Online Fraud Prevention Center

Community Bank & Trust wants to help you to protect yourself against online schemes. Email fraud is one of the more common and damaging methods used to scam customers on the Internet today. By educating yourself and following some simple tips you'll be less likely to fall victim to one of these schemes.

Community Bank & Trust will never ask for you to send personal or financial information by, in response to, or via a link in an Email.

IMPORTANT CBT SECURITY ALERT PHISHING ATTACK IN PROGRESS PLEASE READ BELOW AND ACT ACCORDINGLY

We have become aware that some of our customers may be receiving phishing emails that reference the "eNFact" product. The email directs recipients to click on a link that takes them to a mock site that we presently believe may install malicious software. This may be a serious threat! Anyone who receives the email shown below, or any similar email, should NOT open it under any circumstances.
If the email is opened, do NOT click on the link.

The phishing attack is contained in a fraudulent email identical or similar to the one that follows:

-----Original Message-----
From: eNFACT Notifications [mailto:noreply@enfactnotifications.com]
Sent: Thursday, January 26, 2012 11:34 AM
To: Recipients
Subject: eNFACT Case #29018

To protect your account, we monitor your ATM and debit card transactions for potentially fraudulent activity which may include a sudden change in locale (such as when a U.S.-issued card is used unexpectedly overseas), a sudden string of costly purchases, or any pattern associated with new fraud trends around the world.

An eNFACT Case was generated for the cardholder below:

Transaction 1 Information:
A charge on 10/23/2011 in the amount of $438.09 in ITALY Transaction Score: 981

Transaction 2 Information:
A charge on 10/23/2011 in the amount of $513.14 in ITALY Transaction Score: 918

Transaction 3 Information:
A charge on 10/22/2011 in the amount of $0.02 at O RANCH Transaction Score: 37

The eNFACT Case is generated when a suspect transaction is detected. If this transaction was not initiated by you as the credit card holder please follow the steps as shown at : http://www.efactnotify.com/

Please be sure to complete the Case Resolution Notification (CRN) Form at (http://www.efactnotify.com/) . If you have any questions, or would like additional information pertaining to this eNFACT Case, please contact theCardProcessingCenterat 800-262-2024.

Please act accordingly now.

If you have received this phishing attack via email, or if you receive it at any time from this point forward:

• Do not open the email;
• Do not click on the link contained in the email; clicking on any of the links contained in the email may install malicious software on your system;
• Report the email to Community Bank & Trust (417-451-1040);
• Delete the email from your "Inbox" and "Sent Items";
• If you have inadvertently clicked on the link shut down your system immediately and consult with a professional technician who can check for the existence of malicious software.

We are taking three steps to help you protect yourself:

• First, we have asked the hosting provider of the phishing site to take it down, although we are presently unsure whether our request will be honored.
• Second, we are reporting this to our regulatory authorities, whose engagement may help us get the attention of both the phishing site's hosting provider and law enforcement.
• Third, we are researching the potentially malicious payload the phishing site could install, and will provide you with information you may be able to use to limit infection in your own environment.

We will issue further communication as soon as we have substantive progress to share.

Community Bank & Trust will never ask for you to send personal or financial information by, in response to, or via a link in an email.

eNFACT will never contact customers via email. All eNFACT customer contacts are via telephone or U.S. Mail.

Other Common Fraud Schemes:

Phishing

Phishing schemes use fraudulent emails claiming to be from someone (an individual or company) you know and trust. They attempt to get you to reveal sensitive information like user IDs, passwords, account numbers or other sensitive data. Criminals will use this data to access your accounts, financial information and/or your identity.

Spoofing

Many fraudulent emails ask you to supply, confirm, or update personal information by clicking on a link in the email. The link will connect you to a Web page or login that appears to belong to the company mentioned in the email. This is referred to as a "spoofed" site. Often the site looks just like the company's site -- but it's not. The spoof may be a pop up window or an embedded image over the actual site. The goal of the criminals is to get you to enter your personal data so they can steal your information.

Help us help you: Forward suspicious Email to us!

If you suspect you've received a fraudulent Email, DO NOT RESPOND TO THE EMAIL! Instead, contact us as soon as possible.

Tips to Protect Yourself

• Don't open emails from senders you don't know.
• Never access a web site from a link in an email, especially a web site that asks for personal information.
• If you have any doubts about the authenticity of an email, do not respond; call the sender or type in the web address.
• Beware of emails sent offering you a prize or a discount and then asking you to choose a user id and password (most people use the same access information for several accounts- easier to remember-.thieves will collect your login information and try them at other sites, like financial institutions or credit card sites).
• Do monitor your account activity closely and watch for unusual activity - You can use CBT Online Banking to monitor account balances, 24/7.
• Change your password every 60 days.
• Note that fraudulent emails often include misspellings and poor grammar.
• Update your anti-virus software frequently. Common anti-virus software includes McAfee and Symantec.
• Beware of emails with a sense of urgency; attempting to rush you into action. Messages like, "Update now or we'll close your account...".
• Do not include personal or sensitive data in or in response to an email.
• Alert a credit bureau with your concerns

If you suspect you might be a victim of identity theft, contact the three major credit bureaus listed below to place a fraud alert on your credit file. You also can order a credit report to identify any unauthorized activity.

Equifax 1.800.525.6285
Experian 1.888.397.3742
Trans Union 1.800.680.7289

Useful Links

FDIC Fraud Prevention Notice
FTC Identify Theft Website