MADISON, Wis. (3/4/11)--Credit unions in several states are reporting recent text, e-mail, and telephone scams urging consumers to divulge their account numbers. Also, two credit unions reported counterfeit checks, CUNA Mutual recently alerted credit unions about unauthorized wire transfers through the Bredolab Trojan malware, and one credit union reissued debit and credit cards after a theft at a gas station. Among the reports:
* In Pennsylvania, someone posing as Beaver Valley FCU, Beaver Falls, is texting people and asking for personal debit and credit card information (Associated Press Newswires March 3). Police began receiving calls about the scam Tuesday and called the numbers given in the text message. One goes to North Carolina and another to Massachusetts. Two people fell for the scam and gave account information but no fraudulent transactions have occurred yet. On Thursday New Brighton police reported six such calls. Scammers are contacting people with cell phone numbers in the 724 area code (TimesOnline.com March 3). * ARC FCU in Altoona, Pa., told the Pennsylvania Credit Union Association recently that members received automated phone messages advising them of a problem with their debit/credit cards and instructing them to call in and enter their card number. Caller ID screens show the calls came from 1402, a number that is not associated with the credit union (Life is a Highway Jan. 31). * In North Carolina, a text message purporting to be from Tarboro-based Telco CU informs recipients their account has been suspended and asks them to call a telephone number to verify account information. Several people who do not have Telco accounts contacted the Asheville Police Department after receiving the text (Asheville Citizen-Times March 3). * Similar e-mail scams claiming something is wrong with an account are targeting Mobiloil CU members and nonmembers in Beaumont, Texas, said the Beaumont Police Department (Beaumont Enterprise Feb. 9). * West Community CU, O Fallon, Mo., cancelled and reissued about 250 cards whose numbers were compromised when a credit card machine was stolen from a Mobil station in St. Louis. (KSDK.com Feb. 21). * Security Service FCU, San Antonio, said that in January hundreds of people received automated calls from a 1-888 number about deactivated accounts and asking for account numbers (WOAI.com Jan. 31). The messages claim recipients' cards have been blocked and they must enter their account number and personal identification number to reactivate them. An example: "(888-891-2538) Hello. Call us now at 817-350-4570. Security Service FCU." Neither number belongs to the credit union.
Two credit unions--in Kansas and Pennsylvania--reported counterfeit checks circulating with their names. Lenexa, Kan.-based CommunityAmerica CU's name is used on counterfeit cashier's checks, said an alert from the Federal Deposit Insurance Corp. CommunityAmerica does not issue cashier's checks; it issues official checks. The bogus checks include a routing number, 011007092, assigned to Boston (Mass.) Safe Deposit & Trust Co. The credit union's official checks are through Moneygram Payment Systems Inc. and use an account held in the Boston Safe Deposit & Trust Co. The fake items display a security feature statement embedded within darkened top and bottom borders, and the word "CASHIER'S CHECK" in the top center. Authentic checks have a blue cubed background,dark blue top border, and a security feature statement centered above the bottom order. Seven arrows precede the numeric dollar amount. Also, Allegheny-Ludlum Brackenridge FCU in Brackenridge, Pa., said fraudulent checks with its name, address and ABA number are in circulation and use an account number from a closed account (Life is a Highway
March 3). The check--from GALA GLOBAL in Andover, Mass.--is for $980 and is enclosed in a letter about GALA's Member Pulse Survey 2011 for a Walmart evaluation exercise. It asks the recipient to deposit or cash the check "preferably at your bank and NOT at any Walmart location (so the employees at Walmart won't be tipped off)." And, finally, CUNA Mutual Group's Credit Union Protection Resource Center last month told credit unions that the Internet Crime Complaint Center (IC3) recently reported more than $150,000 stolen from a U.S. business through unauthorized wire transfers when a computer was infected with the Bredolab Trojan. The method of delivering the Trojan was different from cases using the Zeus Trojan in a money mule scam, according to the New Jersey Credit Union League's The Daily Exchange
(Feb. 3).. The Zeus Trojan was delivered via phishing e-mails sent to key employees at a business. Bredolab is embedded in e-mails received by the business in response to a job posting the business placed on an employment website. Bredolab compromises the business' online banking login credentials, which cyber thieves use to initiate wire transfers--one to the Ukraine and two within the U.S. Credit unions and other financial institutions will not use these methods to contact a member about an account, and will never solicit account information over the phone, e-mail, or through text.