We’re everywhere your mobile device is ™

Security Alerts

Chain Bridge Bank is dedicated to protecting your confidential information.  As part of that effort, we maintain this page with current security alerts.  Here, we pass on to you any alerts that we receive about ongoing scams, so you can be proactive in defending yourself from criminals.  Professional data thieves target both institutions and individuals, so it is always important to remain vigilant and to treat requests for your information very carefully.  Please check back from time to time for new alerts and warnings.

 

Chain Bridge Bank does not solicit information (Social Security Number, account numbers, credit card numbers, passwords, etc) by means of email. If you receive an email requesting confidential information from someone claiming to represent Chain Bridge Bank, do not respond to the email. Please call any one of our representatives to report any solicitation of this kind that you receive.

 

Many of the alerts you will find on this page come from the FBI's 'New E-Scams & Warnings' page.  It is an excellent resource for keeping up with the most recent online threats.

 


Fictitious Correspondence from the OCC (March 11th, 2015)

Please be alert for fraudulent correspondence regarding funds under the control of the Office of the Comptroller of the Currency (OCC), or possibly other government entities, indicating they are holding funds in your name and requesting personal information. This material is being used to elicit funds and gather personal information to be used in future identity theft from individuals. This correspondence may be distributed via e-mail, fax, or postal mail. The e-mail address used in the electronic correspondence may be occ.treasury@usa.com. Prior to responding in any manner to any proposal from the OCC that requests personal or account information, please verify the legitimacy of the proposal by contacting the OCC directly. If the request appears fraudulent please contact state or local law enforcement. To view the full notice from the OCC please click here.

 

If you have any questions or concerns, please do not hesitate to contact Chain Bridge Bank Support at support@chainbridgebank.com or by calling (703) 748-2005.


Holiday Phishing Scams and Malware Campaigns (November 26th, 2014)

The holiday season provides increased opportunities for malicious actors to conduct seasonal phishing and malware campaigns as a means to gain unauthorized access to computer systems.  Over the course of the holiday season, please continue to practice safe browsing and to evaluate e-mails, SMS messages, and other communications with a critical eye.

Please be aware that cyber actors may leverage the sales, good will, and other aspects of the holiday season to entice individuals into opening attachments, clicking links, or installing software that contains malicious code or collects personal information. Customers should practice safe internet browsing both on personal and corporate computer systems.

Potential attack vectors include:
• Seasonal E-Cards/E-mails
• E-mails/In-mails on social networking sites
• Fraudulent posts on social networking sites
• Fake advertisements
• Fake shipping notifications, with attachments or links to view the notice
• Charity scams
 
Protective measures against phishing scams and malware campaigns include:
• Maintain up-to-date antivirus software'
• Maintain up-to-date, patched software (operating systems, internet browsers, Adobe Flash, Silverlight, etc...)
• Do not follow unsolicited web links in email, text, or chat messages
• Use ad-blocking software to avoid 'malvertising' and potential downloading of malicious content
• Enable "click to play" in your internet browser to avoid automatically playing embedded content on a web page (i.e. news sites, Facebook, etc...)
• Do not open unexpected attachments
• Save and virus scan attachments before opening them
• Do not provide personal or corporate information over the phone, through a website, or via email to unknown persons or to an unsecure web site.
• Verify the identity of the person with whom you are communicating

If you have any questions or concerns, please do not hesitate to contact Chain Bridge Bank Support at support@chainbridgebank.com or by calling (703) 748-2005.

A link to the US-CERT informational alert and additional resources and information may be found here:

US-CERT Holiday Phishing/ Malware Notice Notice

US-CERT Phishing Awareness

US-CERT Shopping Safely Online

US-CERT Traveling with Personal Internet Enabled Devices (i.e. Mobile Phones, Tablets, etc...):

FTC Charity Scams Information


Gmail Addresses and Passwords Reported to be Compromised (September 10th, 2014)

Five million Gmail addresses and their accompanying plain text passwords were posted Tuesday on an online forum. The data is believed to be dated and likely pulled from multiple sources that have been compromised. This means that the data may not correspond with Gmail, but rather with other sites where users have used their Gmail address as their username. Regardless of whether the data was compromised from Google or from various sources it is advised that users change their passwords on websites where their Gmail account is used as their username. Please click here for an article from PC World detailing the issue. 


Home Depot Confirms Security Breach of Payment Card Data (September 8th, 2014)

On September 8, Home Depot confirmed an extensive security breach of its payment data systems, which could impact debit and credit cards used since April, 2014 in their U.S. stores. Although the breach is believed to have started in April, the investigation continues into how long the problem occurred and how much data was stolen. For more information, click here to go to the Home Depot website.

Chain Bridge Bank will contact any affected customers and will replace payment cards for those affected. If you have any questions please contact us at customerservice@chainbridgebank.com or call us at (703) 748-2005. Best practice, even if your debit card has not been compromised, is to check your account activity daily and report any unusual activity immediately.


P.F. Chang's Investigates Possible Data Breach (June 12th, 2014)

P.F. Chang's China Bistro is reportedly investigating a possible data breach in which credit and debit card data may have been compromised across locations nationwide. The first report of this incident came from security blogger Brian Krebs who noted that thousands of fresh credit cards appeared on a carding site used to sell payment data (including those from the Target department store breach.) Card data theft of this manner is usually performed by planting malicious software into cash registers at retail locations. 

Chain Bridge Bank will contact any affected customers and will replace payment cards for those affected. If you have any questions please contact us at customerservice@chainbridgebank.com  or call us at (703) 748-2005.

 


Microsoft Patches Security Vulnerability in Internet Explorer (May 1st, 2014)

Microsoft has recently announced the discovery of a security vulnerability affecting Internet Explorer versions 6 through 11. It was advised that all users avoid using Internet Explorer until a solution was developed. At 10 a.m. this morning Microsoft issued a patch that fixes the vulnerability across all versions of Internet Explorer, including browsers that are still running on the now unsupported Windows XP. If you do not have automatic updates enabled on your system, please make sure you perform the most recent Windows Update in order for this vulnerability to be patched. If you are unsure of how to access Windows Update please click here.

If you have any questions please contact us at customerservice@chainbridgebank.com  or call us at (703) 748-2005.

 


Michael's Confirms Data Breach (April 23, 2014)

Michael's, the arts and crafts retailer, has confirmed that they encountered a data breach which has compromised 3 million payment cards. Please click here for a letter from their CEO. Also, click here for a list of compromised Michael's locations and dates, and here for a list of other Aaron Brothers stores that were affected. Michael's is also offering a year's worth of free credit monitoring for affected customers.

Chain Bridge Bank will contact any affected customers and will replace payment cards for those affected. If you have any questions please contact us at customerservice@chainbridgebank.com  or call us at (703) 748-2005.

 


Information on the Heartbleed Bug (April 15, 2014)

By now you've probably heard about "Heartbleed" in the news.  We want you to know that Chain Bridge Bank's online banking platform is not affected by the Heartbleed bug.  Heartbleed is a vulnerability in the popular OpenSSL encryption software.  Chain Bridge Bank's online banking platform does not use OpenSSL and is not vulnerable to Heartbleed.

Chain Bridge Bank is committed to providing a secure technological environment for our clients.  To that end, we recommend that you update your password on a regular basis and never share passwords across multiple websites.

We continuously monitor our sites for security and take appropriate measures to protect your sensitive information.  Frequently Asked Questions about the Heartbleed bug are provided below.

Frequently Asked Questions about the Heartbleed Bug:

What is the Heartbleed Bug?
Heartbleed is a flaw in the programming on secure websites that could put your personal information at risk, including passwords, credit card information and e-mails.  The Heartbleed Bug is a defect in OpenSSL encryption technology used by many Web servers to secure users' personal or financial information.  Chain Bridge Bank's online banking platform does not use OpenSSL and is not vulnerable to Heartbleed.

Am I affected?
Although online banking with Chain Bridge Bank is safe, if you are an active user of the internet, you might have been exposed to this vulnerability.  Many popular websites - including Facebook, retail and even government sites - use the OpenSSL software.  It is unknown whether any criminals have actually exploited the bug, and several major sites, like Amazon, have already installed patches.  Many sites with an address beginning with "https" are vulnerable until the website operator fixes the bug and users change their passwords.

Is my bank account safe?
Yes, your online banking access with Chain Bridge Bank is safe.  As always, let us know immediately if you suspect any unusual activity.
We use different systems to protect your personal information including rigorous security standards, encryption, and fraud detection software.

What can I do?
We recommend that you change your online passwords and continue to follow online security best practices which include the following:

• Update your passwords on a regular basis and make sure you use different passwords on each and every website including email, retail, banking, and other sites.  That way, if your password is stolen on one site, it will not impact other sites you may use.

• Monitor your account regularly and report suspicious transactions to the bank immediately.

• Beware of phishing scams - or e-mails with malicious links - that will attempt to get personal information from you.

• Do not open attachments or click on links that are not trusted.

• If you receive an email requesting personal information, do not provide this information without independently verifying the sender and recipient of the message.  Chain Bridge Bank will never send you an email requesting personal information.

If you have any questions about online banking with Chain Bridge Bank, please contact us at customerservice@chainbridgebank.com  or call us at 703-748-2005.


Neiman Marcus and Michael's Report Payment Card Breach (January 29, 2014)

Two additional retailers, Neiman Marcus and Michaels, have reported payment card data compromises.  You can go to the websites of Neiman Marcus and Michael's to view information that specifically addresses concerns for customers who may have been affected by the data breaches.

What should I do?

Regularly check your account for unusual debit card or ACH activity.  If you notice anything out of the ordinary report it immediately by calling the Bank at 703-748-2005.  Chain Bridge Bank online banking also offers email and text alert notifications to help you keep track of activity on your account.  Sign into your online banking to set up your alert preferences.

Do not respond to any emails or phone calls that ask you to provide personal information.  Do not open links that may be included in these emails as that could potentially allow additional access to your personal information.  Be mindful of how you share your personal information.

How is the Bank helping to protect my information?

Upon notification by MasterCard of any customers affected, Chain Bridge Bank personnel will contact the customer directly to arrange for a replacement card.  If our account or card fraud monitoring systems pick up any suspicious activity a Bank employee will contact you to review the transactions in question and close the compromised account.

As a reminder, whether you are affected or not, stay vigilant and regularly check your account for unusual activity and report it at once by calling the Bank at 703-748-2005.


Target Department Store Breach (December 18, 2013)

On December 18, 2013 Target Department Store announced that its payment card data had been compromised. Target has added information on their website to specifically address concerns from their customers who may have been affected by the data breach that occurred in their U.S. stores between November 27th and December 15th. Target offers more answers to customer questions and concerns on their website. You can view their website by clicking here

 

Upon notification by MasterCard of any customers affected, Chain Bridge Bank personnel will contact the customer directly to arrange for a replacement card. Do not respond to any emails that appear to be from Target notifying you that your card has been compromised. Do not provide personal information to anyone you are not sure of. Do not open any links that may be included in these e-mails as that could potentially allow additional access to your personal information.

Target Red Cards have also been affected. For questions on a Red Card, please call Target:

• In U.S. call: 1-888-755-5856

• From outside the U.S. call Collect: 1-612-307-8622

 

As a reminder, whether you are affected or not, regularly check your account for unusual debit card or ACH activity and report it at once by calling the Bank at 703-748-2005.


Popular Windows downloader has secret DDoS capability (August 23, 2013)

 

Unbeknownst to its users and perhaps even to its developers, the popular Windows download manager Orbit Downloader has been outfitted with a DDoS component. (more)

 


Ransomware Purporting to be from the FBI is Targeting OS X Mac Users (July 18, 2013)

 

In May 2012, the Internet Crime Complaint Center posted an alert about the Citadel malware platform used to deliver ransomware known as Reveton. The ransomware directs victims to a drive-by download website, at which time it is installed on their computers. Ransomware is used to intimidate victims into paying a fine to “unlock” their computers. Paying the fine does nothing to solve the problem with the computer; do not follow the ransomware instructions. The ransomware has been called “FBI Ransomware” because it uses the FBI’s name.

 

The newest version of ransomware targets OS X Mac users. This new version is not malware; it appears as a webpage that uses JavaScript to load numerous iframes (browser windows) and requires victims to close each iframe. The cyber criminals anticipate victims will pay the requested ransom before realizing all iframes need to be closed. (more)

 


 

Facebook virus "Zeus" resurfaces (June 06, 2013)

 

The Facebook virus "Zeus" has resurfaced recently and it affects online banking in particular. The virus is placed on your computer mostly through clicking links that appear to be sent by a Facebook friend. The virus lays dormant on your PC until an online banking site is opened. It then replaces the the online banking interface with a phishing website which copies your log in credentials and uses it to empty your bank account. Please be aware of suspicious links sent to you on Facebook and always use caution when clicking links sent through social networking websites. (more)

 


 

Cyber Criminals Using Photo-Sharing Programs to Compromise Computers (May 30, 2013)

 

The FBI has seen an increase in cyber criminals who use online photo-sharing programs to perpetrate scams and harm victims’ computers. These criminals advertise vehicles online but will not provide pictures in the advertisement. They will send photos on request. Sometimes the photo is a single file sent as an e-mail attachment, and sometimes the victim receives a link to an online photo gallery.

 

The photos can and often contain malicious software that infects the victim’s computer, directing the user to fake websites that look nearly identical to the real sites where the original advertisement was seen. The cyber criminals run all aspects of these fake websites, including “tech support” or “live chat support” and any “recommended” escrow services. After the victim agrees to purchase the item and makes the payment, the criminals stop responding to correspondence. The victims never receive any merchandise. (more)

 

 


 

E-Mail Claiming to Be From the FDIC (January 30, 2013)

 

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC.

 

While the e-mails exhibit variations in the "From" and "Subject" lines, the messages are similar.

 

The fraudulent e-mails are addressed to the attention of the “Accounting Department” and meant to notify recipients that that that “ACH and WIRE transactions” are being blocked until “a special security software” is installed.

 

They then instruct recipients to go to a Web site for instructions on how to download the necessary files by clicking on a hyper-link provided (Note: the Web site addresses (URL) vary widely).

 

This e-mail and link are fraudulent. Recipients should consider the intent of this e-mail as an attempt to collect personal or confidential information, or to load malicious software onto end users' computers. Recipients should not click on the link provided.

 

The FDIC does not issue unsolicited e-mails to consumers or business account holders.

 

 

 

Switch to our bank

switch-kit logo

Transfer from your old bank to Chain Bridge Bank.

Learn More »
FDIC insurance

Click here for important disclosures and more information regarding FDIC insurance.

Learn More »

International Services

Need world currency?  Want to send funds overseas?

Learn More »