Alerts -Header

Vanguard Phishing Scam

There is an extremely authentic-looking email being sent, which appears to come from Vanguard regarding a retirement account (example below). Most links look and appear authentic, with the exception of the link to verify your identity.  This link will send the unsuspecting recipient to an unsafe website.

Vanguard Alert

STAR's Security Department has confirmed that it is a known phishing scam. If you should happen to receive this message, please delete and disregard.   

If you have any questions or concerns on how STAR's Security Department is monitoring the situation, please contact us at 888.395.2447.

Anthem Data Breach

Individuals who may have been impacted by the recent cyber attack against Anthem should be hyper vigilant and continue monitoring all their accounts - personal and financial. There will be fraudsters posing as Anthem customers, online or in person, attempting to use this stolen information.  Although the overall damage is still yet unknown, it should be noted that sensitive information was acquired.  Full names, Social Security Numbers, Birthdates and even credit card and banking information will be attempted to be used. 

If you are an Anthem customer, past or present, you could be a victim. The Indiana State AG’s office has setup a page on their site to allow individuals to freeze their personal credit report for all 3 credit agencies:  www.IndianaConsumer.com.  You can also access this page directly via http://www.in.gov/attorneygeneral/2891.htm.  

If you have any questions or concerns on how STAR's Security Department is monitoring the situation and it's impact to our customers, please contact us at 888.395.2447. For more information about the Anthem Data Breach, please Anthem's News & Media site. 

Debit card security in light of the recent Home Depot data breach

You may have heard that Home Depot recently experienced a breach of its payment terminals. On September 18th, the company announced that as many as 56 million cards may have been compromised during the five-month attack on those terminals. This makes the breach larger in scope than even the Target breach that occurred during the holiday season in 2013.

STAR debit card holders that were potentially impacted by the Home Depot breach have had their debit cards reissued and a new PIN assigned. However, as your Trusted Advisor, STAR strongly encourages all debit card holders to take the following precautions to protect their account(s):

  • Visit any STAR branch ATM to change the PIN (Personal Identification Number) associated with your debit card(s). It is a good idea to change your PIN on a regular basis, just as it is a good idea to change passwords you use on your computer.
  • Monitor your account(s) closely for fraudulent activity. If you discover any unauthorized transactions, contact STAR immediately.

You can be assured that the safety and security of your finances is always top of mind at STAR. We monitor all debit card transactions for possible fraud and will contact you if we suspect fraudulent activity on your account. For this reason, it is important that we always have your current cell phone, home phone, and email address on file. For more information on how STAR protects you and tips to prevent fraud, please visit starfinancial.com/security-center.

Thank you for being a valued STAR customer. We truly appreciate your business. If you have any questions regarding this information, or if we can help you with any of your financial needs, please call us at (888) 395-2447.

Mobile Malware Targeting Bank Customers

A mobile Trojan, called Svpeng, which until recently was limited to Russia has recently started to target mobile banking users in the United States. The malware, which only infects Android devices, checks the user’s phone for a list of certain mobile banking applications.  When the user launches the banking app, the malware can lock the device and demand a ransom or attempt to social engineer the user in order to steal the user’s login and password.

Please note: this piece of malware does not pertain to STAR’s mobile banking website – https://mobile.starfinancial.com

If you are using a mobile banking application, please consider employing security best practices to proactively mitigate the Svpeng threat including:

  • Utilizing additional controls around the movement of funds
  • Installing mobile security software to provide device-level protection(s)
  • Following safe practices to avoid unnecessary risks, such as installing apps from third-party sites or unreliable sources
  • Performing regular backup of data stored on Android devices

For more information about this mobile malware, please refer to the following resources:

IBM Security Intelligence – SVPENG: Mobile Malware Expanding to New Territories June 20, 2014

Market Watch - Kaspersky Lab Detects Mobile Trojan Svpeng: Financial Malware with Ransomware Capabilities now Targeting U.S Users June 16, 2014

American Banker – First Major Mobile Banking Security Threat Hits the U.S. June 13, 2014


STAR has noticed a recent rash of fraudulent wire requests. The requests appear to originate from the CEO, President or senior executive of your company and are emailed to the CFO, Controller or Accounts Payable Department.

Below is an example of the fraudulent wire request email.  This scam spoofs the email domain of the target company.  

From: President [mailto:President@starfinacial.com] 
Sent: Tuesday, May 13, 2014 12:51 PM
To: Controller
Subject: Wire Transfer


Process a wire of $12,617.00 to the account information attached. Code to Admin Expense and send me the confirmation when completed.



Using STAR’s email domain as an illustration, note that @starfinancial.com is misspelled – it is missing an “n.” The email will include wiring instructions and possibly a supporting invoice.  The amount of the request is typically $12,000 to $15,000.

Be sure to comply with your company’s internal controls when processing an invoice for payment or submitting a wire or ACH request. For more information about the scam, please read the FBI Alert.



STAR's Security Department has been notified by Trusteer, an IBM Company, of a phishing email campaign targeting Trusteer. 

The fraudulent emails appear to come from Trusteer with the sender’s email address masquerading as support@trusteer.com, an e-mail account that is no longer in use. These emails are part of a spear phishing campaign that uses Trusteer’s brand to distribute a malicious executable file.

The malicious emails requests that recipients run the attached file in order to upgrade their Trusteer Rapport software version. Please note that Trusteer will not distribute Rapport updates as email attachments.

In response, Trusteer has already begun rolling out an update that will protect users from accidentally opening the malicious file. Further recommendations from Trusteer are as follows:

  1. Users who received this email are requested to delete it immediately.
  2. Users who may have already launched the attached file should be instructed to refrain from online banking, and contact Trusteer Support.

Should you have any questions, please do not hesitate to contact us at trusteer-enterprise-support@us.ibm.com. For more information about protecting yourself against fraud, please visit www.starfinancial.com/security-center.


STAR has reports of consumers receiving e-mails spoofing STAR’s e-mail domain, @starfinancial.com.  Electronic-payments@StarFinancial.com is one example.  These e-mails are not from STAR and contain attachments with copies of checks.  These checks are counterfeit and will be returned if negotiated.

With a check cashing scam, you are asked to receive a check, deposit it into your bank account, and transfer most of the amount to a third party, while keeping a portion of it for yourself as “payment”.

The checks a consumer receives are counterfeit and it’s only a matter of time before the company whose checks have been counterfeited, or the bank into which you are depositing the checks, becomes aware of the scam.  Oftentimes, this will leave the consumer who deposited the checks responsible for repaying the bank and/or the company whose checks are being used.

For more information about protecting yourself against fraud, please visit www.starfinancial.com/security-center.


You may have recently heard or read news reports about the “Heartbleed Bug”, which affects the technology used to encrypt sensitive information (this technology is referred to as OpenSSL).  The “Heartbleed Bug” allowed criminals to access personal data, such as usernames, passwords, credit/debit card numbers, and emails from infected websites.  This vulnerability prompted many companies to publicly recommend that consumers change their passwords on all websites they visit to conduct personal business, including financial institutions and retail sales sites.

Many financial institutions, like STAR, use OpenSSL to secure your web credentials, evidenced by the padlock symbol in the address bar of the website when your access starfinancial.com.  However, we want to assure you that the version of OpenSSL used by STAR’s online banking was never vulnerable to the Heartbleed Bug at any point, and your – and our customers’ -  information remains secure.

However, as a matter of general security, STAR always recommends that you change your passwords on a regular basis.  For more information about protecting yourself against fraud, please visit www.starfinancial.com/security-center.


STAR Financial Bank has warned numerous times about “phishing” and “vishing” scams in which crooks send automated calls, emails and texts claiming to be from STAR Financial Bank, asking customers to submit or verify confidential information such as debit card numbers.  Below is additional information regarding yesterday’s phishing attack:

  • Yesterday’s attack targeted multiple institutions and continues to be a growing source of fraud attempts in our industry.
  • We were able to identify the source of the attack and block further texts and automated calls.
  • Cell phone numbers for both STAR and non-STAR customers were contacted via automated calls and text messages claiming to be from STAR.
  • Please be assured that there was no loss of money or information in any way, and STAR did not and will not provide any personal information, including phone numbers.

If you did respond to the automated call or text and provided your information, please contact STAR Customer Service at 1-888-395-2447 immediately.

Again, if you ever receive this sort of call, text or e-mail appearing to be from STAR Financial Bank and asking you to “enroll” or provide information, you should assume that it is fraudulent.


STAR's Security Department has received numerous reports of customers and non-customers receiving fake automated calls and text messages indicating that their STAR ATM/Debit card has been block and to call (907) 341-4761.

If you call this number, it says "Thank you for calling STAR Financial Bank."  This message is NOT from STAR. These types of vishing attacks are on the rise, and the techniques are becoming very sophisticated.

Please follow these precautions:

  • Do not call numbers found in unsolicited messages - use a number from a previous statement, in the phone book or through another trustworthy source.
  • Never provide account numbers, passwords, PINs, credit card security codes, SSN or other confidential information over the phone unless it is in a call you initiated.
  • Keep in mind your financial institution already has this information about you and would not need to contact you to ask for it.

If you have already received the fraudulent message and provided your card information, please contact STAR Customer Service immediately at 888.395.2447. 


Numerous customers have started to receive fraudulent automated calls regarding their STAR Mastercard® debit cards. Sometimes an originating number shows on caller ID and sometimes not.  These calls are not originated by STAR.  Please do not disclose your card number to avoid any fradulent activity.  STAR customers debit cards are not at risk or compromised as long as you do not provide your information.  If you accidentally provided this information to the vishing calls, please contact STAR customer service immediately at 888-395-2447.

Target Data Breach Leads to Phishing Scams

STAR Bank is warning customers not to fall victim to phishing scams related to the Target data breach. Phishing attacks use spoofed e-mails and fraudulent websites designed to fool recipients into divulging personal financial data. By hijacking the trusted brands of banks, online retailers and credit card companies, phishers are able to convince recipients to respond to them.

“Victims of the Target data breach are particularly vulnerable right now to phishing,” says Jeremy Vance, STAR Security Officer. “These criminals are capable of sending very legitimate looking e-mails. The most important thing for customers to remember is that STAR Bank will never ask you for personal information in an e-mail.”

To avoid becoming the victim of a phishing scam, STAR offers the following tips:

  • If you have responded to an e-mail, contact your bank immediately so they can protect your account and your identity.
  • Never give out your personal or financial information in response to an unsolicited phone call, fax or e-mail, no matter how official it may seem.
  • Do not respond to e-mails that may warn of dire consequences unless you validate your information immediately. Contact the company to confirm the e-mail’s validity using a telephone number or Web address you know to be genuine.
  • Check your credit card and bank account statements regularly and look for unauthorized transactions, even small ones. Some thieves hope small transactions will go unnoticed. Report discrepancies immediately.
  • When submitting financial information online, look for the padlock or key icon at the bottom of your Internet browser. Most secure Internet addresses, though not all, use “https”.
  • Report suspicious activity to the Internet Crime Complaint Center (ic3.gov/default.aspx), a partnership between the FBI and the National White Collar Crime Center.

For information on protecting yourself online, visit ABA’s consumer section on phishing at aba.com/consumers/pages/phishing.aspx.

New Details released by Target regardling data breach investigation

From corporate.target.com - "As part of Target’s ongoing forensic investigation, it has been determined that certain guest information—separate from the payment card data previously disclosed—was taken from Target. This theft is not a new breach, but was uncovered as part of the ongoing investigation. At this time, the investigation has determined that the stolen information includes names, mailing addresses, phone numbers or email addresses for up to 70 million individuals. 

Much of this data is partial in nature, but in cases where Target has an email address, we will attempt to contact affected guests. This communication will be informational, including tips to guard against consumer scams. Target will not ask those guests to provide any personal information as part of that communication. In addition, guests can find the tips at Target.com/databreach, along with updated information in the Data Breach FAQs to help answer questions and provide additional resources.

“I know that it is frustrating for our guests to learn that this information was taken and we are sorry they are having to endure this,” said Gregg Steinhafel, chairman, president and chief executive officer.  “Our guests expect more from us and deserve better. And I want them to know that understanding and sharing the facts is important to me and the entire Target team.”

Guests will have zero liability for the cost of any fraudulent charges arising from the breach. To provide further peace of mind, Target is offering one year of free credit monitoring and identity theft protection to all Target guests who shopped our U.S stores. Guests will have three months to enroll in the program. Additional details will be shared next week.

We remain focused on addressing our guests' and team members' questions and concerns about the data breach. Please continue to check the Data Breach Issues Hub for updates as additional information becomes available."

STAR customers may be susceptible to consumer scams (phishing) due to the release of postal addresses, email addresses and phone numbers.

Fraudulent automated phone calls (Vishing)

STAR's Security Department has received numerous reports of customers in our markets receiving phone calls indicating their MasterCard has been deactivated. They are asked to type their card number during the automated call to reactivate. 

If you received this call, please hang up and do NOT provide them with your debit information. If you already received the call and released this information, please contact a STAR Customer Service representative immediately at 888-395-2447 to close your card, as it has now been compromised. 

Vishing in Northeast Indiana

STAR's Security Department has received numerous reports of customers in our Fort Wayne region receiving phone calls indicating their card has been frozen. They are asked to type their card number during the automated call to reactivate. 

If you received this call, please hang up and do NOT provide them with your debit or credit card informaiton. If you already received the call and released this information, please contact a STAR Customer Service representative immediately at 888-395-2447 to close your card, as it has now been compromised. 

Fictitious Text Messages


STAR's Security Department has received reports that several customers today have received the following text message:

STAR ALERT: Your CARD starting with 5109 has been DEACTIVATED. Please call 765-319-0414.

STAR does not send text messages to our customers regarding deactivation of cards. If you received this message, please delete the text and do NOT call the number listed. If you already received the text and called the number, please contact a STAR Customer Service representative immediately at 888-395-2447 to close your card, as it has now been compromised. 

Fictitious Wire Transfer Email


STAR's Security Department has received report of another email phishing attempt. The following email below is NOT from STAR. If you receive the email, please delete it. DO NOT click on any of the links. If you click the link, it will attempt to download malware that will steal your online banking username and password. Fraudulent withdrawals may follow. You will need to have the malware removed by your anti-malware software provider or a professional computer technician.

Subject: RE: Your Wire Transfer

Dear Customers,
Wire Transfer was canceled by the other financial institution.

Canceled transfer:
FED NR: 9064623309RE884931
Wire Transfer Report: View 

Federal Reserve Wire Network