>

Alerts

Alerts -Header

HEARTBLEED BUG
4/10/14

You may have recently heard or read news reports about the “Heartbleed Bug”, which affects the technology used to encrypt sensitive information (this technology is referred to as OpenSSL).  The “Heartbleed Bug” allowed criminals to access personal data, such as usernames, passwords, credit/debit card numbers, and emails from infected websites.  This vulnerability prompted many companies to publicly recommend that consumers change their passwords on all websites they visit to conduct personal business, including financial institutions and retail sales sites.

Many financial institutions, like STAR, use OpenSSL to secure your web credentials, evidenced by the padlock symbol in the address bar of the website when your access starfinancial.com.  However, we want to assure you that the version of OpenSSL used by STAR’s online banking was never vulnerable to the Heartbleed Bug at any point, and your – and our customers’ -  information remains secure.

However, as a matter of general security, STAR always recommends that you change your passwords on a regular basis.  For more information about protecting yourself against fraud, please visit www.starfinancial.com/security-center.



UPDATE: PHISHING SCAM
4/3/14

STAR Financial Bank has warned numerous times about “phishing” and “vishing” scams in which crooks send automated calls, emails and texts claiming to be from STAR Financial Bank, asking customers to submit or verify confidential information such as debit card numbers.  Below is additional information regarding yesterday’s phishing attack:

  • Yesterday’s attack targeted multiple institutions and continues to be a growing source of fraud attempts in our industry.
  • We were able to identify the source of the attack and block further texts and automated calls.
  • Cell phone numbers for both STAR and non-STAR customers were contacted via automated calls and text messages claiming to be from STAR.
  • Please be assured that there was no loss of money or information in any way, and STAR did not and will not provide any personal information, including phone numbers.


If you did respond to the automated call or text and provided your information, please contact STAR Customer Service at 1-888-395-2447 immediately.

Again, if you ever receive this sort of call, text or e-mail appearing to be from STAR Financial Bank and asking you to “enroll” or provide information, you should assume that it is fraudulent.


FAKE AUTOMATED CALLS & TEXTS REGARDING STAR ATM/DEBIT CARDS
4/2/14

STAR's Security Department has received numerous reports of customers and non-customers receiving fake automated calls and text messages indicating that their STAR ATM/Debit card has been block and to call (907) 341-4761.

If you call this number, it says "Thank you for calling STAR Financial Bank."  This message is NOT from STAR. These types of vishing attacks are on the rise, and the techniques are becoming very sophisticated.

Please follow these precautions:

  • Do not call numbers found in unsolicited messages - use a number from a previous statement, in the phone book or through another trustworthy source.
  • Never provide account numbers, passwords, PINs, credit card security codes, SSN or other confidential information over the phone unless it is in a call you initiated.
  • Keep in mind your financial institution already has this information about you and would not need to contact you to ask for it.


If you have already received the fraudulent message and provided your card information, please contact STAR Customer Service immediately at 888.395.2447. 



FAKE AUTOMATED CALLS REGARDING MASTERCARD® DEBIT CARDS
03/10/14

Numerous customers have started to receive fraudulent automated calls regarding their STAR Mastercard® debit cards. Sometimes an originating number shows on caller ID and sometimes not.  These calls are not originated by STAR.  Please do not disclose your card number to avoid any fradulent activity.  STAR customers debit cards are not at risk or compromised as long as you do not provide your information.  If you accidentally provided this information to the vishing calls, please contact STAR customer service immediately at 888-395-2447.



Target Data Breach Leads to Phishing Scams
2/7/14

STAR Bank is warning customers not to fall victim to phishing scams related to the Target data breach. Phishing attacks use spoofed e-mails and fraudulent websites designed to fool recipients into divulging personal financial data. By hijacking the trusted brands of banks, online retailers and credit card companies, phishers are able to convince recipients to respond to them.

“Victims of the Target data breach are particularly vulnerable right now to phishing,” says Jeremy Vance, STAR Security Officer. “These criminals are capable of sending very legitimate looking e-mails. The most important thing for customers to remember is that STAR Bank will never ask you for personal information in an e-mail.”

To avoid becoming the victim of a phishing scam, STAR offers the following tips:

  • If you have responded to an e-mail, contact your bank immediately so they can protect your account and your identity.
  • Never give out your personal or financial information in response to an unsolicited phone call, fax or e-mail, no matter how official it may seem.
  • Do not respond to e-mails that may warn of dire consequences unless you validate your information immediately. Contact the company to confirm the e-mail’s validity using a telephone number or Web address you know to be genuine.
  • Check your credit card and bank account statements regularly and look for unauthorized transactions, even small ones. Some thieves hope small transactions will go unnoticed. Report discrepancies immediately.
  • When submitting financial information online, look for the padlock or key icon at the bottom of your Internet browser. Most secure Internet addresses, though not all, use “https”.
  • Report suspicious activity to the Internet Crime Complaint Center (ic3.gov/default.aspx), a partnership between the FBI and the National White Collar Crime Center.


For information on protecting yourself online, visit ABA’s consumer section on phishing at aba.com/consumers/pages/phishing.aspx.


 
New Details released by Target regardling data breach investigation
1/10/14

From corporate.target.com - "As part of Target’s ongoing forensic investigation, it has been determined that certain guest information—separate from the payment card data previously disclosed—was taken from Target. This theft is not a new breach, but was uncovered as part of the ongoing investigation. At this time, the investigation has determined that the stolen information includes names, mailing addresses, phone numbers or email addresses for up to 70 million individuals. 

Much of this data is partial in nature, but in cases where Target has an email address, we will attempt to contact affected guests. This communication will be informational, including tips to guard against consumer scams. Target will not ask those guests to provide any personal information as part of that communication. In addition, guests can find the tips at Target.com/databreach, along with updated information in the Data Breach FAQs to help answer questions and provide additional resources.

“I know that it is frustrating for our guests to learn that this information was taken and we are sorry they are having to endure this,” said Gregg Steinhafel, chairman, president and chief executive officer.  “Our guests expect more from us and deserve better. And I want them to know that understanding and sharing the facts is important to me and the entire Target team.”

Guests will have zero liability for the cost of any fraudulent charges arising from the breach. To provide further peace of mind, Target is offering one year of free credit monitoring and identity theft protection to all Target guests who shopped our U.S stores. Guests will have three months to enroll in the program. Additional details will be shared next week.

We remain focused on addressing our guests' and team members' questions and concerns about the data breach. Please continue to check the Data Breach Issues Hub for updates as additional information becomes available."

STAR customers may be susceptible to consumer scams (phishing) due to the release of postal addresses, email addresses and phone numbers.



Fraudulent automated phone calls (Vishing)
10/1/13

STAR's Security Department has received numerous reports of customers in our markets receiving phone calls indicating their MasterCard has been deactivated. They are asked to type their card number during the automated call to reactivate. 

If you received this call, please hang up and do NOT provide them with your debit information. If you already received the call and released this information, please contact a STAR Customer Service representative immediately at 888-395-2447 to close your card, as it has now been compromised. 



Vishing in Northeast Indiana
7/19/13

STAR's Security Department has received numerous reports of customers in our Fort Wayne region receiving phone calls indicating their card has been frozen. They are asked to type their card number during the automated call to reactivate. 

If you received this call, please hang up and do NOT provide them with your debit or credit card informaiton. If you already received the call and released this information, please contact a STAR Customer Service representative immediately at 888-395-2447 to close your card, as it has now been compromised. 



Fictitious Text Messages

6/10/13

STAR's Security Department has received reports that several customers today have received the following text message:

STAR ALERT: Your CARD starting with 5109 has been DEACTIVATED. Please call 765-319-0414.

STAR does not send text messages to our customers regarding deactivation of cards. If you received this message, please delete the text and do NOT call the number listed. If you already received the text and called the number, please contact a STAR Customer Service representative immediately at 888-395-2447 to close your card, as it has now been compromised. 



Fictitious Wire Transfer Email

2/15/13

STAR's Security Department has received report of another email phishing attempt. The following email below is NOT from STAR. If you receive the email, please delete it. DO NOT click on any of the links. If you click the link, it will attempt to download malware that will steal your online banking username and password. Fraudulent withdrawals may follow. You will need to have the malware removed by your anti-malware software provider or a professional computer technician.

Subject: RE: Your Wire Transfer

Dear Customers,
Wire Transfer was canceled by the other financial institution.

Canceled transfer:
FED NR: 9064623309RE884931
Wire Transfer Report: View 

Federal Reserve Wire Network