This is a quick "heads up" notice of a new scam email message that is floating around. For years, scammers have tried to get you to click on a link and reveal your banking user name and password. However, the latest such messages have added a new wrinkle.
It all starts when a user receives a 'notice' to their email account. The message then claims that there has been a request issued by the bank for the user to reset their password. That is the same as millions of other scam messages that have been sent over the years.
Next comes the new hook line: "If you didn't request that your password be reset, please follow the instructions below to cancel your request."
Whether deciding to accept or decline the message, the user is duped into clicking on a link or copying and pasting a link into their browser. However, upon closer inspection, both the "accept" line and "decline" line have the same address. Someone not paying close attention to the message could be easily fooled by the scam.
If you receive one of these messages, just click on DELETE in your email program. These messages are never sent by your bank, although they certainly will look authentic. Instead, the messages come from scammers who have forged your bank's return address.
These scams are referred to as "phishing attacks" because the scammers are fishing, or "phishing." They send millions of these messages in hopes that a few people are gullible enough to "bite" on this bait and enter their private banking information. Once the scammers have obtained your private banking credentials, they can log onto your bank account and transfer money out of the account.
Never click on links sent in unsolicited emails. If no request has been made, the email should be deleted from your inbox.
If you have questions, call your bank on the phone. The banks all know about this scam.
