'Patriot Act' phishing e-mails resurface, FDIC warns

E-mails from scammers say that accounts have been frozen 'due to activity that violates the Patriot Act'

Scammers are trying to steal banking information using fake e-mails that look like they've come from the U.S. Federal Deposit Insurance Corporation, the FDIC warned Wednesday.

The phishing e-mails tell the victim his account has been suspended "due to account activity that violates the Patriot Act," and instructs him to use a system called IDVerify to confirm bank account information. In reality, there is no such thing as an FDIC IDVerify system. People who click on the IDVerify link actually go to a server controlled by the criminals. It either steals the bank account information or tries to install malicious software on the victim's computer, the FDIC said in an alert sent to banks and consumers on Wednesday.

The FDIC has received "numerous" reports of the scam e-mail, the statement said. It is trying to figure out who's behind the scam, and it encourages people who receive these e-mails to forward them to alert@fdic.gov.

The FDIC is chartered with maintaining the stability of the nation's banking system, and it regularly issues warnings about the latest banking scams.

This isn't the first time that criminals have tried this approach. In 2004, the FDIC warned of a virtually identical scam after its Kansas City, Missouri, and Washington, D.C., call centers were overwhelmed with complaints, following another phishing campaign.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Join the discussion
Be the first to comment on this article. Our Commenting Policies