Memorandum

 

To:             All Employees

 

From:         Debra E. Sonderman, Director

                  Office of Acquisition and Property Management

                  Senior Procurement Executive

 

Subject:      E-mail Scam Alert and Update on Bank of America Charge Card Missing Data

 

 

DOI Supplement to Bank of America Frequently Asked Questions

 

E-mail Scams:  E-mail scams or “phishing” are an attempt by criminals to get an unsuspecting victim to divulge personal, confidential information under the guise of a legitimate request.  The most common form of phishing is by e-mail.  Pretending to be from legitimate companies, financial institutions, or government agencies, the senders ask recipients to “confirm” their personal information.  “They often use scare tactics—there is a problem with your last payment, or your account is about to be closed—to prompt people to respond immediately with the requested information,” said Susan Grant, Director of National Consumers League’s National Fraud Information Center/Internet Fraud Watch Program.  Typically, the e-mails contain links to phony websites that look just like the real ones.  “When you enter your personal information on the bogus website, you place it into the hands of identity thieves,” Grant said.

 

Bank of America will never contact you via e-mail, telephone, or mail asking you to update or confirm your account information.

 

1.         Where does the investigation stand?

The Secret Service is actively participating in the investigation with Bank of America and other law enforcement officials.  Law enforcement authorities have indicated that they believe the tapes are lost and that there is little possibility that the data will be misused.

 

2.         Why were we not notified immediately?

This is an active investigation which may be compromised by release of too much information.

 

3.         I don’t have travel authority.  I only have purchase authority.  Am I affected?

It is probable that all DOI cardholders' information is included in the missing data.  All DOI accounts are being monitored.

 

4.         I’ve heard that the missing tapes were not encrypted.  Is this true?

Standard banking security procedures were followed.  Specific security measures may not be divulged for obvious reasons; however, we may tell you that the data may not be accessed by standard equipment or ordinary means.

 

5.         Can I have my social security number and personal information removed?

No, financial institutions are required by the Patriot Act to collect and maintain this information before issuing a credit card.

 

6.         How can I obtain a credit bureau report?

For current cardholders, as allowed for by law, Bank of America has contracted with TransUnion, a national credit bureau, to notify you if certain activity on your credit report (including personal accounts) may indicate the possibility of fraudulent activity.  You may reach TransUnion at 1-800-526-9104; give the special customer access code: 9870.

 

7.         Should I expect to see my government charge card account on my credit report? 

No, your government charge card account will not appear on your personal credit report.  The exception being, in accordance with the GSA SmartPay contract, any cardholder whose past due account has been cancelled and is not in a Bank of America approved payment plan may be reported to the credit bureaus for having a past due account.

 

8.         Who do I call to review my account?

For general questions on your government account, call Bank of America Government Customers Service Unit at 1-800-472-1424.

 

9.         Who do I call to confirm my information is contained in the missing data, and specifically what data elements are included for my account?

Call the Special Bank of America Project Office toll-free number at 1-800-493-8444.

 

10.       Will cards be reissued?

There are no plans to reissue government charge cards.  These accounts are being monitored.  If you close your government charge card account, without opening a new account, the national credit bureau with which the bank has contracted will not notify you if certain activity on your credit report may indicate the possibility of fraudulent activity.

 

11.       Must I use the government charge card for travel? For micropurchases?

Use of the government charge card is mandatory for official government travel and micropurchases where the card is accepted.  The government charge card continues to be a valuable tool in managing official government travel and acquiring goods and services for the government.  Use of the card allows access to government rates for airline tickets, and facilitates tax exemption allowing more funds to be used directly for Interior’s mission.

 

12.       Where can I go for the latest information?

A special message board has been established at

https://www.gov-eagls.bankofamerica.com


            ·          Go to “CLICK HERE” at the end of the Message Board for copies of letters, frequently asked questions such as “What is Bank of America doing to prevent fraudulent usage and identify theft of these accounts?  What happens if a customer believes that he/she has experienced identity theft as a result of this incident?


            ·          Go to “Privacy and Security” for information on Reporting Fraud and Identify Theft.

 

You may also link to this site from the Office of Acquisition and Property Management (PAM) homepage at http://www.doi.gov/pam/ under “New Releases” or “Integrated Charge Card.”