Fraudulent E-Mail Alert from Community National Bank We have received notification of an e-mail that gives the appearance of being sent from Community National Bank. The “from” line of the email displays the name “cnb-usa.com support” and the subject line includes “cnb-usa.com account notification”. There is a link in the e-mail that should not be clicked on. This is a fraudulent e-mail and it was not sent from Community National Bank. Online Banking, Bill Paying and Shopping: 10 Ways to Protect Your Money Online banking, bill paying and shopping are conveniences that most people want to enjoy. And most of the time, high-tech transactions are completed quickly and without a glitch. However, just as with other transactions, in a small percentage of cases something goes wrong. That's why you need to take precautions against theft and errors. In particular, even as banks and merchants tighten up security, Internet thieves devise new, sophisticated ways to trick consumers into sending money or into revealing information that can be used to commit fraud. "Today's Internet threats wear many different disguises, from fake Web sites to fraudulent text messages on cell phones," warned Michael Benardo, Chief of the FDIC's Cyber-Fraud and Financial Crimes Section. "That's why online consumers need to be aware that they may be targeted and they should always be on guard." David Nelson, an FDIC fraud specialist, added: "Online fraud is an ongoing game of cat and mouse. Crooks continuously hunt for security holes, banks and merchants plug those holes, and then the criminals find new ones to slink through. But consumers play an important role in keeping crooks at bay by being aware of the potential risks, taking precautions and remaining vigilant." FDIC Consumer News, which periodically issues guidance to consumers regarding online precautions they can take, offers our latest collection of top tips. Note: Not all financial institutions offer each product or service described here. 1. If you bank online, frequently check your deposit accounts and lines of credit to spot and report errors or fraudulent transactions, just as you should with traditional banking. "Your ability to monitor your accounts online has gotten easier, faster and more convenient now that banking by cell phone is starting to mature alongside banking online," said Michael Jackson, Associate Director of the FDIC's Technology Supervision Branch. "This is important, because the sooner you can detect a problem with a transaction, the easier it should be to fix." Nelson suggested checking your accounts online about once or twice a week, but he also noted that "more and more banks are making it easier for their customers to keep an eye on their accounts electronically. For example, many banks offer e-mail or text message alerts when your balance falls below a certain level or when there is a transaction over a certain amount." Federal laws generally limit your liability for unauthorized electronic funds transfers, especially if you report the problem to your financial institution within specified time periods, which will vary depending on the circumstances. A good rule of thumb is to check your statements promptly and report unauthorized transactions to your bank as soon as possible. 2. Never give your Social Security number, credit or debit card numbers, personal identification numbers (PINs) or any other confidential information in response to an unsolicited e-mail, text message or phone call, no matter who the source supposedly is. Chances are an "urgent" e-mail or phone call appearing to be from a government agency (such as the IRS or the FDIC), a bank, merchant or other well-known organization may be a scam attempting to trick consumers into divulging personal and account information. It's called "phishing," a high-tech variation of the concept of "fishing" for personal information. Also watch out for phishing scams that involve bogus text messages sent to cell phones claiming that a bank account has been "blocked" and the recipient must call a certain number to fix the problem. If you make that call, you likely will be asked to enter your account number and PIN. The criminals can use this information to make counterfeit debit cards and drain your account. "Real bankers and government officials don't contact people asking for this kind of information," said Benardo. "Your bank will already have your account numbers and only you should know your log-in credentials, and a government agency won't have a need for this information." 3. Don't open attachments or click on links in unsolicited e-mails from anyone you don't know or you otherwise aren't sure about. Sometimes these attachments or links can infect your computer with "spyware" that can change your security settings and record your keystrokes. "Spyware can secretly steal your passwords, bank or credit card numbers, and your answers to security questions like your mother's maiden name or your high school," Benardo advised. "Online thieves can use this information to log into your account, make changes and transfer money, leaving your bank account empty." In one recent example, criminals sent out fake IRS e-mails warning recipients that they were being investigated for unreported income and asking them to click on an attachment for more information. The file launched a program that allowed hackers to install spyware and other unwanted programs on personal computers (PCs) to access bank accounts. 4. Watch out for sudden pop-up windows asking for personal information or warning of a virus. This is called "scareware" because it frightens people into providing information, downloading malicious software or paying for removal. If you get an e-mail or pop-up window saying your computer has a virus and it offers a program to clean your PC — and the warning window won't go away — your first step is to use the computer's "task manager" function and click "end task" or "force quit" to shut down the pop-up window. Scareware can be a nuisance to clean off your computer, so call your anti-virus software company if you need help. 5. Use a mix of security tools and procedures. "Staying safe online is like protecting your home with lighting, locks, alarms and fire extinguishers," explained Nelson. "You can't rely on just one layer of defense to protect you from all online threats." At the top of the list of security tools to use — and keep updated — are anti-virus software to detect and block spyware and other malicious attacks, and a "firewall" to stop hackers from accessing your computer. Even if your computer seems fine, Nelson said, schedule an automatic anti-virus scan to run at least once a week but preferably every day. Call or e-mail your anti-virus vendor right away if you get a warning message and you don't know what to do next. Also consider these extra precautions as you use the Internet: • Don't log into your bank account while using public computers, such as at a library, or free wireless connections at coffee shops and similar places. Criminals often try to intercept Internet traffic, including passwords, from these locations. • Pay attention to the toolbars at the top of your screen. Current versions of the most popular Internet browsers and search engines often will indicate if you are visiting a suspicious Web site. • Choose "strong" user IDs and passwords that will be easy for you to remember but hard for hackers to guess. The strongest ones have a combination of letters, numbers and other characters, and are at least 10 characters long. For your online banking, choose IDs and passwords that are not the same as those you use for e-mails or social networking sites, just in case they get into the wrong hands. Also change your online banking password about every 90 days. And if you remove a computer virus from your PC, immediately change your password. • Have each person in your household bank and shop online and send e-mail through his or her own "standard user account." Not conducting these online activities through the computer's "administrator account" — the one that makes changes affecting all users — reduces the likelihood that a hacker can install unwanted programs on your PC. Limit the use of the administrator account to special tasks needed for your computer, such as adding or removing software and installing updates to your operating system. • Consider using a separate computer solely for online banking or shopping. A growing number of people are purchasing basic PCs and using them only for banking online and not Web browsing, e-mailing, social networking, playing games or other activities that increase the chances of downloading malicious software. You can also consider using an old PC for this limited purpose, but you should uninstall any software you no longer need and follow up with a scan of the entire PC to check for malicious software. • Only use security products from reputable companies. Nelson said one way to check out these products is by reading reviews from computer and consumer publications. "Look for a product that has high ratings for detecting problems and for providing tech support if your computer becomes infected," he said. Kathryn Weatherby, a fraud specialist at the FDIC, also cautioned that banks normally don't ask their customers to download software updates. "If you get an unsolicited request to update your banking software," she said, "independently verify it by calling your bank using a phone number from your bank statement, not the phone number that appears in the request, which could connect you to a scam operation instead of your bank." 6. Beware of check scams. With unemployment high, con artists are preying on people who need cash. One common check scam involves attractive offers — usually originating in e-mails or online job postings — involving part-time work from home. As the new "employee," you will be sent a check to deposit (which will be counterfeit) and told to forward cash from your own account (to the crooks). Another scam involves "mystery shopper" programs where the new hire is given fake money orders or checks and asked to wire funds to the criminals. And unlike electronic transfers that are covered by consumer protection laws, fraudulent check scams often leave consumers suffering the loss. 7. When shopping online, deal with reputable merchants and be wary of unbelievably low prices. "There is no guaranteed way to ensure that an online merchant you're unfamiliar with is reputable, but there are ways to avoid doing business with an unreliable one," cautioned Jeff Kopchik, an FDIC Senior Policy Analyst specializing in technology matters. First, he said, ask your friends and family if they've had good experiences with a merchant you're considering using. "If people you know have used and can recommend an online merchant, that's a strong indicator," he added. Second, you may already know and like some online merchants from their retail outlets, mail order catalogues or other services. They are likely to be a safer bet than an unfamiliar merchant that doesn't list a physical address or a phone number on its Web site. If you are uncertain about an online merchant, check with the Better Business Bureau Online at the following website www.bbbonline.com. You can also search online for complaints about the business. Similarly, if you have a problem with an online merchant, file a report with the Better Business Bureau. The Bureau will notify the merchant about your concern and ask you if the issue was resolved. A legitimate merchant will attempt to fix the problem, while a crooked company may have many unresolved issues. 8. Using a credit card generally offers more purchase protection than a debit card or other electronic forms of online payment. "Unlike paying with a debit card and the money being immediately transferred out of your account, with a credit card you generally have weeks to pay your bill," Kopchik said. "So if the merchant does not deliver as promised, you have time to dispute the transaction and even enlist the help of your credit card company." He also noted that federal law gives you certain rights, in areas such as dispute resolution, when buying with a credit card. However, watch your budget when using your credit card to shop online. Kopchik said studies have shown that people spend more when they use a credit card instead of cash, a gift card or a debit card. 9. Be on guard against scams hiding behind online coupon offers. Web sites for legitimate coupons will only ask consumers to provide an e-mail address in order to use their service to search for online specials and discounts. Beware of any coupon site that asks for personal, financial or payment information, which can be misused by criminals. 10. Be careful if you download banking software onto a cell phone. Many cell phones called "smart phones" allow consumers to add computer-like features ranging from video games to "mobile" banking. But cell phone users need to be aware of an emerging threat from criminals selling malicious software for mobile banking, some even falsely displaying bank logos. "These applications may contain spyware, and downloading them could be giving a hacker access to your bank account or payment card information," reported Nelson. His advice? "Only download mobile banking applications from a safe site, such as your wireless provider, phone manufacturer or your bank." When in doubt, he added, "contact your bank before downloading any banking applications to your cell phone." Unlawful Internet Gambling Enforcement Act The Unlawful Internet Gambling Enforcement Act of 2006 was passed to identify and block, or otherwise prevent and prohibit unlawful Internet gambling. This Bank has established and implemented these written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions related to Internet gambling. This Bank will not knowingly open an account for a commercial customer engaged in unlawful Internet gambling. Beware of New Telephone Scam Cardholders have received computer-generated calls claiming to be from their financial institution. The calls claim their accounts have been frozen and then direct the cardholder to call a toll-free number to leave their debit card information in order to reactivate any cards. The toll-free number includes a recorded message that asks the customer to key their account number, card expiration date, and PIN. Cardholder awareness is key in combating fraud. Should you receive any questionable calls, please make sure you do not provide your personal information. Recommendations to combat this scam: -Make sure you [i.e. cardholder] initiate the contact, and the institution verifies your identity with questions only you would know. -To verify whether a call is legitimate, call your bank or visit its website, using phone numbers or internet addresses from your bank statement or account documentation. Do not call back a number provided over the phone or click on a link in an email. -Most communications will include something that will concern or excite the victim. -If you have been the victim of a scam, file a complaint at local law enforcement. -Notify your financial institution. Make sure that you protect your Identity and never give out any information over the phone. We will never call and ask you for secure information such as your account numbers, social security numbers, etc. Be alert and aware of who you are speaking with. Should you have any questions feel free to contact us at anytime. Fraudulent E-mails Claiming to be the FDIC The Federal Deposit Insurance Corporation (FDIC) has received numerous notifications from consumers of an e-mail that gives the appearance of being sent from the FDIC. The "From" line of the e-mail displays the name "Federal Deposit Insurance Corporation " and the subject includes the words "Consumer Protection." Current versions of the fraudulent e-mail state: "Who is FDIC? The Federal Deposit Insurance Corporation (FDIC) preserves and promotes public confidence in the U.S. financial system by insuring deposits in banks. What can FDIC do for you? Despite the efforts of law enforcement, Identity theft is becoming more sophisticated and the number of new victims is growing. In general, consumers are protected against liability for unauthorized accounts or transactions under federal and state law and by financial industry practices. Identity Theft can affect consumers in many ways, thats [sic] why FDIC is presenting a new card insurance which can restore you up to $500 if you are a victim of internet fraud. Learn more about Consumer Protection > Card Insurance: Clicking here will redirect you to a online signup page for this program." The e-mail requests that recipients click on a hyperlink that is provided. This directs the recipient to a "spoofed" Web page requesting the user to enter personal information to receive $500 of "card insurance." The requested information (name, phone number, Social Security number, address, card number, bank name, card expiration date, card verification code, and electronic signature/ATM PIN) could be used to perpetrate identity theft and gain unauthorized access to bank accounts. Be aware that the appearance of the fraudulent e-mails can be modified and that additional variations are possible. Consumers should NOT access the link provided within the body of the e-mail and should NOT, under any circumstances, provide any personal financial information through this media. The FDIC has shut down the fraudulent Web site and is investigating the source of the e-mails. Consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov. Identity Theft Task Force The Federal Deposit Insurance Corporation (FDIC), a participant in the Government-Wide Identity Theft Task Force, will provide a direct link to the new, centralized government Web site on identity theft. The new site, www.idtheft.gov, has now been launched. Initially, the site will provide the Task Force's Strategic Plan. The Plan, which represents the input of 17 Federal agencies, including the FDIC, sets out recommendations to prevent identity theft, to assist identity theft victims in recovering from those crimes, and to prosecute and punish identity theft-related criminals. The taskforce was created by Executive Order to strengthen Federal efforts to protect against identity theft. Don't Be an On-line Victim: How to Guard Against Internet Thieves and Electronic Scams The Federal Deposit Insurance Corporation (FDIC) has recently released an on-line multimedia education tool that you can use to learn how to better protect your computers and yourself from identity thieves. The presentation also features actions you can take if your personal information has been compromised. Identity theft continues to be one of the fastest growing crimes in the United States, and has ranked as one of the top consumer concerns for the past several years. Identity theft is evolving in more complicated ways that make it harder for you to protect yourself, and easier for criminals to set up virtual storefronts on the Internet to sell confidential personal information. Some of the steps outlined in the presentation that you can take to help safeguard your computers and your personal information from identity theft are: never provide personal information in response to an unsolicited telephone or Internet request; never provide a password over the phone or in response to an unsolicited Internet request; review account statements regularly to ensure all charges and transactions are correct; and use a firewall and anti-virus and spyware protection software. The presentation is on the FDIC's website at www.fdic.gov/consumers/consumer/guard/index.html Congress created the Federal Deposit Insurance Corporation in 1933 to restore public confidence in the nation's banking system. The FDIC insures deposits at the nation's 8,854 banks and savings associations and it promotes the safety and soundness of these institutions by identifying, monitoring and addressing risks to which they are exposed. The FDIC receives no federal tax dollars – insured financial institutions fund its operations. Fraudulent Email Alert It has recently come to our attention that there is a possibility that fraudulent emails claiming to be from Community National Bank are in circulation. It appears the emails may have a “spoofed” sender address of info@cnbusa.com and are being mass-mailed with a virus attached. They may also contain the subject line “Your Password” and/or requests to “verify” user ID’s, passwords, account/card numbers, or other sensitive information. Although info@cnbusa.com is a legitimate address, these emails do not come from Community National Bank. We will NEVER email or call to “verify” sensitive information. We recommend the use of anti-virus and anti-spyware software for personal computers as well as appropriate firewalls to help guard against risks posed by the Internet and email. Never respond to requests for sensitive information received via email or phone without first contacting the sender by an independently verified contact method. If you receive a suspicious email claiming to be from Community National Bank, please notify us immediately. Spyware Alert Recommendations to Prevent and Detect Spyware The Internet has become a popular method for both making purchases and managing finances through online banking relationships. While some individuals have taken steps to protect their computers, many firewall and anti-virus software packages do not protect computers from one of the latest threats, spyware. The term spyware refers to technologies that collect information about a user without his or her knowledge and reports that information to a third party. Certain forms of spyware can intercept sensitive and confidential information about a user, including passwords, credit card numbers and other identifying information. Spyware is usually installed without a user’s knowledge or permission. However, users may intentionally install spyware without understanding the full ramifications of their actions. A user may be required to accept an End User License Agreement (EULA), which often does not clearly inform the user about the extent or manner in which information is collected. In such cases, the software is installed without the user’s “informed consent.” Spyware can be installed through the following methods: · Downloaded with other Internet downloads in a practice called “bundling.” In many cases, all the licensing agreements may be included in one pop-up window that, unless read carefully, may leave the user unaware of “bundled” software. · Directly downloaded by users who were persuaded that the technology offers a benefit. Some spyware claims to offer increased productivity, virus scanning capabilities or other benefits. · Installed through an Internet browsing technique called “drive-by downloads.” In this technique, spyware is installed when a user simply visits a Web site. The user may be prompted to accept the download believing it is necessary in order to view the Web page. Another method is to prompt the user to install the program through pop-up windows that remain open, or download the software regardless of the action taken by the user. · Automatically downloaded when users open or view unsolicited e-mail messages. Behaviors Associated With Spyware Spyware can be difficult to detect and remove because it: · Does not always appear as a running program in the Window's Task Manager; therefore, the user may be unaware that his or her computer is infected. · May not include a removal option in the Windows "Add/Remove Programs" function. When such an option is present, the removal process may not eliminate all components, or it may redirect the user to an Internet site to complete the removal. This often results in new or additional infection rather than removal. In addition, some spyware includes a feature to reinstall itself when any portion is deleted. · May cause a further infestation by installing other spyware programs onto users' computers. Risks Associated With Spyware Spyware increases the risk to users by: · Exploiting security vulnerabilities or settings, changing the computer configuration to relax security settings, or allowing a channel into the user’s computer by circumventing the firewall. The result is that attackers can eavesdrop and intercept sensitive communications by monitoring keystrokes, e-mail and Internet communications. This monitoring may lead to the compromise of sensitive information, including user IDs and passwords. · Providing attackers the ability to control computers to send unsolicited "junk” e-mail (SPAM) or malicious software (Malware), or to perform denial of service (DoS) attacks against Web sites. · Draining system resources and productivity and consuming system resources, even when the user is not browsing the Internet, such as when adware results in voluminous unwanted pop-up advertisements. · Compromising the user's ability to conduct business by disrupting Internet connections as a result of the improper removal of spyware. · Increasing the incidence of SPAM to e-mail accounts. · Compromising confidentiality. Certain types of spyware route all Internet communications through their own servers, often without the user's knowledge. This allows a third party to read sensitive Internet communications even when Secure Socket Layer (SSL) or other encryption protocols are used. Other forms of spyware install an application on the user's computer that monitors and records all Internet communications and sends the report back to the originator. Identity thieves may then impersonate the user using the IDs and passwords collected. · Increasing vulnerability to "phishing" and "pharming" attacks, as some spyware can redirect Internet page requests. Phishing seeks to lure a user to a spoofed Web site using an e-mail that appears to come from a legitimate site. Pharming seeks to redirect a user to a spoofed Web site by introducing false data into a legitimate domain name server (DNS). The spoofed Web sites are set up to collect private customer information, such as account user IDs and passwords. Recommended Actions to Mitigate the Risks Associated With Spyware Computer users should evaluate the risks associated with spyware and seek to mitigate those risks by considering the following: · Installing and periodically updating anti-spyware, virus protection and firewall software. · Adjusting browser settings to prompt the user whenever a Web site tries to install a new program or Active-X control. · Carefully reading all End User Licensing Agreements and avoiding downloading software when licensing agreements are difficult to understand. · Maintaining patches to operating systems and browsers. · Not opening e-mail from untrustworthy sources. · Refrain from using public computers to connect to online banking Web sites. Counterfeit US Postal Money Orders A fraud scheme speeding across the Internet may cost U.S. residents time, money and a not-so-pleasant chat with bank and law enforcement officials for passing counterfeit postal money orders. According to U.S. Postal Inspectors, the scam begins when someone needing help to cash phony postal money orders contacts a victim by e-mail, through an Internet chat room or on-line auction site. Once the bogus money orders are cashed, the victim returns the funds via wire transfer, often unaware they have assisted in a federal crime. Victims are told they can keep some of the money as a gift or payment for their help, officials said. Unsuspecting victims provide their home mailing address to the scam artist – who U.S. Postal Inspectors call “fraudsters” – and are told they will receive a check or postal money order that they should deposit into their own bank account. “Scams promising quick and easy money are cast by fraudsters,” said Chief Postal Inspector Lee Heath. “These scam artists can easily connect to a sea of strangers through the Internet and dangle promising treats, hoping someone will bite.” “Don’t take the bait,” Heath added. Such scams can be coordinated from anywhere in the world, but recently many have been conducted from Nigeria. “This is another example of our commitment to protecting the mail and our fellow Americans,” said Heath. “Their security is our mission.” For more information about postal money order security features, visit the U.S. Postal Service Web site at www.usps.com/missingmoneyorders/security.htm To report a fraud complaint, call the Fraud Complaint Hotline at 1-800-372-8347 or visit the U.S. Postal Inspection Service Web site at www.usps.com/postalinspectors A message from United States Postal Inspection Service Internet Pirates are Trying to Steal Your Personal Financial Information Here’s the Good News: You Have the Power to Stop Them There’s a new type of Internet piracy called “phishing.” It’s pronounced “fishing,” and that’s exactly what these thieves are doing: “fishing” for your personal financial information. What they want are account numbers, passwords, Social Security numbers, and other confidential information that they can use to loot your checking account or run up bills on your credit cards. In the worst case, you could find yourself a victim of identity theft. With the sensitive information obtained from a successful phishing scam, these thieves can take out loans or obtain credit cards and even driver’s licenses in your name. They can do damage to your financial history and personal reputation that can take years to unravel. But if you understand how phishing works and how to protect yourself, you can help stop this crime. Here’s How Phishing Works: In a typical case, you’ll receive an e-mail that appears to come from a reputable company that you recognize and do business with, such as your financial institution. In some cases, the e-mail may appear to come from a government agency, including one of the federal financial institution regulatory agencies. The e-mail will probably warn you of a serious problem that requires your immediate attention. It may use phrases, such as “Immediate attention required,” or “Please contact us immediately about your account.” The e-mail will then encourage you to click on a button to go to the institution’s Web site. In a phishing scam, you could be redirected to a phony Web site that may look exactly like the real thing. Sometimes, in fact, it may be the company’s actual Web site. In those cases, a pop-up window will quickly appear for the purpose of harvesting your financial information. In either case, you may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to a real financial institution, such as your mother’s maiden name or your place of birth. If you provide the requested information, you may find yourself the victim of identity theft. How to Protect Yourself 1. Never provide your personal information in response to an unsolicited request, whether it is over the phone or over the Internet. E-mails and Internet pages created by phishers may look exactly like the real thing. They may even have a fake padlock icon that ordinarily is used to denote a secure site. If you did not initiate the communication, you should not provide any information. 2. If you believe the contact may be legitimate, contact the financial institution yourself. You can find phone numbers and Web sites on the monthly statements you receive from your financial institution, or you can look the company up in a phone book or on the Internet. The key is that you should be the one to initiate the contact, using contact information that you have verified yourself. 3. Never provide your password over the phone or in response to an unsolicited Internet request. A financial institution would never ask you to verify your account information online. Thieves armed with this information and your account number can help themselves to your savings. 4. Review account statements regularly to ensure all charges are correct. If your account statement is late in arriving, call your financial institution to find out why. If your financial institution offers electronic account access, periodically review activity online to catch suspicious activity. What to Do if You Fall Victim: • Contact your financial institution immediately and alert it to the situation. • If you have disclosed sensitive information in a phishing attack, you should also contact one of the three major credit bureaus and discuss whether you need to place a fraud alert on your file, which will help prevent thieves from opening a new account in your name. Here is the contact information for each bureau’s fraud division: Equifax 800-525-6285 P.O. Box 740250 Atlanta, GA 30374 Experian 888-397-3742 P.O. Box 1017 Allen, TX 75013 TransUnion 800-680-7289 P.O. Box 6790 Fullerton, CA 92634 • Report all suspicious contacts to the Federal Trade Commission through the Internet at www.ftc.gov/bcp/edu/microsites/idtheft, or by calling 1-877-IDTHEFT. You Can Fight Identity Theft Here’s How: Never provide personal financial information, including your Social Security number, account numbers or passwords, over the phone or the Internet if you did not initiate the contact. Never click on the link provided in an e-mail you believe is fraudulent. It may contain a virus that can contaminate your computer. Do not be intimidated by an e-mail or caller who suggests dire consequences if you do not immediately provide or verify financial information. If you believe the contact is legitimate, go to the company’s Web site by typing in the site address directly or using a page you have previously bookmarked, instead of a link provided in the e-mail. If you fall victim to an attack, act immediately to protect yourself. Alert your financial institution. Place fraud alerts on your credit files. Monitor your credit files and account statements closely. Report suspicious e-mails or calls to the Federal Trade Commission through the Internet at www.idtheft.gov or by calling 1-877-IDTHEFT. A message from the federal bank, thrift and credit union regulatory agencies Board of Governors of the Federal Reserve System Federal Deposit Insurance Corporation National Credit Union Administration Office of the Comptroller of the Currency Office of Thrift Supervision