MADISON, Wis. (3/28/08)--The Credit Union National Association (CUNA) was taking measures Thursday to shut down another bogus web site that spoofed CUNA's website, www.cuna.org, in an attempt to phish for consumers' personal financial data. Such attempts occur periodically and in waves. The latest attempt, with a subject line "Claim your 200 USD reward" was received by a daughter of a friend of a CUNA editor in an e-mail addressed to "Dear CUNA Member." It says the member has been successfully selected in a random contest to win $200 "as one of our Credit Union's member." The catch: To claim the prize, the recipient must complete an online form by clicking a link which boots the recipient to a bogus look-alike site. The form, entitled "CUNA Survey," asks for the recipient's full name, credit union name, ATM/debit card number, expiration date, the card's CVV security code and the card's personal identification number or PIN. A number of errors can help tip off recipients that this and similar messages are phishing attempts:
* CUNA is a trade association, not a financial institution. There is no "CUNA Credit Union" and CUNA is not called "CUNA Organization." Its members do not have card accounts with CUNA. CUNA members are institutions, not individuals. * The subject line refers to "200 USD" or U.S. dollars reward, which suggests the writer is from a foreign country, not from CUNA's offices in Washington D.C. or Madison, Wis. * The message has grammatical errors. * Most important, CUNA would never make an unsolicited attempt to collect personal financial information via e-mail or the telephone.
The best thing to do is ignore the link and delete the message.