or email account.  This can also come in the form of a pop-up on a compromised web site.  Clicking on a link or opening an attachment may install malware on your computer.  In the case of a phone call, the “Support” person may request payment for removing a virus or repairing your system.  Unsolicited calls for support are a red flag for a scam.

Beware of Disaster Relief Emails

Beware of potential email scams regarding the earthquake in Nepal. The scam emails may contain links or attachments that may direct users to phishing or malware infected websites. Phishing emails and websites requesting donations for fraudulent charitable organizations commonly appear after these types of natural disasters.

Better Business Bureau Phishing Emails

Beware of phishing emails stating they are from the Better Business Bureau.  These emails may indicate that someone has filed a case against you and probably include a link or attachment.  Clicking on the link or opening an attachment may download malicious software on your computer.

Fake IRS Phishing Emails Regarding Rejected Tax Payments and More

Tax season brings with it increased phishing scams, malware campaigns, and fake telephone calls claiming to be from the IRS. These may include, but are not limited to, fraudulent emails regarding rejected tax payments, information that refers to a tax refund, warnings or threats about unreported or under-reported income, offers to assist in filing for a refund, and details about fake e-file websites. These messages, which may appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.

Your “Grandchild” Wants Your Money, Not Your Help

As a loving grandparent, you’d do anything for your grandchildren if they were in trouble, no questions asked, right? That may be your natural reaction, but asking a few questions first could save you from getting scammed. That’s because a call like this is probably not from your grandchild. It’s from a scammer looking to con you out of thousands of dollars. And they’re preying on your kindness. In the “grandparent scam,” a caller pretending to be your grandchild will say that he or she is in trouble, usually in a foreign country, and either in jail or a hospital. Your “grandchild” will beg you to wire money right away and to keep the request confidential. People who pull this scam usually pressure people to wire money through commercial money transfer companies like Western Union and Money Gram because wiring money is the same as sending cash. The chances of recovery are slim to none. In some cases, the fake relatives or friends may actually know the names of family members and manage a clever impersonation. In others, they trick a grandparent into giving up the grandchild’s name. Sometimes, another person gets in the act, pretending to be a police officer or bondsman to confirm the bogus story. If you get a call from a family member asking you to wire money, don’t panic and do resist the urge to act immediately. Don’t let emotions overtake reason. Here are some suggestions for handling a call like this:

  • Try to verify the caller’s identity by asking personal questions a stranger couldn’t answer.
  • Don’t fill in the blanks. Refrain from mentioning other family members’ names or personal information. If the caller says, “It’s your granddaughter, respond with “Which one?” Most likely, the caller will then hang up.
  • Remember that some impostors research the people they are posing as and can answer basic questions about them.
  • Resist the pressure to act immediately. Try to contact the grandchild at a number that you know is accurate such as a home or cell phone number before transferring money. If you don’t have your grandchild’s phone numbers, get in touch with their parent, spouse or another close family member to check out the story before you send any money, even if you’ve been asked to keep the call a secret.
  • If you can’t reach a family member and still aren’t sure what to do, call the local police on the non-emergency line. They can help you sort things out.
  • Never provide your bank or credit card account numbers to any caller – regardless of the reason.

Holiday Online Scams

Scammers are preying on people that may have made online purchases for the Holiday season.

  • Be on the lookout for “Shipping Problem” emails from from FedEx, UPS or the US Mail, where the email claims they tried to deliver a package from (for instance Apple Computer) but could not deliver due to an incomplete address. “Please click on the link to correct the address and you will get your package.” If you do, your computer is likely to get infected with malware. Warn everyone in the family, especially teenagers.
  • Watch out for alerts via a TEXT to your smartphone that “confirm delivery” from FedEx, UPS or the US Mail, and then asks you for some personal information. Don’t enter anything.
  • And to reiterate a warning we sent out a few weeks ago, there is a fake refund scam going on that could come from a big retailer. It claims there was a “wrong transaction” and wants you to “click for refund” but instead, your device will be infected with malware.

Especially in these times, Think Before You Click!

SCAM ALERT: Phone Scam Alleging Association with USDA Farm Service Agency

Beware of a phone scam claiming association with USDA Farm Service Agency.  The callers, who identify themselves as Farm Loan Services representatives, state that FSA “owes” you disaster assistance funds and proceed to request your account or card information to allegedly credit funds to your account.  DO NOT provide personal or financial information to the caller. SHOULD YOU RECEIVE A SIMILAR CALL, DO NOT, UNDER ANY CIRCUMSTANCES, PROVIDE PERSONAL OR FINANCIAL INFORMATION TO THE CALLER. 

Fake Fraud Center Calls Requesting Card Numbers

Please be aware that we have received a report of an automated phishing call claiming to be the Fraud Center, and then asking the customer to provide the card number. Please remember:  The Fraud Center will not ask for account numbers or personal information such as social security numbers or test questions to verify the identity of a customer. The Fraud Center will use recent card activity for identification purposes when necessary.

Heartbleed Bug

Researchers identified a vulnerability in a widely used software, known as the “Heartbleed bug”, that puts a majority of secured websites at risk if not addressed.  After an assessment, the good news is that our Internet Banking is not vulnerable to the Heartbleed bug.  Our website, jacksoncountybank.com, is patched for the vulnerability, and as a proactive measure we have replaced our website certificate. Please be advised to be certain to use precautions to protect yourself online by frequently changing your passwords, securing confidential information, using industry leading fraud security products on your online devices to detect any viruses, avoiding suspect websites, and ignoring/deleting any emails from unknown entities.

The End of Windows XP

It’s likely you’ve heard by now that on April 8, 2014 Microsoft stopped supporting Windows XP and will no longer create security updates for XP.  That means that any security holes found on XP will not be patched by Windows updates.  It also has been predicted that the bad guys will be exploiting the vulnerabilities to XP aggressively.  This makes XP users much more susceptible to malware attacks. If for some reason you are “stuck” with XP, you may want to consider these tips:

  • Isolate your XP machine from other computers.
  • Use a firewall for the XP machine and turn on the Windows Firewall and Microsoft Security Essentials.
  • If possible, do not use the Internet with the XP machine.
  • If possible, do not use email on the XP machine.
  • You may consider installing Google Chrome, which supports XP until at least April 2015, and disable Internet Explorer.
  • Uninstall all third-party programs and applications that you do not need.
  • If you use Microsoft Office, fully patch it and keep it patched.

This summary is for information purposes only.  Please consult with your computer service provider for recommendations specific to you.

Cryptolocker Ransomware Locks Computers

Cryptolocker ransomware is being spread to computers through phishing emails with infected attachments.  Ransomware is a type of malware that hijacks a user’s computer by taking control of its screen, locking the system and then displaying a ransom message.  Typically, these messages appear to be from law enforcement agencies, banking institutions or some other trusted source.  To fool consumers, the attacks may include a message that claims the victim owes back taxes or some type of payment. Unless a fee or penalty is paid, the computer will remain locked, the ransomware often claims.   The cryptolocker uses encryption to lock the computer, and the attack displays a splash screen with a countdown timer and a demand for ransom to unlock the system.

Fraudulent Calls Regarding Compromised Debit Cards

Fraudulent phone calls to cell phones and land lines have been reported regarding Debit Cards.  The phone calls reported were an automated recording referring to a debit card with County Bank, River Falls Bank, or National Bank of River Falls.  This message, however, could be altered to list other institutions.  Please do NOT provide any personal or financial information if you receive a call of this type. PLEASE BE AWARE that Jackson County Bank does utilize a Debit Card Fraud Center to alert customers to card compromises.  To understand the difference between a scam and our legitimate service please note these facts about  JCB’s Debit Card Fraud Center:

  • The Fraud Center will not ask for account numbers or personal information such as social security numbers or test questions to verify your identity.  The Fraud Center will use recent card activity for identification purposes when necessary.
  • When the Fraud Center is unable to contact you at the phone numbers listed in our records, the Fraud Center will leave a message with a phone number for you to return their call.
  • Individuals calling from the Fraud Center will identify themselves as calling on behalf of Jackson County Bank and will call only when there is suspicious or unusual activity on your Debit Card.

Callers Claim to Suspend Payments Unless They Receive Information

We have received reports of fraudulent telephone calls claiming to be from Visa or MasterCard.  The caller warns that they are suspending the victim’s ability to make purchases online with their debit card unless they press 1 and give more information.  Another type of call offers a reduced interest rate on cards due to the victim’s good payment history.  The caller then requests information about the card for verification.   Do not provide information from an unsolicited call.

HP Printer Phishing Email

Beware of an email that appears to come from HP_Printer@domainname.com, where “domainname” may be your own domain name.  It will appear to have a scanned document attached.  You may also see alert@dnb.com in the subject line, and there will most likely be a .zip file attachment.  This particular virus has been designed to trick anti-virus protection into thinking it is an internally generated email, and virus protection may not catch it.

Beware of Prism Phishing Email

There is a popular malicious e-mail going around with a subject line “You Are On The CIA Prism Watchlist”, or something similar. Since Prism has been all over the press recently, this is a prime social engineering tactic bad guys use to manipulate people to avoid a negative consequence.  When in reality it is an attempt to load malware on your machine.  If you happen to come across an email with subjects like this or that refer to CIA or NSA Prism lists, delete the email and do not open the attachment. There will also be variants without attachments that ask people to click on a link which, behind the scenes, takes you to an infected website.

US Department of Homeland Security/National Cyber Security Division Fake Emails to Ransom Users

US-CERT has received reports of users who are being targeted by the ransomware.  The user receives an email message claiming that use of their computer has been suspended and that the user must pay a fine to unblock it. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division.

Beware of Bank Alerts that Request Information

During the holiday season cyber criminals aggressively create new ways to steal money and personal information. Scammers use many techniques to fool potential victims, including conducting email and texting schemes posing as financial institutions.   Below are instances of schemes reported by financial institutions:

  • A customer received a text message stating that her online banking password had been reset – the message did not reference her bank name. A link and phone number were provided in the text if she did not request the reset. When the user contacted the number provided, she was asked for a credit card number.
  • A customer received an email notice not referencing his financial institution but noting that his Neteller (NetTeller was misspelled throughout the email) profile needed to be updated for security purposes and to avoid interruption. There was a link provided in the email that would have enabled malware if selected.

OCC Fraudulent Letters and Emails

The Office of the Comptroller of the Currency has issued an alert about fraudulent letters being distributed by email, fax or postal mail regarding held funds.  The letters may indicate that funds are being held by the Halifax Bank, London, England, and that the recipient will be required to pay a mandatory express service charge to have the funds released.  The letters are being sent by fraudsters in an attempt to elicit funds from them and to gather personal information to be used in possible identity theft.

NetTeller Watch Notice Email

There have been reports of phishing emails being sent from what appears to be customer_service@netteller.com with the subject line of NetTeller Watch Notice.  These are bogus emails trying to get recipients to click on a link in the email, which could potentially cause harm.  Do not click on links in an email like this, and we recommend permanently deleting the email.

Malware Targets Business ACH Originators

There has been an increased level of activity with a malware that is designed to takeover a user’s screen that is especially targeting token (a small hardware device used when logging in) users.  The malware may be downloaded from phishing emails or by visiting an infected website.  One such attack will prompt a user to input his account and/or token data, which then results in a fake message indicating that the user will be unable to access the system for 24-hours while maintenance is performed.  This allows the fraudster to take over the session and commit fraud while the user is detained on the fake “maintenance” screen.

Phishing Emails Include Fake AT&T Bills and Fake USPS Email

A very legitimate looking phishing email is in circulation that appears to be an AT&T bill.  The high dollar amount on the bill is meant to entice the user to clicking for more information.  Also, a USPS email indicates that an attempted delivery has been rejected, and provides a like to supposedly download the shipping and tracking information.  Both these emails are designed to alarm users so that they click links which then download malware to the computer. Fraudulent NACHA E-mails The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These phishing incidents are occurring with greater frequency and increased sophistication. NACHA does not send communications of any type to persons or organizations about individual ACH transactions that they originate or receive. If you have received a communication of this nature that purports to come from NACHA, it is fraudulent. Perpetrators are conducting similar phishing attacks in which they are sending fraudulent emails that claim to be from the Federal Reserve Bank, IRS, or other federal agencies, as well as commercial financial institutions, other payment organizations, technology companies, and businesses. Do not click on any link or send any information.

Fraudulent FDIC E-mails Regarding FDIC Insurance

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being from the FDIC. The emails, for example, may warn of temporarily suspended accounts, information regarding banks, or changing regulations. The emails attempt to trick recipients into clicking on links which may take the recipient to a fraudulent website. These e-mails and links are fraudulent and were not sent by the FDIC. Recipients should consider these e-mails an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT install any related files or software updates. The FDIC does not directly contact bank customers, nor does the FDIC request bank customers to install software upgrades. Information about counterfeit items, cyber-fraud incidents, and other fraudulent activity may be forwarded to the FDIC’s Cyber-Fraud and Financial Crimes Section, 3501 North Fairfax Drive, CH-11034, Arlington, Virginia 22226, or transmitted electronically to alert@fdic.gov.

Fraudulent E-mail regarding Credit Checks

Please be alert to a possible phishing email that has been reported addressed to “jacksoncountybank.com Visitor”. It refers to an offer for a free credit score check offered for a limited time. Please be advised that this email did not come from Jackson County Bank, and does state at the bottom that it is an advertisement. If you receive an email that you are not expecting asking you to provide personal and/or sensitive information, or directing you to a link, for your protection, do not click on any link and do not send the information. Even if the website and/or email appear genuine, do not continue.

Fake Disaster Related Emails

Users should be aware of potential email scams, fake antivirus, and phishing attacks regarding the Mississippi flooding disaster, warns the United States Computer Emergency Readiness Team. These follow the same trend as the phishing attempts related to the Japan earthquake and tsunami disaster. Email scams may contain links or attachments that may direct users to phishing or malicious websites. Fake antivirus attacks may come in the form of pop-ups that flash security warnings and ask the user for credit card information. Phishing emails and websites requesting donations for bogus charitable organizations commonly appear after these types of natural disasters.

Credit Score E-mail

Please be alert to a possible phishing email that has been reported addressed to “jacksoncountybank.com Visitor”. It refers to an offer for a free credit score check offered for a limited time. Please be advised that this email did not come from Jackson County Bank, and does state at the bottom that it is an advertisement. If you receive an email that you are not expecting asking you to provide personal and/or sensitive information, or directing you to a link, for your protection, do not click on any link and do not send the information. Even if the website and/or email appear genuine, do not continue.

Congratulations! You’re the Latest Sweepstakes Scam Victim

It starts off innocently enough. You receive a congratulatory phone call or letter informing you that you’ve won a prize in a lottery or sweepstakes. The cash prize sounds great, especially during the recent economic downturn. The only hitch is a minor one; before any winnings are delivered, you must pay fees, taxes or other charges. Considering all the money you have just won, the amount requested seems small and reasonable compared to your winnings.  The only prize you will receive is an overdraft notice from your financial institution if you attempt to spend your winnings. Scams involving lotteries or sweepstakes are very common and tend to target consumers age 70 and older. With the recent economic downturn, it is more important than ever to be cautious when receiving an offer that seems too good to be true. Protect yourself from sweepstakes scams with the following tips:

  • Know who you’re dealing with and confirm the company’s name, address and phone number through agencies like the Better Business Bureau.
  • Don’t give out your credit card, checking account number or write a check unless you are sure who you’re dealing with and what you will be receiving.
  • Resist high-pressure sales tactics and insist on time to think and discuss offers with trusted friends, family members or financial advisors.
  • Report any suspicious offers to your local police or financial institution. Either agency will offer help in determining the legitimacy of the offer.

During hard economic times scammers are also contacting individuals claiming to hold stimulus checks in your name, or they may contact you with an offer to be a mystery shopper or a similar job that sounds too good to be true. As tempting as these easy money opportunities might sound, you should always trust your better judgment and contact Consumer Protection, the Better Business Bureau or your local financial institution if you receive such an unsolicited offer. These organizations can advise you if the opportunity is the real deal, or just a scam. Also, you should never have to pay an employer for work. If they ask you for money there’s a very good chance that something is up.

Pulse Phishing Scam Using E-mail or Telephone.

Pulse has issued an alert regarding an e-mail scam where consumers have been falsely notified that their Visa cards may have been compromised. The e-mail contains a link to a fraudulent site for cardholders to verify their identity on the web in order to continue to use the online service. Another telephone scam has been reported in the past throughout the midwest. A fraudster calls consumers and, using the name of local banks, claims that their credit cards have been suspend. the caller then asks for the credit card numbers in order to process new cards.

Nigerian “419” Scam Meets the FBI.

Consumers continue to be inundated by emails purportedly from the FBI. Many of the emails currently in circulation claim to be an “official order” from the FBI’s Anti-Terrorist and Monetary Crimes Division, from an alleged FBI unit in Nigeria, confirming an inheritance, or containing a lottery notification millions of dollars. Recipients are instructed to furnish personally identifiable information and are often threatened with some type of penalty, such as prosecution, if they fail to do so. But these emails are scams, are not from the FBI, nor does the FBI ever send unsolicited emails of this nature.

Airline Ticket Scam.

This email scam targets holiday travelers. Recipients get a .zip file attached to a message about an airline ticket and an ominous mention of a credit card balance. It appears to come from legitimate major airlines including Delta, JetBlue, Continental, American Airlines and Virgin America. This .zip attachment appears to contain a purchase invoice and flight ticket. But if you open the attachment, malicious code may be installed on your system.

IRS Phishing Scam Targets US Immigrants.

The Internal Revenue Service is warning taxpayers not to respond to a mass email phishing scam, which appears to target immigrants. The emails, purporting to come from “noreply@irs.gov,” include attached fake forms that ask unwitting taxpayers to fax in personal bank account numbers. The e-mail may have a cover letter from a person identifying herself as IRS public relations employee, Laura Stevens, who instructs recipients to fill out the attached W-4100B2 form. The attached form W-4100B2 does not exist but is similar to the IRS’ W8-BEN form. The form requests such information as the person’s birth date, Social Security number, mailing address, bank account number and signature. The IRS never contacts taxpayers by email.

Add the security of text alerts. 

Enroll in Fraud Watch Text Alerts and receive text alerts regarding high risk debit card transactions.

Learn More

What's your answer?

Which 2 items do you spend most on each month?

View Results

Loading ... Loading ...