Phisher uses CUNA, Wal-Mart 'breach' as bait

MADISON, Wis. (4/9/08)--The Credit Union National Association (CUNA) and Wal-Mart Stores have shut down a new e-mail phish attempt purportedly from CUNA and advising of a Wal-Mart data breach.

"This scam is notable for several reasons," said Kevin Knope, director of Web services at CUNA:

  • "It mentions a specific incident--a Wal-Mart breach--rather than the generic 'your account has been compromised.'"

  • It does not state that the account has been locked. Instead it offers a benefit of "enhanced card security." "In more generic terms, it doesn't make a claim of urgency," said Knope.

  • It provides a link to a legitimate third-party sight, in this case an antiphishing site, http://www.nophishing.org.

The message says CUNA is aware of a recent breach at Wal-Mart and its "Customer Security Team" is taking proactive steps such as gathering information and re-issuing compromised cards if necessary.

It encourages recipients to review their account and report suspicious activity, and it recommends they activate an "enhanced card security," at a phone number provided.

It also warns recipients to be alert to scams and not provide any personal or account information to anyone e-mailing or calling who claim to be from Visa and MasterCard. It offers more information about fraud through a link to the legitimate www.nophishing.com site.

CUNA took immediate action to stop the phish.

"CUNA and Wal-Mart have been working on the problem in parallel, and the number is offline as of this morning," Knope told News Now Tuesday.

To review the entire phish message, use the first resource link.

print this story email this story
Resource Links
Entire CUNA/Wal-Mart Phish: (pdf)
Perimeter Internetworking (CounterPhish)/CUNA Strategic Service
CUNA ID Theft Resources
Phishing: Don't Take the Bait


More CU/System

Copyright © 2012 Credit Union National Association