Security Awareness

We thought you might like to stay informed...

If you are looking for Financial Education information, please see our Helpful Links page.

May 6, 2016 - FinCEN Reminds Public to be Wary of Fraudulent Correspondence and Phone Calls

A recent Alert has been issued regarding financial scams via telephone. For more information see

Fraud Alert vs Credit Freeze

AllClear-ID has posted an interesting article on choices you may make when you believe that you may be a victim of credit fraud. AllClear-ID is one of several vendors that assist in credit monitoring.

Murphy-Wall State Bank and Trust Company does not endorse this vendor over any other company providing this type of service.

December 11, 2015 - Known Scams!!

Watch out for the top 12 scams this holiday season. Click here to learn more….

December 11, 2015 - Fraudulent UPS Email Alert

There have been a number of fraudulent emails reported, and new spoofs continue to be introduced. These types of emails point to invalid hyperlinks that are revealed when you hold your cursor over them. The invalid links may contain malware, which could potentially corrupt your computer.

Please be advised that UPS does not request payments, personal information, financial information, account numbers, IDs, passwords, or copies of invoices in an unsolicited manner through email, mail, phone, or fax or specifically in exchange for the transportation of goods or services. UPS accepts no responsibility for any costs or charges incurred as a result of fraudulent activity.

Please visit the link below for more information.

June 11, 2015

NCCIC and US-CERT Bulletin: The Internet Crime Complaint Center (IC3) has released an alert warning consumers of fraud around the resale of gift cards. When purchasing gift cards, look for reputable merchants who will ensure resold cards contain correct balances.

April 21, 2015 - IRS Refund Ransomware

Many of us waited till the last moment before the April 15 tax deadline and are now holding our collective breath in expectation of that possibly rewarding refund. The problem is that cyber criminals are very aware of this anticipation and use social engineering tactics to trick tax payers. Knowing that many in America are waiting for word from the Internal Revenue Service concerning pending refunds, the cyber mafia is working hard to get in first with a massive phishing attack that has a ransomware attachment.

Cyber criminals are preying on American tax payers that have made the April 15th deadline and are now waiting to hear about their refund. There is a massive phishing scam going on right now which tries to trick you into opening a Microsoft Word attachment. But if you do, all your files will get hijacked and encrypted. If that happens, you only get your files back after paying around $500 ransom. Remember, think before you click, and do not open any attachments you did not ask for!

Here is what the email looks like:

March 2, 2015 - Ransomware

National Cyber Awareness System: The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access to it until a ransom is paid to unlock it.


Murphy-Wall State Bank and Trust Company Raises Awareness for Data Privacy Day Jan. 28

In recognition of National Data Privacy Day on Jan. 28, Murphy-Wall is urging customers to take an active role in protecting their data.

Our first priority is to protect our customers' money and information. We use a combination of safeguards to protect our customers' information, and we encourage our customers to partner with us in that effort.

To help ensure the safety of personal information, we suggest following these four tips:

1. Create c0mplic@t3d passwords. Avoid birthdays, pet names and simple passwords like 12345. It is also important to change passwords at least three times a year. Because friendly theft – theft by someone the victim knows – is the most common type of identity theft or fraud, don't share your passwords with family members and be mindful of who has access to your personal information.

2. Keep tabs on your accounts. Check account activity and online statements often, instead of waiting for the monthly statement. You are the first line of defense because you know right away if a transaction is fraudulent. If you notice unusual or unauthorized activity, notify your bank right away. When a customer reports an unauthorized transaction in a timely manner, the bank will cover the loss and take measures to protect the account.

3. Stay alert online. Be sure computers and mobile devices are equipped with up-to-date anti-virus and malware protection. Never give out your personal financial information in response to an unsolicited email, no matter how official it may seem. Your bank will never contact you by email asking for your password, PIN, or account information. Only open links and attachments from trusted sources. When submitting financial information on a website, look for the padlock or key icon at the top or bottom of your browser, and make sure the Internet address begins with "https." This signals that your information is secure during transmission.

4. Mobilize your defenses. Use the passcode lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen. Before you donate, sell or trade your mobile device, be sure to wipe it using specialized software or using the manufacturer's recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen. Use caution when downloading apps, as they may contain malware and avoid opening links and attachments – especially from senders you don't know.

Tips for Victims:

If you are a victim of fraud and suspect your personal information has been compromised, you should take the following steps:

  • Call your bank and credit card issuers immediately so they can take necessary steps to protect your account.
  • File a police report and call the fraud unit of the three credit-reporting companies.
  • Consider placing a victim statement in your credit report and a fraud alert on your account.
  • Keep a log of all the contacts you make with authorities regarding the matter. Write down names, titles, and phone numbers in case you need to re-contact them or refer to them in future correspondence.
  • Contact the FTC's ID Theft Consumer Response Center at 1-877-ID THEFT (1-877-438-4338) or

Data Privacy Day commemorates the 1981 signing of the first legally binding international treaty dealing with privacy and data protection. It is led by the National Cyber Security Alliance, a non-profit, public private partnership focused on cyber security education for all online citizens.

April 9, 2014 - Heart Bleed Vulnerability

On April 7, 2014, security researchers announced a recently-discovered vulnerability called Heart Bleed. By exploiting this vulnerability, attackers could access sensitive data, compromising the security of servers and users. The management of Murphy-Wall State Bank and Trust Company is keeping a close eye on the "Heartbleed" bug you may have heard about. The vendor we use for Online Banking has completed a preliminary assessment and has not discovered any vulnerability. We continue to monitor other third-party vendors as they complete their assessments. The safety of your accounts is very important to us.

April 12, 2014 update - reports from our third-party vendors continue to indicate that no vulnerability in their systems are present and your information has not been compromised by the "Heartbleed" bug.

April 5, 2014 Rural King Data Breach

Reports have surfaced that Matton, Illinois-based farm supply store Rural King has suffered a data breach. The company has been notifying its customers since the hackers gained access to their personal and financial information. It's uncertain how many individuals are impacted by the breach, but according to a letter sent earlier this week by the company to the New Hampshire Attorney General, cybercriminals gained access to Rural King systems on February 6, 2014. The intrusion into the firm's web server was detected on March 7... more at .

At this time, Murphy-Wall State Bank and Trust Company has not been alerted to any customers affected by this breach nor do we find information related to the breach on This information is being provided solely to alert our visitors of the possibility that a reported breach has occurred which could affect you.

March 31, 2014 - Security Notice for Windows XP Users

As you may already know, on April 8, 2014 Microsoft will stop issuing security updates to Windows XP. This means that after April 8, 2014 there will be a substantial security risk to anyone using this operating system, since security vulnerabilities will no longer be patched. If you are currently using Windows XP please take note of this.

Although this will not cause an interruption to any of the services we provide our customers, continued use of a computer utilizing Windows XP could place your devices and the information on them at serious risk. We encourage you to learn more about this upcoming cessation of service by Microsoft and to become informed on what you will need to do to secure your information. To learn more we suggest you visit: Microsoft XP Support Ends

Internet Banking customers may also review our Electronic Banking Services Agreement and Disclosure for more information about security and access to our services.

March 2, 2014

Apple has released a critical security update to address a potential vulnerability and security patch for its Mac, iPhone, iPad and iPod devices.

Apple has recommended that users of these devices immediately take steps to reduce security risks by updating to the latest version of their device's operating system. The update is available for iOS7, iOS6 and OSX desktop platforms and can be found under "Software Update" in general settings.

The security of our online banking offering continues to be a top priority. We are monitoring the situation and will inform you if updates become available.

January 2014

Target Data Breach Update

As of late, you may have seen articles in the media stating that personal information was also compromised, including such data as name, mailing address, email address and phone number.

With this information, targeted schemes may be directed against individuals requesting cardholder account information. Murphy-Wall State Bank anticipates there could be an increase in targeted phishing (email), vishing (voice) and smishing (text) attacks in which fraudsters target a broad audience, telling each recipient that their account has been compromised in this event.

Through this scam, they attempt to gain account information, including the account holder's PIN. Vishing attacks using telephony technologies can be very convincing, so it is important to remember that if you receive a phone call, email, or text regarding requests for account numbers or PIN information, do not give out any information. If Murphy-Wall State Bank should need to contact you, we will not ask you for account information because we already have access to your information.

December 2013

Target Breached

Visa has notified us of an incident in which Visa Check Card accounts (debit cards) may have been compromised as a result of a security breach at Target stores. Information concerning the breach can be found on Target's website at:

In an attempt to assist our customers in monitoring card activity, we have activated an ALERT system which sends email and/or text messages for transactions. The system sends messages when a transaction is authorized or when a transaction is declined or both. If Murphy-Wall customers wish to receive these messages, they may call us to request the service. They system may send the ALERT messages via text or email or both.

Murphy-Wall State Bank is working tirelessly to monitor and protect our account holders. If you have any questions, please do not hesitate to call us at (618)357-5373 or toll-free at (877) 358-6554. We will be happy to answer any questions you may have.

November 2013

Fraudulent Calls

We are aware that fraudulent calls indicating that Debit cards have been compromised are being made to phone numbers within the 618 area code, however this has not been confirmed to be limited to just the 618 area code. The "Robo" or Automated Caller request card holder information. Please do not give out any information!

These calls are not related to Murphy-Wall State Bank and Trust Company. However, we do want to keep our customers informed as much as possible about fraud activity that could possibly affect you or a member of your family.

If you have been a victim of these calls and you are our customer, please call our card hot line toll-free using our telephone banking services at 877-358-6554 Option 1, 5, 2 or direct to the Visa Hotline at 800-264-4274 if you are calling after our normal banking hours. Calling us is the best way of keeping your possible losses down; then confirm your call with a letter to us.

October 2013

Stay Safe Online!

Videos on Security Topics are located on our website! Feel free to visit and learn about Phishing, Identity Theft, Internet Fraud, Social Media and Portable Devices.

September 2013

FDIC Consumer News

The Federal Deposit Insurance Corporation has issued on their Consumer News page, information on Financial protection and great tips for Seniors on how to steer clear of scam artists. Please visit for information on how to manage your money and protect your identity.

September 2013

Denial of Service Attacks

Over the last few years and recently, malicious cyber actors have compromised media outlets using DNS hijacking as an attack vector. These types of attacks could be desirable for hacktivists looking to increase their global notoriety because by altering the DNS pathway, malicious actors can direct the compromised

site's visitors to a webpage of their choosing, including hacker-related imagery or messaging.

At this time, many of the malicious actors who have conducted these types of attacks have redirected Internet users to a malicious actor-controlled web page designed to cause panic or confusion for those impacted.

Murphy-Wall continues to monitor these types of activities. As always we encourage our customers to call us and report any suspicious activity regarding your On-line banking relationship with us.

April 2013

Visa Check Card Compromise

Visa has notified us of an incident in which card accounts held by our customers may have been compromised as a result of a security breach at Schnucks. The exposure window was from February 5, 2013 to March 27, 2013. We will be notifying our account holders if we feel their card may be one of those affected. To protect our customers we take action to block the use of compromised cards. If you feel that you may have been a victim, please contact us at 618-357-5373. We will be happy to answer any questions you may have.

For more on the Schnucks breach, visit (Article on Tuesday, April 16, 2013) and Schnucks' website.

February 2013

Fraudulent Calls to Cell Phones

We are aware that fraudulent calls indicating that Visa cards have been compromised are being made to cell phone numbers in our area. At this time, we believe that the calls are being directed to phones with a 318 prefix, however this has not been confirmed to be limited to just those numbers. Calls are requesting card holder account numbers. Please do not give out any information!

These calls are not related to Murphy-Wall State Bank and Trust Company. However, we do want to keep our customers informed as much as possible about fraud activity that could possibly affect you or a member of your family.

If you have been a victim of these calls and you are our customer, please call our card hot line toll-free using our telephone banking services at 877-358-6554 Option 1, 5, 2 or direct to the Visa Hotline at 800-264-4274 if you are calling after our normal banking hours. Calling us is the best way of keeping your possible losses down; then confirm your call with a letter to us.

November 2012

Statewide Corporate Scam Warning

Illinois Secretary of State Jesse White is warning businesses to beware of a firm called Corporate Records Service, which is contacting Illinois businesses in an attempt to collect a $125 fee to fill out a corporation's "Annual Minutes Records Form." The Illinois Business Corporation Act does not require corporations to file a "Minutes Records Form" or pay such a fee with the state or any private entity. "The problem is that the form this bogus firm is sending out looks similar to our Secretary of State's annual report form," White said." The false notice, which is mailed in a green envelope, states that the fee must be paid by November 9, 2012. Illinois corporations should be on the alert for this and other similar attempts to defraud them. White is urging anyone who has become a victim of the scam to call the Secretary of State's Business Services Office at 217-782-6961 or 312-793-3380.

May 2012

Consumer Scam Alert

The ACH Network recently experienced an increased number of fraudulent payments using the Federal Reserve Bank of Atlanta's routing transit number. These payments have all been returned timely via the normal return process. Normal monitoring and controls for verifying payments in FedACH will continue to identify and reject these transactions back to the originating institutions.

Many of the unauthorized payments were created by service provider customers to pay their utility and cable bills. It is important for consumers to know that they cannot use the Fed's RTN to make an on-line or e-check bill payment.

Any text, e-mail, phone call, flyer or Web site that might instruct a consumer on how to pay bills using the Fed's RTN (e.g., "the government can pay your bills") is a scam and payments initiated in this manner will be intercepted.

Questions regarding this situation should be directed to FedACH Central Operations Support at (866) 234-5681.

April 2012

Murphy-Wall State Bank has received notification of a security breach involving a third-party payment processor, Global Payments, Inc. If your debit card is affected, we will communicate that information to you as soon as it is available to us. In the meantime, we encourage you to closely monitor the activity on your account and notify us immediately if you suspect any fraudulent activity. Please visit our Debit Card Fraud Prevention page for contact information.

March 2012

March 16: Murphy-Wall has been notified by a third party source that our customers may receive a Phishing Email that is indicated below. You should disregard and/or delete this Email.

Dear Account Holder,

This message is mailed to you regarding your online banking user password has been expired.

Create a new user password by following these steps:

1. Log into your online banking by our secure link for Expired Password and entering the temporary below. Your temporary password is: vn#E$mv3jVFkv

2. You will then be prompted to change your password.

This temporary password will expire in 24 hours.

March 15: Murphy-Wall has been notified that an email may have been received by our customers that indicates a security breach may have occurred at a local college. We do not have any way to verify the validity of the email. However, our customers should feel free to call us with any concerns. In addition, telephone banking and online banking are available to review account information on a daily basis 24X7 - even when our staff is not personally available to assist you.

February 2012

Customers report receiving text messages to activate debit cards. Please be advised that these messages are not from Murphy-Wall State Bank and Trust Company.

January 10, 2012

FBI Warns of New Spear Phishing Campaign Using NACHA's Name

The FBI is warning the public of coordinated malware and denial of service (DDoS) attacks designed to drain bank accounts, while also launching a DDoS attack. The responsible crime ring steals banking credentials using Zeus variant "Gameover" malware, while also launching a distributed DDoS attack on the victim's financial institution as a diversion.

"The campaign involves a variant of the "Zeus" malware called 'Gameover,'" explains the agency. "The spam campaign is pretending to be legitimate e-mails from the National Automated Clearing House Association (NACHA), advising the user there was a problem with the ACH transaction at their bank and it was not processed. Once they click on the link, they are infected with the Zeus or Gameover malware, which is able to key log as well as steal their online banking credentials, defeating several forms of two factor authentication."

The FBI in Denver is asking all consumers to be cautious of opening emails from unfamiliar senders.


November 10, 2011

Fraudulent Emails

Some customers have reported receiving emails with a Subject line of: ACH payroll payment was not accepted by Murphy Wall State Bank. The emails request that you review transaction details by clicking on a link. The emails are NOT from Murphy-Wall State Bank and Trust Company. You should never click on any links on emails from any unknown sources!

September 30, 2011

Fraudulent Pop Ups

Some customers have reported receiving a message when exiting or while using our website that suggests your personal information at Murphy-Wall State Bank and Trust Company may be at risk. These Pop Ups are NOT authorized by Murphy-Wall.

Here is an example:

Attention Visitor,

Data Security Breach Information

We want to make you aware of a situation that has occurred that could be related to your personal information. Recently, there was a massive system breach at Epsilon, a third party vendor that supplies marketing services to a number of companies, including Chase, Verizon, Visa, Target, Best Buy, American Express, US Bank and many others. Files containing personal customer information were compromised.

Customer names, email addresses and some account details were exposed. Because of the increased risk of identity theft, we are urging you to check your credit report for any activity that you did not authorize.

To help protect you against this data breach, we have made your credit score available at no charge until 11:59 pm, September 30, 2011. Please be aware that although your credit score is free, a credit card will be required to validate your identity.

If you see such a message, do not click any links and do not give anyone your personal credit card or account information. What you should do:

• run an anti-virus program

• run a spyware program

• clear your cache (on your toolbar, go to Tools then Delete Browsing History)

Remember that Murphy-Wall will never ask you for information that we already have on file! If you have any concerns or suspicions about a message from Murphy-Wall State Bank and Trust Company, please call us at 618-357-5373.

In addition, we have also been made aware that if you do call a credit service, you may be subject to a marketing pitch for "free" credit management tools. In some cases, if you fail to cancel the service within 30 days, your credit card or account will automatically be charged for the service.

April 26, 2011

Fraud Alert Involving Unauthorized Wire Transfers to China

The FBI has observed a trend in which cyber criminals, using banking credentials of US Businesses, sent unauthorized wire transfers to Chinese economic and trade companies located near the Russian border.

For more information, please go to

March 2, 2011

Fraudulent Emails claiming to be from Federal Reserve

EPCOR has received reports that individuals and/or companies are receiving fraudulent emails that have the appearance of being sent from the Federal Reserve. Specifically, the email claims to be from the Federal Reserve Wire Network and appears to be sent from " <> " See a sample below.

= = = = = Sample Email = = = = = =

From: <> [ <> ]

Sent: Wednesday, March 02, 2011 10:09 AM

To: Doe, John

Subject: Your Wire fund transfer The Wire transaction , recently sent from your checking account (by you or any other person), was cancelled by the Federal Reserve Wire Network.

Please click here <> to view details ------------------------------------------------------------------

Adam Diaz ,

Fraud Department

This is a fraudulent email. It was not sent by the Federal Reserve. Do NOT click on any of the links. Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.


The staff at Murphy-Wall State Bank and Trust Company encourages you to visit this page often as an additional resource regarding the protection of your individual identity and account information. As we receive information from service providers and banking organizations that we feel will benefit our customers, we will post their messages here in an effort to keep you updated regarding Fraud Alerts and other Security Issues. In addition, we will also post information regarding any training or educational efforts that we may know of or sponsor from time to time. This page is for your benefit. If you have an suggestions for this page, please let us know!