PHISHING
ATTACKS ON THE RISE - YOU CAN NEVER BE
TOO SAFE
Recently, Gulf States received information suggesting an increase in phishing
activity. The fraud appears to be widespread geographically and
fraudsters are utilizing a variety of ways to obtain personal member
information. Examples of recent reported phishing activity includes the
following:
- Text
messages were sent to people indicating they should call a specific number
and provide credit card information based on a freeze on their account.
- Computerized calls to people indicated possible
tampering of their check cards and asked them to enter their 16-digit
check card number. The phone number shown on Caller ID appears to be
a legitimate number, possibly hijacked by the fraudsters.
- People were blanketed with phone and text
messages stating their cards had been suspended and directed them to call
a number to reactivate. When people call back, they are instructed to
input their card numbers and PIN. Counterfeit cards were then created
and ATM/Debit card PIN-based transactions took place in Romania.
For this to happen, it is believed that most likely CVV/CVC counterfeit
protection encoded in the mag stripe was not validated.
- Fraudulent e-mail and text messages are being
sent to appear as if they are from a financial institution. The
institution's web site has been re-created by the scammer, who then
asks people to enter their card numbers, expiration date, PIN and CVV2/CVC2
numbers. People are also being called in the middle of the night stating
their cards are experiencing fraud, and they are then asked to
provide personal information.
- Credit cardholders received a telephone message
from an unknown party who left a telephone number for the member to
call. The caller ID read 'economic relief.' When people
returned the call, they were prompted to press 1 to lower rates, a person
then came on and asked for social security number, credit card number,
etc.
- The Credit Union National Association (CUNA), NOT
CUNA Mutual Group, has also been the subject of recent phishing
attacks. Credit union members received e-mail messages
appearing to be from legitimate e-mail addresses for CUNA and other credit
unions stating "Your card has been deactivated." The members are
directed to call an 800 number (there are multiple 800 numbers being
used) to 'activate' their card and PIN. One aspect of this scam
causing particular concern is the realistic nature of the call: a
message indicates all operators are busy, callers hear music for several seconds,
and then a normal sounding (non-computer generated) voice prompts them to
leave their name and a callback number. The understanding is
they will receive a call back from an actual person making the
request seem valid.
Unfortunately, the threat of fraud due to
phishing attempts continues to be very active. Fraudsters are increasing
in sophistication and this type of activity shows no sign of slowing
down. In these economic times, it is even more critical to continue to be
proactive and aware of the various ways fraudsters try to obtain your personal
information for their financial gain.
Gulf States Credit Union will NEVER solicit
personal or financial information. NEVER
respond to requests for information unless you initiated the request - this
includes requests via e-mail, phone, text messaging or through the mail.
|
