Recently, our debit cards have been subjected to brute force attacks. This issue is affecting multiple institutions. Security Savings Bank’s Fraud Detection Center is closely monitoring these attempts to prevent any fraudulent activity from occurring.
As a cautionary measure, we are restricting the affected debit cards, as well as the group of retailers from accepting our debit card until this situation is resolved. If your debit card has been restricted, please call us at 309-734-9333.
It is important to note that your account and personal information have not been compromised.
If you have any questions on brute force attacks, please read the FAQs below or call us at 309-734-9333 to speak with a savings counselor.
A brute-force attack is a trial-and-error method used by fraudsters to obtain payment card information such as an account number, card expiration date, PIN, or 3-digit security code on the back of the card (CVV).
The fraudsters have found a partial number associated with Security Savings Bank’s debit card batch and they are using this partial number along with random numerical strings to guess at full card numbers, expiration dates, and 3-digit security codes on the back of the debit card (CVV). Once the fraudster has gained access to the information, they can use a merchant’s terminal or online system to perform computer-generated test transactions until the fraudster receives a valid authorization. These authorization requests can accumulate into the thousands in seconds.
Using this authorization information, the fraudster can then combine the valid card verification value, expiration date, and card numbers obtained via the brute force attack to perform fraudulent transactions. The fraudsters do not have the cardholder’s name, phone number, address, or PIN. They are simply trying to guess at card numbers and expiration dates to find a match.
Our fraud detection center sees the suspicious attempts, blocks the fraudulent transaction, and follows up with a call to the cardholder to be sure it is not a legitimate transaction. This means that our fraud detection center has done its job to prevent fraudulent activity from occurring. It is not likely the fraudsters will try again on that card once the transaction has been blocked. They will move on to guess other card numbers looking for a successful match. Your information has not been compromised but if your card has been restricted, please call us at 309-734-9333.
No, not unless fraud was posted to your account. If all the attempts of fraud were blocked, no action is needed.
No. The card numbers in the attacks were not obtained from a compromise. The fraudsters are simply guessing card numbers and the card expiration dates. If your card has been restricted, please call us at 309-734-9333.
When the fraudsters get a successful hit on a debit card, they try to use that card information to make large internet purchases before the bank and the account owner notice the activity. Thankfully, the Security Savings Bank Fraud Detection Center has been able to block many of the “successful hits” from performing any big dollar fraud resulting from these brute force attacks.
Our world is becoming more digital. It is important to be diligent to prevent fraud when using online services like our online or mobile banking, mobile app, and Zelle®. Keep these tips in mind to protect yourself from scammers.
Through your use of the Services, we may collect personal information from you in the following ways:
• If you provide feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply.
• We also collect other types of personal information that you provide voluntarily, such as any information requested by us if you contact us via email regarding support for the Services.