• About SpiritBank  |  
• Contact Us  |  
• Help & Support

• Find a Branch/ATM
• Search this site

Phishing Email Scam

There is evidence of a Phishing campaign underway targeting businesses with Merchant Accounts with the payment processor First Data.  First Data is an Atlanta based provider of online and on-site payment solutions which caters to merchants, financial institutions and government agencies.

There are rogue emails purporting to be from First Data Services.  The email asks the vendor to update their login. The email also asks for the merchant’s store number, user ID, password, tax ID, and phone number.

The email’s subject line reads, “MERCHANT ACCOUNT UPDATE” and it claims to be sent from “FIRSTDATA SERVICES.” The body of the message states:

Dear First Data customer,

Please update your login.  Download the attachment in the e-mail and proceed.

The attachment is entitled: “Update Your Account Information.html.” When the attachment is opened inside the browser, it displays a spoofed First Data Global Gateway login page which is used by the criminal to attempt to gather critical pieces of information regarding the merchant account such as the information mentioned above – merchant ID, password, etc.

Once the scammer has this information, they can create bogus transactions and they have gained control over that specific merchant account.  Also, this account control possibly gives the criminal access to customer’s accounts and information – thus escalating the compromise.

If you do receive this email, DO NOT download the attachment or give any of the information asked for in this email.  Call FIRST DATA from a phone number you have in your possession already – from a statement, or agreement documentation.  Do not use any phone numbers or email addresses from the email to validate the authenticity of the email. 

If you think you have been a victim of the scam, call your financial institution and file a complaint with the FBI’s Internet Crime Complaint Center: http://www.spiritbank.com/leavepage.html?url=http://www.ic3.gov/complaint/default.aspx .

We at SpiritBank want to keep you informed about anything affecting the security of your private information or your finances.