Security Awareness


We thought you might like to stay informed...


If you are looking for Financial Education information, please see our Helpful Links page.


April 9, 2014 - Heart Bleed Vulnerability

On April 7, 2014, security researchers announced a recently-discovered vulnerability called Heart Bleed. By exploiting this vulnerability, attackers could access sensitive data, compromising the security of servers and users. The management of Murphy-Wall State Bank and Trust Company is keeping a close eye on the "Heartbleed" bug you may have heard about. The vendor we use for Online Banking has completed a preliminary assessment and has not discovered any vulnerability. We continue to monitor other third-party vendors as they complete their assessments. The safety of your accounts is very important to us.


April 12, 2014 update - reports from our third-party vendors continue to indicate that no vulnerability in their systems are present and your information has not been compromised by the "Heartbleed" bug.


April 5, 2014 Rural King Data Breach

Reports have surfaced that Matton, Illinois-based farm supply store Rural King has suffered a data breach. The company has been notifying its customers since the hackers gained access to their personal and financial information. It's uncertain how many individuals are impacted by the breach, but according to a letter sent earlier this week by the company to the New Hampshire Attorney General, cybercriminals gained access to Rural King systems on February 6, 2014. The intrusion into the firm's web server was detected on March 7... more at softpedia.com .


At this time, Murphy-Wall State Bank and Trust Company has not been alerted to any customers affected by this breach nor do we find information related to the breach on ruralking.com. This information is being provided solely to alert our visitors of the possibility that a reported breach has occurred which could affect you.

March 31, 2014 - Security Notice for Windows XP Users

As you may already know, on April 8, 2014 Microsoft will stop issuing security updates to Windows XP. This means that after April 8, 2014 there will be a substantial security risk to anyone using this operating system, since security vulnerabilities will no longer be patched. If you are currently using Windows XP please take note of this.


Although this will not cause an interruption to any of the services we provide our customers, continued use of a computer utilizing Windows XP could place your devices and the information on them at serious risk. We encourage you to learn more about this upcoming cessation of service by Microsoft and to become informed on what you will need to do to secure your information. To learn more we suggest you visit: Microsoft XP Support Ends


Internet Banking customers may also review our Electronic Banking Services Agreement and Disclosure for more information about security and access to our services.


March 2, 2014

Apple has released a critical security update to address a potential vulnerability and security patch for its Mac, iPhone, iPad and iPod devices.


Apple has recommended that users of these devices immediately take steps to reduce security risks by updating to the latest version of their device's operating system. The update is available for iOS7, iOS6 and OSX desktop platforms and can be found under "Software Update" in general settings.


The security of our online banking offering continues to be a top priority. We are monitoring the situation and will inform you if updates become available.



January 2014

Target Data Breach Update

As of late, you may have seen articles in the media stating that personal information was also compromised, including such data as name, mailing address, email address and phone number.

With this information, targeted schemes may be directed against individuals requesting cardholder account information. Murphy-Wall State Bank anticipates there could be an increase in targeted phishing (email), vishing (voice) and smishing (text) attacks in which fraudsters target a broad audience, telling each recipient that their account has been compromised in this event.

Through this scam, they attempt to gain account information, including the account holder's PIN. Vishing attacks using telephony technologies can be very convincing, so it is important to remember that if you receive a phone call, email, or text regarding requests for account numbers or PIN information, do not give out any information. If Murphy-Wall State Bank should need to contact you, we will not ask you for account information because we already have access to your information.



December 2013

Target Breached

Visa has notified us of an incident in which Visa Check Card accounts (debit cards) may have been compromised as a result of a security breach at Target stores. Information concerning the breach can be found on Target's website at: https://corporate.target.com


In an attempt to assist our customers in monitoring card activity, we have activated an ALERT system which sends email and/or text messages for transactions. The system sends messages when a transaction is authorized or when a transaction is declined or both. If Murphy-Wall customers wish to receive these messages, they may call us to request the service. They system may send the ALERT messages via text or email or both.


Murphy-Wall State Bank is working tirelessly to monitor and protect our account holders. If you have any questions, please do not hesitate to call us at (618)357-5373 or toll-free at (877) 358-6554. We will be happy to answer any questions you may have.


November 2013

Fraudulent Calls

We are aware that fraudulent calls indicating that Debit cards have been compromised are being made to phone numbers within the 618 area code, however this has not been confirmed to be limited to just the 618 area code. The "Robo" or Automated Caller request card holder information. Please do not give out any information!

These calls are not related to Murphy-Wall State Bank and Trust Company. However, we do want to keep our customers informed as much as possible about fraud activity that could possibly affect you or a member of your family.

If you have been a victim of these calls and you are our customer, please call our card hot line toll-free using our telephone banking services at 877-358-6554 Option 1, 5, 2 or direct to the Visa Hotline at 800-264-4274 if you are calling after our normal banking hours. Calling us is the best way of keeping your possible losses down; then confirm your call with a letter to us.


October 2013

Stay Safe Online!

Videos on Security Topics are located on our website! Feel free to visit and learn about Phishing, Identity Theft, Internet Fraud, Social Media and Portable Devices.


September 2013

FDIC Consumer News

The Federal Deposit Insurance Corporation has issued on their Consumer News page, information on Financial protection and great tips for Seniors on how to steer clear of scam artists. Please visit http://fdic.gov/consumers/consumer/news/cnsum13/ for information on how to manage your money and protect your identity.


September 2013

Denial of Service Attacks

Over the last few years and recently, malicious cyber actors have compromised media outlets using DNS hijacking as an attack vector. These types of attacks could be desirable for hacktivists looking to increase their global notoriety because by altering the DNS pathway, malicious actors can direct the compromised

site's visitors to a webpage of their choosing, including hacker-related imagery or messaging.

At this time, many of the malicious actors who have conducted these types of attacks have redirected Internet users to a malicious actor-controlled web page designed to cause panic or confusion for those impacted.

Murphy-Wall continues to monitor these types of activities. As always we encourage our customers to call us and report any suspicious activity regarding your On-line banking relationship with us.


April 2013

Visa Check Card Compromise

Visa has notified us of an incident in which card accounts held by our customers may have been compromised as a result of a security breach at Schnucks. The exposure window was from February 5, 2013 to March 27, 2013. We will be notifying our account holders if we feel their card may be one of those affected. To protect our customers we take action to block the use of compromised cards. If you feel that you may have been a victim, please contact us at 618-357-5373. We will be happy to answer any questions you may have.


For more on the Schnucks breach, visit www.thesouthern.com (Article on Tuesday, April 16, 2013) and Schnucks' website.


February 2013

Fraudulent Calls to Cell Phones

We are aware that fraudulent calls indicating that Visa cards have been compromised are being made to cell phone numbers in our area. At this time, we believe that the calls are being directed to phones with a 318 prefix, however this has not been confirmed to be limited to just those numbers. Calls are requesting card holder account numbers. Please do not give out any information!


These calls are not related to Murphy-Wall State Bank and Trust Company. However, we do want to keep our customers informed as much as possible about fraud activity that could possibly affect you or a member of your family.


If you have been a victim of these calls and you are our customer, please call our card hot line toll-free using our telephone banking services at 877-358-6554 Option 1, 5, 2 or direct to the Visa Hotline at 800-264-4274 if you are calling after our normal banking hours. Calling us is the best way of keeping your possible losses down; then confirm your call with a letter to us.


November 2012

Statewide Corporate Scam Warning

Illinois Secretary of State Jesse White is warning businesses to beware of a firm called Corporate Records Service, which is contacting Illinois businesses in an attempt to collect a $125 fee to fill out a corporation's "Annual Minutes Records Form." The Illinois Business Corporation Act does not require corporations to file a "Minutes Records Form" or pay such a fee with the state or any private entity. "The problem is that the form this bogus firm is sending out looks similar to our Secretary of State's annual report form," White said." The false notice, which is mailed in a green envelope, states that the fee must be paid by November 9, 2012. Illinois corporations should be on the alert for this and other similar attempts to defraud them. White is urging anyone who has become a victim of the scam to call the Secretary of State's Business Services Office at 217-782-6961 or 312-793-3380.


May 2012

Consumer Scam Alert

The ACH Network recently experienced an increased number of fraudulent payments using the Federal Reserve Bank of Atlanta's routing transit number. These payments have all been returned timely via the normal return process. Normal monitoring and controls for verifying payments in FedACH will continue to identify and reject these transactions back to the originating institutions.

Many of the unauthorized payments were created by service provider customers to pay their utility and cable bills. It is important for consumers to know that they cannot use the Fed's RTN to make an on-line or e-check bill payment.

Any text, e-mail, phone call, flyer or Web site that might instruct a consumer on how to pay bills using the Fed's RTN (e.g., "the government can pay your bills") is a scam and payments initiated in this manner will be intercepted.

Questions regarding this situation should be directed to FedACH Central Operations Support at (866) 234-5681.


April 2012


Murphy-Wall State Bank has received notification of a security breach involving a third-party payment processor, Global Payments, Inc. If your debit card is affected, we will communicate that information to you as soon as it is available to us. In the meantime, we encourage you to closely monitor the activity on your account and notify us immediately if you suspect any fraudulent activity. Please visit our Debit Card Fraud Prevention page for contact information.


March 2012


March 16: Murphy-Wall has been notified by a third party source that our customers may receive a Phishing Email that is indicated below. You should disregard and/or delete this Email.


Dear Account Holder,


This message is mailed to you regarding your online banking user password has been expired.


Create a new user password by following these steps:


1. Log into your online banking by our secure link for Expired Password and entering the temporary below. Your temporary password is: vn#E$mv3jVFkv


2. You will then be prompted to change your password.


This temporary password will expire in 24 hours.


March 15: Murphy-Wall has been notified that an email may have been received by our customers that indicates a security breach may have occurred at a local college. We do not have any way to verify the validity of the email. However, our customers should feel free to call us with any concerns. In addition, telephone banking and online banking are available to review account information on a daily basis 24X7 - even when our staff is not personally available to assist you.


February 2012


Customers report receiving text messages to activate debit cards. Please be advised that these messages are not from Murphy-Wall State Bank and Trust Company.


January 10, 2012

FBI Warns of New Spear Phishing Campaign Using NACHA's Name


The FBI is warning the public of coordinated malware and denial of service (DDoS) attacks designed to drain bank accounts, while also launching a DDoS attack. The responsible crime ring steals banking credentials using Zeus variant "Gameover" malware, while also launching a distributed DDoS attack on the victim's financial institution as a diversion.


"The campaign involves a variant of the "Zeus" malware called 'Gameover,'" explains the agency. "The spam campaign is pretending to be legitimate e-mails from the National Automated Clearing House Association (NACHA), advising the user there was a problem with the ACH transaction at their bank and it was not processed. Once they click on the link, they are infected with the Zeus or Gameover malware, which is able to key log as well as steal their online banking credentials, defeating several forms of two factor authentication."


The FBI in Denver is asking all consumers to be cautious of opening emails from unfamiliar senders.


Source: EPCOR/SECURITYWEEK


November 10, 2011

Fraudulent Emails


Some customers have reported receiving emails with a Subject line of: ACH payroll payment was not accepted by Murphy Wall State Bank. The emails request that you review transaction details by clicking on a link. The emails are NOT from Murphy-Wall State Bank and Trust Company. You should never click on any links on emails from any unknown sources!


September 30, 2011

Fraudulent Pop Ups


Some customers have reported receiving a message when exiting or while using our website that suggests your personal information at Murphy-Wall State Bank and Trust Company may be at risk. These Pop Ups are NOT authorized by Murphy-Wall.


Here is an example:


Attention Murphywall.com Visitor,


Data Security Breach Information


We want to make you aware of a situation that has occurred that could be related to your personal information. Recently, there was a massive system breach at Epsilon, a third party vendor that supplies marketing services to a number of companies, including Chase, Verizon, Visa, Target, Best Buy, American Express, US Bank and many others. Files containing personal customer information were compromised.


Customer names, email addresses and some account details were exposed. Because of the increased risk of identity theft, we are urging you to check your credit report for any activity that you did not authorize.


To help protect you against this data breach, we have made your credit score available at no charge until 11:59 pm, September 30, 2011. Please be aware that although your credit score is free, a credit card will be required to validate your identity.


If you see such a message, do not click any links and do not give anyone your personal credit card or account information. What you should do:


• run an anti-virus program


• run a spyware program


• clear your cache (on your toolbar, go to Tools then Delete Browsing History)


Remember that Murphy-Wall will never ask you for information that we already have on file! If you have any concerns or suspicions about a message from Murphy-Wall State Bank and Trust Company, please call us at 618-357-5373.


In addition, we have also been made aware that if you do call a credit service, you may be subject to a marketing pitch for "free" credit management tools. In some cases, if you fail to cancel the service within 30 days, your credit card or account will automatically be charged for the service.


April 26, 2011

Fraud Alert Involving Unauthorized Wire Transfers to China


The FBI has observed a trend in which cyber criminals, using banking credentials of US Businesses, sent unauthorized wire transfers to Chinese economic and trade companies located near the Russian border.


For more information, please go to http://www.ic3.gov/media/2011/ChinaWireTransferFraudAlert.pdf


March 2, 2011

Fraudulent Emails claiming to be from Federal Reserve


EPCOR has received reports that individuals and/or companies are receiving fraudulent emails that have the appearance of being sent from the Federal Reserve. Specifically, the email claims to be from the Federal Reserve Wire Network and appears to be sent from "fedwire@federalreserve.gov. <mailto:fedwire@federalreserve.gov.> " See a sample below.


= = = = = Sample Email = = = = = =


From: fedwire@federalreserve.gov <mailto:fedwire@federalreserve.gov> [mailto:fedwire@federalreserve.gov <mailto:fedwire@federalreserve.gov> ]


Sent: Wednesday, March 02, 2011 10:09 AM


To: Doe, John


Subject: Your Wire fund transfer The Wire transaction , recently sent from your checking account (by you or any other person), was cancelled by the Federal Reserve Wire Network.


Please click here <http://mpx.informz.net/z/cjUucD9taT0xMDgzNzEzJnA9MSZ1PTc1MjM2Mjg2NyZsaT00NjA4OTAy/index.html> to view details ------------------------------------------------------------------


Adam Diaz ,


Fraud Department


This is a fraudulent email. It was not sent by the Federal Reserve. Do NOT click on any of the links. Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.


************************************************************************************************************************


The staff at Murphy-Wall State Bank and Trust Company encourages you to visit this page often as an additional resource regarding the protection of your individual identity and account information. As we receive information from service providers and banking organizations that we feel will benefit our customers, we will post their messages here in an effort to keep you updated regarding Fraud Alerts and other Security Issues. In addition, we will also post information regarding any training or educational efforts that we may know of or sponsor from time to time. This page is for your benefit. If you have an suggestions for this page, please let us know!