The FBI continues to investigate an international fraud scheme that has affected hundreds of small business accounts...
ACH, Banking Account Fraud Scheme
ProPay, Inc. has recently become aware of what appears to be a very large and widespread international fraud scheme involving unauthorized electronic checks (ACH). The scheme has affected millions of people including, unfortunately, a small number of individuals who may be or have been ProPay account holders. To be clear, after internal and external analysis and investigation, ProPay is extremely confident that the stolen bank information came from other sources and not from ProPay.
ProPay has an ongoing effort to monitor our systems and we remain confident in our system security. ProPay's systems fully encrypt client sensitive information in storage as well as in transit. In addition, sensitive client information is masked when it is viewed internally or externally. ProPay is committed to protecting sensitive information and we will continue to adhere to industry best practice security standards. ProPay meets or exceeds the security requirements and data protection as defined by the major card brands (PCI DSS)—Visa, MasterCard, etc.
The fraud scheme mentioned above involves an electronic draft against a checking account ranging in amount from $24.95 – $39.99. The charge appears on the affected individual's checking account statement under one of a variety of names which may include MBilling, MB Moon Park, MB Hot Planet, and PHE Subscription. The business supporting these names represents itself to victims as a third-party billing service, generally billing on behalf of a purported adult website.
With regard to this particular ACH scheme we know the following:
1. This is an international scheme and millions of people (the vast majority of whom have no affiliation to ProPay) have been affected.
2. We know that numerous payment providers, processors, banks, mortgage companies and others have felt the effects of this scheme and have been named in various reports, blogs, etc.
We encourage the following actions to protect your sensitive information from fraudulent activity.
1. Frequently check your bank accounts and credit card statements (even if you don't balance your account) and immediately report suspicious activity.
2. Keep your computer secure by using up-to-date firewall and virus protection software and by restricting access appropriately.
3. Sign up for automatic updates for any Windows Operating System (OS). If you have an OS earlier than XP, we strongly recommend that you upgrade to at least XP and install all Service Packs.
4. Reject any email that asks you to follow a link to a website and input sensitive or personal information.
5. Only do business with secure websites – look for the lock icon in the bottom-right of your internet browser or look for the prefix "https://..." where the "s" indicates a secure site.
6. Strengthen your password – include numbers, symbols and upper and lower case letters. Using a unique password for each service also helps protect your accounts.
7. For more information please see www.onguardonline.gov.
ProPay has been in contact with law enforcement and will continue to monitor the developments surrounding this particular fraud scheme and will gladly assist, to the extent possible, any ProPay account holders that may have been affected. If you have questions please contact ProPay at (866) 964-0853.