Imagine getting an email from the FDIC that not only claimed your bank account was in jeopardy, but warned that you were under investigation by the the likes of Tom Ridge, the Department of Homeland Security and various state and local law enforcement agencies. Sound scary? That's just what's been happening to some folks, who've received a strongly worded email claiming their account was used in violation of the Patriot Act and stating that the FDIC has withdrawn Federal Deposit Insurance as a result.

Phishing schemes
Phishing schemes are email scams designed to trick recipients into releasing personal account information, usually by persuading them to open an email attachment or follow a website link whereupon they are prompted for everything from bank card PIN numbers to social secuirty numbers and other critical financial details. a

URL spoofing
The FDIC email is just one of several email scams designed to trick users into following a specially crafted link which appears to take them to a legitimate site (in this case, the FDIC's), when in fact the site is someplace else entirely and run by criminals. In the past, simply verifying the correct address existed in the address bar sufficed to determine the legitmacy of the site. However, a recently discovered flaw can be exploited to effectively mask the site's true identity causing the web address of the legimate site to erroneously appear in the address bar of the browser.

This flaw has also been exploited in a similar phishing scheme affecting Citibank customers.