Fraudulent Emails: Fraudulent Emails Claiming to be from the FDIC or VeriSign and Requesting Recipients to Run a “Security Guard Script”

The Office of the Comptroller of the Currency (OCC) has been informed by the Federal Deposit Insurance Corporation (FDIC) that fraudulent emails claiming to be from the FDIC or VeriSign are in circulation. The emails request recipients to run a "security guard script" to secure Websites. Currently, the emails are purportedly from "FDIC Legal Information Technology," "FDIC Information Security," or "Verisign Inc." and the subject lines include the phrase "Regular Security Maintenance" or "Regular Hosting Security Maintenance." The emails are fraudulent and were not sent by the FDIC or VeriSign, Inc.

The fraudulent emails state: “to secure your websites, please use the attached file and (for UNIX/Linux Based servers) upload the file "vprotect.php" in: "./public_html" or (for Windows Based servers) in: "./wwwroot" in your site." The emails also provide instructions for recipients who "do not know how to use" the file.

The FDIC is working with the United States Computer Emergency Readiness Team to determine the exact effects of the executable file. Recipients should consider this file to be a malicious attempt to collect personal or confidential information. Financial institutions and consumers should NOT download the executable file attached to the emails. Consumers and financial institutions should report any similar situations by contacting the FDIC’s Cyber-Fraud and Financial Crimes Section.

Any information or questions that you may have concerning this matter should be brought to the attention of:

Mail: Federal Deposit Insurance Corporation (FDIC)
Cyber-Fraud & Financial Crimes Section
550 17th Street, NW
Room F-4004
Washington, DC 20429
Email: alert@fdic.gov

Consumers who receive counterfeit or fictitious items and associated material should file complaints with the following agencies, as appropriate:

• U.S. Department of the Treasury, Office of Inspector General (OIG): by telephone at (800) 359-3898 or by visiting the OIG website.
• Federal Trade Commission (FTC): by telephone at (877) FTC-HELP or, for filing a complaint electronically, via the FTC's website.
• National Consumers League (NCL): by telephone at (202) 835-3323 or by email. To file a fraud complaint, visit the NCL fraud website.
• Better Business Bureau (BBB): The BBB system serves markets throughout Canada, Puerto Rico, and the United States and is the marketplace leader in advancing trust between businesses and consumers. The website offers contact information for local BBBs, objective reports on more than 2 million businesses, consumer scam alerts, and tips on a wide variety of topics that help consumers find trustworthy businesses and make wise purchasing decisions.
• Federal Bureau of Investigation Internet Crime Complaint Center (to report scams that may have originated via the internet).
• If correspondence is received via the U.S. Postal Service, contact the U.S. Postal Inspection Service by telephone at (888) 877-7644; by mail at U.S. Postal Inspection Service, Office of Inspector General, Operations Support Group, 222 S. Riverside Plaza, Suite 1250, Chicago, IL 60606-6100; or via the online complaint form.

Additional information concerning this matter that should be brought to the attention of the Office of the Comptroller of the Currency (OCC) may be forwarded to

Office of the Comptroller of the Currency
Special Supervision Division
400 7th St. SW, Suite 3E-218; MS 8E-12
Washington, DC 20219
Phone: (202) 649-6450
Fax: (571) 293-4925
www.occ.gov
occalertresponses@occ.treas.gov

For additional information regarding other types of financial fraud, please visit the OCC's anti-fraud resources page.

Richard C. Stearns
Director for Enforcement & Compliance