Below are descriptions of recent scams we are aware of. Remember that if something is too good to be true, it usually is! Always feel free to contact us if you feel the least bit suspicious when someone calls you identifying themselves as a bank representative. You are the first line of defense in protecting your identity.

For more tips, click here.

Important Security Information for Business Wire Transfer Clients

There has been a recent increase in wire transfer and ACH fraud across the country. We are committed to the safety of you and your accounts, so we want to make you aware of some of the specific tactics that are being used to illegally authorize fraudulent transfers.

One scam is called Business E-Mail Compromise (BEC). Criminals use malware to gain access to the e-mail account of an individual who is authorized to make wire transfer requests; this person typically holds a high-level position or is a customer or vendor. The criminal uses the compromised email account to send a message to an employee at the business and instruct that funds be wired to a designated account. Since the instructions appear to come from a legitimate source, the employee will act on the request and send wire instructions to the bank, thus resulting in a monetary loss.

There are simple steps that you can take to protect your business, clients and employees from this unfortunate scenario.

  • Protect your email accounts. Do not click on links or open attachments, unless you are confident in the source.
  • Call to verify any changes to payment requests from a vendor or customer, or any instruction that is not common.
  • Do not call a number that is provided in the e-mail communication; use the contact information you have on file for the person making the request.
  • Use a method outside of email to verify any wire transfer requests.
  • Verify the instructions have come from a legitimate source before sending the request to the bank.

If you suspect wire fraud, immediately contact the Commercial Business Center at Sandy Spring Bank at 866-867-1570. You should also contact the FBI,, the U.S. Secret Service,, or you can file a complaint online at

If you have any questions, please call us at 866-867-1570. Thank you for your trust and business.

Fake website

This is an illegitimate website that pretends to be the official site which offers information on loans and bank accounts. Once you visit the site, you are exposed to malware and then redirected to the correct site, To read the full notice from the Office of the Comptroller of the Currency, click here.

Alleged SECURITY UPDATE from [email protected]

If you receive an email from [email protected], please delete it. This is a phishing email and was not sent by us. The link was directing users to a third-party site. Notice the awkward and improper grammar (in bold); tell-tale signs of a phishing email.

Dear Esteemed Customer,

Please be notified that we have introduced additional security features to our Online Banking Service to protect your account(s) from identity theft and other internet vulnerabilities. You are advised to enabled these Auto Updates & Protection on your account(s) immediately by registering on the below link.

Please click here to continue.

Auto Updates & Protection shall be enabled on your account(s) as soon as we verify your details. Regards,

Customer Protection Assurance Team

FDIC emails, faxes and mail

If you receive an email that appears to be from FDIC, delete it immediately. Do not open the email or click on any links contained in the email. The site listed in the email is not owned or operated by the FDIC and is likely to contain malware. The FDIC also reports that consumers and businesses are receiving fraudulent letters and faxes that appear to be from the FDIC and request sensitive personal information such as bank account numbers. This correspondence is being used in illegal schemes to collect sensitive personal information. You should NOT, under any circumstances, respond to the fraudulent requests.

For more information, go to:

Money Mule Attacks

Be on the alert for “money-mule” attacks — funds-transfer fraud exploiting the valid online banking credentials of small- and medium-sized businesses. In a typical scenario, the targeted entity receives a “spear phishing” e-mail which either contains an infected attachment, or directs the recipient to an infected Web site. Many types of spear-phishing have been used by criminal groups including messages impersonating the Better Business Bureau, US Court System, UPS, and others.

When recipients open the attachment or visit the Web site, malware is installed on their computer that harvests their business or corporate bank account log-in information. The victims in this scheme are called “money mules” because they simply serve as a conduit between the business bank account and the hacker’s bank account.

NACHA emails

(National Automated Clearing House Association)

If you receive an email that appears to be from NACHA, delete it immediately. Do not open the email or click on any links contained in the email. The site listed in the email is not that of NACHA’s and is very likely to contain malware.

Below is a sample email obtained from the website.

From: [mailto:[email protected]]
Sent: Thursday, November 12, 2009 10:25 AM
To: Doe, John
Subject: Rejected ACH transaction, please review the transaction report

Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:
Unauthorized ACH Transaction Report (this is the how the link is presented)

Phone Phishing

There are several types of fraud schemes employed throughout the country. A recent example: Bank clients are being called by con artists, claiming to be “employees of the bank”, to report suspected account fraud. The caller then proceeds to ask the client to provide account information to verify there is truly fraud. Once account and personal information has been disclosed, the con artists move quickly to remove funds from the accounts. Sandy Spring Bank never calls our clients to ask for their account information. If you receive such a call or an email remember:

  • Never give out your personal information, including account or Social Security numbers, in response to a call or e-mail that you did not initiate.
  • Never send account or personal information by unsecure e-mail.
  • If you suspect fraud, contact Sandy Spring Bank immediately at 800-399-5919, option 2.

Coca-Cola Promotion/Prize Reward, Promotional Draw, etc

This email or letter informs the recipient their email address was the winning entry from a drawing. There are several verions of this type of email hoax as well as other promotional myths which can be viewed on the Coca-Cola.


Sandy Spring has been made aware that fraudulent checks drawn on our bank are accompanying a letter announcing that the recipient is a lottery winner. Click here to view a sample letter. There are several versions of this letter circulating but the message is essentially the same. This is a scam and the checks will not be honored.

Please contact your local United States Postal Investigator (listed in your local telephone book) as this is considered mail fraud or destroy the check.

Text Message Scam

Recently a text message scam urged recipients to call a toll free number to activate their account, ATM or Check Card.

Please be aware, Sandy Spring Bank does not send out text messages requesting account numbers or passwords. Should you receive such a message delete it immediately.

If you have any questions please call us on 1-800-399-5919 and press 2 for our Client Service Center.

Ink/Toner Scam

Several variations of this scam exist. Most prevalent though is one involving an email or phone call to businesses offering toner and/or ink at greatly reduced prices. However when the invoice is received the price has been inflated. Additionally, beware of invoices you receive and insure you have received the good or services quoted prior to payment.