New phishing expeditions have a twist
MADISON, Wis. (1/13/06)--The latest round of phishing e-mails sent in consumers and credit union members is taking a new twist--preying on consumers' fears about their data and on the helpful nature of trustworthy credit unions and their associations. These are making it harder for some to determine that the message is fraudulent.
The Credit Union National Association (CUNA) as well as the National Credit Union Administration (NCUA) are almost constantly being phished. Staff at CUNA receive e-mails almost daily from people who say they received a phish under CUNA's name. Staff are on top of these incidents, in tracking and shutting down the fake pages and links. But different versions pop up later.
For example, on Thursday News Now's Scam Squad was forwarded this message purporting to be from "CUNA Security Department" with a mail address of "mailtoCUNAconfirm.org." There is no such department at CUNA or address.
It is addressed to "In attention to all Credit Union customers," and like many of the phishing expeditions of the past, it has is sent with "high importance" to create a sense of urgency.
The phish states: "As the Internet and information technology enable us to expand our services, we are committed to maintaining the trust customers have placed in us for protecting the privacy and security of information we have about you. In order to protect your information against unauthorized access, identity theft and account fraud we earnestly ask you to update your profile."
Then it provides a link that is not related to CUNA. To carry the security concern one step further, it provides a cautionary note with grammar errors (a tipoff that this is fake).
"If you received this notice and you are not the authorized account holder, please be aware that it is in violation of our policy to represent oneself as another Credit Union user. Such action may also be in violation of local, national, and/or international law. Credit Union National Association is committed to assist law enforcement with any inquiries related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that perpetrators are prosecuted to the fullest extent of the law."
To cap it off, the message features a logo for "I.D. Theft Coach" with the slogan "Protect Your Identity."
Credit unions will need to be vigilant in educating members about how sophisticated these phishing expeditions are becoming. Tell members that no credit union association, regulator, state league or association, or their credit union would send them a message via e-mail asking for identification numbers. Tell members not to use the link in these messages and simply delete the message.
More CU/System
News Now LiveWire
- Iowa Gov. Terry Branstad credited Dupaco Community CU for its role in helping an Iowa small business grow and create jobs. - 4 hours ago
- Iowa Gov. Terry Branstad visits Dupaco Community CU, notes CU's role in helping small bizzes grow & creating jobs in state. - 5 hours ago
- Gunman killed Friday in shootout w/ police outside PBC CU, West Palm Beach, Fla., I.D.'d as Christopher Brown, 18. No one hurt inside CU. - 5 hours ago
- In Wash Post article on ?end of Fannie and Freddie,? CUNA?s Hampel says CUNA, CUs are working on contingency plans. http://t.co/bzmi57mY - 6 hours ago
- John Bell, an employee of NC Community FCU, has announced his candidacy for the NC House of Representatives. - 3 days ago
- See all our Tweets and sign up; News Now LiveWire on Twitter
