Fraud Alert

Keep Your Personal Information Safe

Banks, insurance agencies, retailers and credit card companies continue to be targeted with fraudulent phishing, spoofing, and scamming attacks. But you can reduce the chances of becoming a victim by remembering these tips.

Phishing attacks involve the mass distribution of spoofed e-mail messages with return addresses, links and branding which appear to come from a trusted organization. While we are unaware of any recent incidents involving Mission Valley Bank, or our clients—over the past few years, our customers (and those of other financial institutions) have reported receiving fraudulent e-mails that appear to be from our bank (and others).

Please be advised that use of our name and logo in these “phishing” schemes is done without our consent in an attempt to obtain sensitive, personal information. It’s important for our valued customers to know that Mission Valley Bank will NEVER send you an e-mail from This e-mail address is used only for incoming e-mails to the bank. Additionally, Mission Valley Bank will NEVER initiate a request for sensitive information such as your social security numbers, account numbers, or passwords from you via e-mail. To learn more about current online scams, visit the FTC website.

Reminder — Please remember to safeguard your personal information. Mission Valley Bank will never call or email you to verify your sensitive information or pass codes.

Federal Trade Commission Warns of Official-Sounding Calls about an Email Hack

May 5, 2016

April  2016 -- by Andrew Johnson Division of Consumer and Business Education, FTC

There’s a new twist on tech-support scams — you know, the one where crooks try to get access to your computer or sensitive information by offering to “fix” a computer problem that doesn’t actually exist. Lately, we’ve heard reports that people are getting calls from someone claiming to be from the Global Privacy Enforcement Network. Their claim? That your email account has been hacked and is sending fraudulent messages. They say they’ll have to take legal action against you, unless you let them fix the problem right away.

If you raise questions, the scammers turn up the pressure – but they’ve also given out phone numbers of actual Federal Trade Commission staff (who have been surprised to get calls). The scammers also have sent people to the actual website for the Global Privacy Enforcement Network. (It’s a real thing: it’s an organization that helps governments work together on cross-border privacy cooperation.)

Here are few things to remember if you get any kind of tech-support call, no matter who they say they are:

  • Don’t give control of your computer to anyone who calls you offering to “fix” your computer.
  • Never give out or confirm your financial or sensitive information to anyone who contacts you.
  • Getting pressure to act immediately? That’s a sure sign of a scam. Hang up.
  • If you have concerns, contact your security software company directly. Use contact information you know is right, not what the caller gives you.

Read on to learn more about tech-support scams and government imposter scams. And, if you spot a scam, tell the FTC.

IRS Alerts Payroll & HR Professionals to Phishing Scheme Involving W-2s

March 29, 2016

WASHINGTON — The Internal Revenue Service today issued an alert to payroll and human resources professionals to beware of an emerging phishing email scheme that purports to be from company executives and requests personal information on employees.

The IRS has learned this scheme — part of the surge in phishing emails seen this year — already has claimed several victims as payroll and human resources offices mistakenly email payroll data including Forms W-2 that contain Social Security numbers and other personally identifiable information to cybercriminals posing as company executives.


Turbo Tax Scam Final

October 30, 2015

FDIC Alert

FDIC Consumer News — Money and Banking Tips for the Tax Season & Beyond

April 21, 2015

tax scamsGuard against tax-related frauds. Examples include scam e-mails falsely claiming to come from the IRS. Many of these are intended to trick taxpayers into revealing Social Security numbers and other personal information that can be used by criminals to steal victims' identity and money, including tax refunds. Others involve phone callers saying the taxpayer owes money to the IRS that must be paid promptly by wire transfer (that actually goes to the crook) or by loading funds onto a prepaid debit card and then sharing the number. The scammer may try to intimidate a targeted victim who refuses to cooperate, such as by threatening arrest or suspension of a business or driver's license. For information from the IRS about tax frauds targeting consumers, visit

New Scam – Done ‘Old School’

April 22, 2014

Police crime scene


In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.

These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money.


The Heartbleed Bug

April 18, 2014

The Heartbleed BugWhat is the Heartbleed Bug?

Heartbleed is a flaw in the programming on secure websites that could put your personal information at risk, including passwords, credit card information and e-mails. The Heartbleed Bug is a defect in encryption technology – called Open SSL – used by most Web servers to secure users’ personal or financial information. It is behind many “https” sites that collect personal or financial information. Basically, it provides a secure connection when you are conducting a transaction or sending an e-mail online. Experts discovered the bug recently and warned that cybercriminals could exploit it to access visitors' personal data or to impersonate a website and collect even more information.

Am I affected?

Most active users of the Internet have likely been exposed, since a majority of websites – including Facebook, retail and even government sites – use the Open SSL software. But it is unknown whether any criminals have actually exploited the bug, and several major sites, like Amazon, have already installed patches. Most sites with an address beginning with “https” are vulnerable until the website operator fixes the bug and users change their passwords.

Is my bank account safe?

Yes, consumers are protected from unauthorized transactions. Let the bank know immediately if you suspect any unusual activity.  Banks use many different systems to protect customers’ information including rigorous security standards, encryption, and fraud detection software.

What can I do?

As always, it is a good idea to update your bank password every few months. Also, monitor your account regularly and report suspicious transactions to the bank immediately. Beware of phishing scams – or e-mails with malicious links – that will attempt to get additional sensitive information from you.

What are banks doing?

Banks are researching the possible impact of the Heartbleed Bug and are taking appropriate actions to ensure that it has no impact on their customers. Most Internet banking applications are not impacted by this bug. Most financial institutions have a special layer of security that prevents this type of exploit and some don’t use Open SSL at all.

What is Mission Valley Bank doing?

Since the announcement of the existence of the Heartbleed Bug on April 7, 2014 – Mission Valley Bank has been in close contact with our security experts and service providers, confirming that there are no vulnerabilities within our systems, or those of our vendors.  With that said – regardless of the safety of your communications and transactions with Mission Valley Bank, the Heartbleed Bug is a real threat to all of us that use the internet for anything from Facebook to shopping.

Security experts across the board are strongly advising that you change ALL of your passwords – particularly on those sites where you might have exchanged personal information, credit card numbers, or other sensitive data.  However, prior to changing your current passwords, verify that the site has already installed the necessary patches, or was not considered vulnerable to Heartbleed.  While changing your passwords does not guarantee that your information has not already been compromised, it is a simple step that improves your odds going forward (and as stated earlier, it is a sensible thing to do every few months to decrease your vulnerability to bugs and scammers).

If you would like more information about “Heartbleed” go to

FTC Warns Small Businesses: Don’t Open Email Falsely Claiming to be from Federal Trade Commision

March 3, 2014

Warning Sign 03 03 14The Federal Trade Commission is warning small businesses that an email with a subject line “NOTIFICATION OF CONSUMER COMPLAINT” is not from the FTC. The email falsely states that a complaint has been filed with the agency against their company. The FTC advises recipients not to click on any of the links or attachments with the email. Clicking on the links may install a virus or other spyware on the computer.  (more…)

An Important message for our customers regarding the Target data breach.

December 26, 2013

We recommend you closely review the information provided in this letter for some important steps that you may take to protect yourself against potential misuse of your credit and debit information.

As reported in the news, Target reported a breach to their security that resulted in unauthorized access to Target payment card data. This includes both credit and debit cards used to make purchases in its stores from November 27, 2013 through December 15, 2013. Protecting customer and account information is a top priority for Mission Valley Bank that we take very seriously. As such, we are taking extra precautions to try and keep your accounts safe. Target Scam

If you made purchases at Target during the affected dates, we ask that you monitor your accounts more closely to look for unfamiliar purchases. Additionally, you can set up account alerts that will advise you when transactions over a certain dollar amount are presented against your account.

What you should know:

  • Mission Valley Bank customers have zero liability for fraudulent activity. That means you will not be liable for unauthorized transactions reported to the Bank.
  • We were informed that there wasn’t significant personally identifying information stolen such as Social Security numbers or addresses.
  • If you used your card during the time of the breach it is possible that fraud can occur. However, if you did not use your card at Target during this timeframe we do not have reason to believe your card was compromised.
  • If your card is identified as one at risk because of the security breach, you will be notified by the Bank and a new card reissued to you.
  • Whether you are notified, or not, it is a good idea to check your accounts and your credit reports to ensure no unauthorized transactions have occurred. You are entitled to one free copy of your credit report every year at .We will also be monitoring your accounts and notifying you of any suspicious activity.

We appreciate the inconvenience this has caused you and ask for your patience as we take the necessary precautions to protect your account from fraud.

If you have any questions or additional concerns please call us at 818.394.2300.

Don’t Get Taken by Wire Transfer Scams – from the FDIC Consumer News

November 22, 2013

Using a bank or a money transfer company to "wire" funds electronically is an easy and convenient way to send cash to someone. And when consumers wire money to people they know, the transaction typically takes place without a problem. But wiring money to strangersCyber Crime Nov eNews — in the U.S. but especially in another country — is risky because often they could be scam artists.

"Crooks like their victims to use wire transfers because the money moves fast and they can take the money and run before the victim discovers the truth," explained Michael Benardo, manager of the FDIC's Cyber Fraud and Financial Crimes Section. "Con artists also know that the transaction is difficult to reverse, and the money is difficult to get back. That's why they will use any tactic to convince people to wire money to a complete stranger."

How can you protect yourself against wire fraud? (more…)

Tips for Small Businesses to Combat Fraud

September 25, 2013

Cybercriminals are targeting small businesses with increasingly sophisticated attacks. Criminals use spoofed emails, malicious software and online social networks to obtain login credentials to businesses’ accounts, transfer funds fromi Stock Hacker w laptop the accounts and steal private information, a fraud referred to as “corporate account takeover.”

Combating account takeover is a shared responsibility between businesses and financial institutions. Bankers can explain the safeguards small businesses need and the numerous programs available that help ensure fund transfers, payroll requests and withdrawals are legitimate and accurate. Companies should train employees about safe internet use and the warning signs of this fraud, because they are the first line of defense.

As part of National Cyber Security Awareness Month coming in October, Mission Valley Bank offers small businesses these tips to help prevent account takeover: (more…)

Banking trojan hijacks SSL connections

July 3, 2011

Security researchers from Symantec warn of a new banking trojan capable of hijacking the SSL connections between browsers and online banking sites in a way that is hard to spot.

Variants of this malware, which Symantec detects as Trojan.Tatanarg, have been in circulation since last October, but its code is believed to be based on an older threat called W32.Spamuzle.

The trojan has a modular architecture, with separate components handling different tasks, and the functionality of most banking malware.

It can inject rogue HTML code into pages (man-in-the-browser attacks), disrupt antivirus software, uninstall other banking trojans and enable Windows remote access.

It also features a backdoor component through which attackers can issue commands to control the infected computers.

However, the most interesting functionality of this trojan is its ability to function as a proxy between browsers and SSL-secured websites.

This is achived by hijacking the legit SSL connection and establishing a new one on the browser end using a self-signed certificate.

Alerts are blocked and exceptions are added automatically in the browser making the attack almost transparent to users.

The HTTPS prefix is present, as is the padlock indicating a SSL connection. The only way for the user to realize he's not using his bank's certificate would be to manually check the issuer.

Tatanarg is one of several banking trojans that appeared since the crackdown on ZeuS-based cyberfraud operations last year. It seems that unhappy with the heat, criminal gangs have begun developing their own custom malware.

They also try to come up with innovative attack methods. Just last week, Trusteer reported about a trojan dubbed OddJob which forces browsers to keep sessions open after users think they successfuly logged out.

Users are advised to always keep their antivirus programs up to date to ensure they have the latest protection available. Also, if possible, online banking should be performed from a dedicated computer or a live cd.

Active Debit Card Scam!

May 21, 2011

Warning! There are several reports of an active debit card scram affecting multiple states. A recent onslaught of recorded telephone messages are being received by customers and non-customers of several banks informing the recipients that their debit card has experienced billing errors and has been deactivated. In order to reactive their debit card they are being instructed to provide their card information.

These calls are fraudulent. Neither Mission Valley Bank, nor any Bank, will call you and request information regarding your debit card number and PIN.

FDIC Special Alert: Email claiming to be from FDIC

April 29, 2011

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.

The e-mail appears to be sent from "" and includes a subject line that states: "FDIC: Your business account."

The e-mail is addressed to "Business Owners" and states "We have important information about your bank. Please click here to see information." It then states, "This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership."

This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided.

The FDIC does not issue unsolicited e-mails to consumers or business account holders.

FDIC Special Alert: Email claiming to be from FDIC

March 11, 2011

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of a fraudulent e-mail that has the appearance of being sent from the FDIC.

The e-mail appears to be sent from "" and includes a subject line that states: "About your business account."

The e-mail is addressed to "Business Customers" and states "We have important information about insurance coverage of your business accounts." It then asks recipients to "Please click here to view details" and includes a hyper link to a Web site.

The e-mail says that it is from "Alyssa Williams, FDIC Insurance."

This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided.

The FDIC does not issue unsolicited e-mails to consumers or business account holders

IMPORTANT: If you are a customer of Mission Valley Bank and have already responded to a suspicious e-mail, and provided any personal or sensitive information, please contact us immediately at (818) 394-2300.