 |
 |
 |
|||||||
Click here to personalize this site. |
|||||||||
|
|||||||||
 |
|||||||||||||||
|
|
|
Recent Phishing Scam Warnings
Phishing Scam Claims to Help Fight Terrorism
March 11, 2008 - In a recent Phishing attempt, fraudsters suggest that you can help the Government fight terrorism and related money laundering by verifying your personal information. Several Credit Unions have contacted CUNA Mutual to report recent Phishing attempts designed to obtain several key pieces of personal information. The fraudsters' e-mail starts by suggesting that you can help the Government fight terrorism and related money laundering by verifying your personal information. Then, they attempt to lead consumers to a counterfeit Web site designed to trick recipients into divulging financial data, such as credit card numbers, account user names, passwords and Social Security numbers. Detecting a fraudulent e-mail can be difficult. Here are a few things to keep in mind:
Below is a copy of a recent phishing attempt that was reported to CUNA Mutual:
Be Wary of Storm Worm Virus, “Phishing and Vishing”
February 21, 2008 - Storm Worm Virus, Phishing, Vishing and other Email Scams lure people into giving up personal account information. Storm Worm Virus
Around holidays, such as Valentine’s Day, look out for spam e-mails spreading Storm Worm malicious software (malware). An e-mail directs the recipient to click a link to retrieve an electronic greeting card (e-card). Once the user clicks the link, malware is downloaded to the computer, which becomes infected as part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines through the Internet. The Storm Worm virus has capitalized on various holidays in the last year by sending millions of spam e-mails with an e-card link included. Valentine’s Day has been identified as another target.
FBI identifies recurring Fraudulent E-mail Scams
The FBI reports that cybercriminals are sending fraudulent e-mails to unsuspecting recipients about a complaint that has been filed with the Department of Justice, the Internal Revenue Service, the Social Security Administration, or the Better Business Bureau. They claim that the complaint names the recipient or their company.
The e-mails appear to be legitimate messages from the above departments. They address the recipients by name, and other personal information may be contained within the e-mail. The scam appears to be an effort to secure Personally Identifiable Information (PII), such as Social Security numbers and birthdates. The nature of these scams is to create a sense of urgency for the recipient to provide a response by clicking on a hyperlink, opening an attachment, or initiating a telephone call. The FBI suspects this e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the recipient. The virus is wrapped in a screensaver file, which most anti-virus programs are unable to detect as malicious in intent. Once downloaded, the virus is designed to monitor user name and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.
Vishing Attacks Increase Vishing operates like Phishing with scammers trying to persuade consumers to divulge their Personally Identifiable Information (PII), claiming that their account was suspended, deactivated, or terminated. Recipients are directed to contact their financial institution via a telephone number provided in the e-mail or by an automated recording. Upon calling the telephone number, the recipient is greeted with “Welcome to the (name of bank or credit union) …” and asked to enter their card number in order to resolve the pending security issue. For authenticity, some fraudulent e-mails claim the bank or credit union would never contact customers to obtain their personal information by any means, including e-mail, mail, or instant messenger, but not by telephone. These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain “malicious software aimed at capturing login credentials.” A new version recently reported involves sending text messages to cell phones, claiming the recipients’ online banking account has expired. The message instructs the recipients to renew their online banking account by using the link provided. Phishers Use Fake Caller ID Numbers
October 11, 2007 - In order to acquire sensitive personal and financial information, “Spoofers” are using phony caller IDs to convince victims that they're receiving a call from a bank, Credit Union or credit card company. In a new Phishing Scam, con artists are using phony caller ID numbers to solicit personal information and money. Thanks to the phony caller IDs, the “Spoofers” are able to convince victims that they're receiving a call from a bank, Credit Union or credit card company. The scammers use this technique to acquire sensitive personal and financial information, or even money, from their victims. The frightening aspect of this scam is that few people would ever think that the names and phone numbers appearing on their caller ID screens were not genuine. However, scammers are already using phony caller IDs and are posing as representatives of banks, credit card companies and government agencies. The problem has reached the point where Senator Bill Nelson from Florida is sponsoring legislation to ban the transmission of false caller ID numbers. “A similar bill has already sailed through the house,” reports ABCnews.go.com.
Unfortunately, anyone with Internet access and a few dollars can find a number of legal online services that supply fake caller ID numbers. ScamBusters.org reports that in just a few minutes of research revealed several services that tout the “benefits” of caller ID spoofing, including: maintaining the privacy of your caller ID number, changing your voice to sound like a male or female, and fooling friends and business associates, or business competitors. One firm claims its technology is suited to individuals in certain law-enforcement-related professions, while another advertises its services as inexpensive, easy to use, and great for “business or fun.”
Tips to avoid getting caught in this phishing scam:
IRS Warns of New e-Mail Scam Offering Cash for Participation in Member Satisfaction Survey
August 31, 2007 - The Internal Revenue Service (IRS) issued a consumer alert regarding a new, two-step e-mail scam that falsely promises recipients they will receive $80 for participating in an online customer satisfaction survey. In the scam, an unsuspecting taxpayer receives an unsolicited e-mail that appears to come from the IRS. The e-mail contains a URL linking to an online Member Satisfaction Survey. The e-mail notifies the recipient that he or she has been randomly selected to participate in a survey. In return, the IRS will credit $80.00 to the taxpayer’s account. There are references to the IRS in the from line and the subject line of the e-mail. The link to the survey and a copyright statement at the bottom of the e-mail also reference the IRS. The survey form features the IRS logo. In addition to standard customer satisfaction survey questions, the survey requests the name and phone number of the participant and also asks for credit card information. Once the fraudsters have a name and phone number, they will presumably call the participant and attempt to retrieve other financial information. The apparent objectives of this scam are to use the participant’s name and financial data to withdraw funds from the taxpayer’s bank account, run up charges on a credit card or take out loans in the taxpayer’s name. Taxpayers should be aware that the IRS does not send unsolicited e-mail. Additionally, the IRS never asks taxpayers for PIN numbers, passwords or similar secret access information for credit card, bank or other financial accounts. Recipients of questionable e-mail that appears to come from the IRS should not open any attachments or click on any links contained in the e-mail. Instead, the e-mail should be forwarded to phishing@irs.gov. Real Credit Union Phishing Scams
July 12, 2007 - Below are real-life examples of Phishing scams that have affected Credit Unions and Members: Jefferson Parish Employees Federal Credit Union - Harahan, Louisiana
On Tuesday July 3, 2007, the credit union was notified by phone and email that members of the credit union and non-members were receiving emails informing them that their accounts had been locked. To reactivate their account, they were to click a link that then asked for personal information regarding their accounts or credit card information. The emails have come in at least three different formats and include a stolen version of the credit union's logo. At least one member's Visa Debit card was cloned and used for six different transactions at two different banks. Kinecta Federal Credit Union - Manhattan Beach, California
Below is the phishing email that was used:
Dear User (Client)
Due to incorrect password entry, several attempts of access to our clients' accounts have been detected and blocked by our security department within the latest day. At the moment, access to your account is partially blocked by the system. It means that you may browse accessible information, change settings but you can not make any transactions. In order to remove restrictions, you have to enter your login and password received at the moment of your account registration in our banking system as soon as possible. Just follow the link [link deleted] and enter necessary information. Should 3 of your attempts be invalid due to incorrect login/password entry, your account will be completely blocked. We hope for understanding and make our apologies for inconveniences Amplify Federal Credit Union - Austin, Texas
Below is the phishing email that was used:
Dear Goamplify Customer,
We recently reviewed your account, and suspect that your Goamplify account may have been accessed by an unauthorized third party. Protecting the security of your account and of the Goamplify network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features. To restore your account access, please take the following steps to ensure that your account has not been compromised: Review your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure no changes have been made. If any unauthorized activity has taken place on your account, report to Goamplify immediately. To get started, please click the link below: [link deleted] We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire Goamplify system. Thank your for your prompt attention to this matter. Goamplify - Online Banking Sincerely, Goamplify Team. Unitus Community Credit Union - Portland, Oregon
Below is the phishing email that was used:
Dear Unitus Community Credit Union Member ,
Due to the recent phishing attacks targeting Unitus Community Credit Union we are currently launching a new security system that will improve the level of member service we can provide to you. In order to update your account and benefit from new facilities please update . To continue please click on the link below or copy and paste it to your browser: [link deleted] To enhance the security when accessing your on-line accounts, Unitus Community Credit Union has implemented an additional layer to our on-line security system. You may be requested to answer security questions in order to complete your log in to Unitus Community Credit Union Online Banking. Failure to authenticate your account may result in account malfunction, slow online experience or your account will be SUSPENDED. Denver Community Federal Credit Union - Denver, Colorado
The credit union received notice from a non-member who had received an email requesting non-public information to be entered into a website at [link deleted]. The site included their web banners, logo, and compliance information. It has since been disabled.
Hawaii Federal Credit Union - Honolulu, Hawaii
A mass email was used to lure recipients to a fake website that is a copy of the credit union's log-in page for their online banking. The email claimed that the member's last login was from a different computer and, for security reasons, they need to log in to this site to confirm their account. Once an account number is entered into the fake site, a pop-up states that it is an incorrect account number. Nothing else appears to be happening but there could be a hidden keylogger recording the account numbers entered.
Phishing Attempt: Taking Advantage of Consumers' Fears May 8, 2007 - A recent Phishing e-mail appearing to be from the National Credit Union Administration (NCUA), is targeting consumers', and their fear of security relating to the recent TJX Companies data breach. The false e-mail discusses the TJX Companies data breach, which was made public in January. The breach incidents spanned periods from 2003 through 2006. The Phishing e-mail gives the wrong dates for the breach and says Visa notified NCUA in January about the breach. The notice warns that magnetic strip information was being stored and your PIN may have been captured and strongly urges NCUA's Members to update their information within the next 48 hours. This false e-mail asked for the recipient to click on a link to verify their Credit Union account registration. If the recipient proceeded to do so, the link directed them to a false website and asked for their Credit Union account number and PIN, along with other personal information.
If you responded to such an e-mail and provided any confidential account information, please notify your Credit Union immediately of the scheme. You should also change your account’s PIN, and take any additional action recommended by your Credit Union to protect your account.
IRS Warns of Phony E-Mails Claiming to Come from IRS April 2, 2007 - The Internal Revenue Service alerted taxpayers about Internet scams in which fraudulent e-mails are sent that appear to be from the IRS. The e-mails direct the consumer to a Web link that requests personal and financial information, such as Social Security, bank account or credit card numbers. The practice of tricking victims into revealing private personal and financial information over the Internet is known as “Phishing” for information. The IRS does not send out unsolicited e-mails or ask for detailed personal and financial information. Additionally, the IRS never asks people for the PIN numbers, passwords or similar secret access information for their credit card, bank or other financial accounts. In the on-going e-mail schemes that use the IRS name, the recipients are asked to click on links to take them to the “IRS” Web site. The links appear authentic and connect the victim to sites that resemble the genuine IRS Web site (www.irs.gov). The sites then prompt the victim for personal identifiers, credit card numbers, PIN numbers or similar financial information. The phony sites appear legitimate because most of the images and content are copied from actual pages on the genuine IRS Web site before being modified by the fraudsters to include their loaded questions.
In response to the claims made in several of the fraudulent phishing emails, please note:
Last year, the IRS established an electronic mail box, phishing@irs.gov, to receive copies of possibly fraudulent e-mails involving misuse of the IRS name, logo or Web site for investigation. Since the establishment of the mail box, the IRS has received more than 17,700 e-mails from taxpayers reporting more than 240 separate phishing incidents. To date, investigations by the Treasury Inspector General for Tax Administration (TIGTA) have identified host sites in at least 27 different countries, as well as in the United States.
Recipients of questionable e-mails claiming to come from the IRS should not open any attachments or click on any links contained in the e-mails. Instead, they should forward the e-mails to phishing@irs.gov or notify TIGTA’s toll-free hotline at 1-800-366-4484.
Recently, the IRS has become aware of commercial Internet sites that bear a striking resemblance to the real IRS site or that contain the some form of the IRS name in their address but with a .com, .net, .org or other designation in the address instead of .gov. Though these sites may not be phishing sites — that is, they may not request private financial data in an attempt to steal the consumer’s identity — the IRS urges consumers not to be misled into thinking such sites are the genuine IRS Web site or have some connection to the real IRS. The only genuine IRS Web site is www.IRS.gov.
Telephone Phishing - VoIP Scam Calls
March 28, 2007 - Credit Union Members are receiving Voice over Internet Protocol (VoIP) Scam Calls that are automated and insistent that the cardholder call a toll free number to update important financial information. Once the toll free number is dialed an automated phone system asks for the card number, PIN and expiration date. VoIP lines are telephone systems that utilize the internet instead of traditional telephone land lines to deliver communication services, that are provided by companies such as Vonage. The low cost of VoIP lines and relative ease with which they are obtained have led Phishers to quickly adopt this evolving technology to attack consumers on an entirely new level.
|
 |
|||||||||||||||||||
 
|
|||||||||||||||||||
|
Help? | serviceplus@ibmsecu.org • National: 800.873.5100 | Local: 561.982.4700
|
| Copyright © 2008 All Rights Reserved |  |
 |