|
|
 |
|
|
MSECU will never solicit
What is Identity Theft? Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes. The FTC estimates that as many as 9 million Americans have their identities stolen each year. In fact, you or someone you know may have experienced some form of identity theft. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Alerts!Scam alerts! There is a new phishing scam going around, this one is for the IRS and your refund. The lure email is shown below, and is quite standard in its formatting. It even threatens you with criminal prosecution if you lie.
The email reads: http://www.somedomainoutthere.xxx Nore: For security reasons, we will record your IP-address, the date and time. Deliberate wrong inputs are criminally pursuded and indicated. Regards, Internal Revenue Service Copiright 2008, Internal Revenue Service U.S.A. All rights reserved. ---------------------------------------------------------------------------- So far nothing special, until you click the link. It’s to an EXE, not to a website. When you download that and look, what you get is a locally hosted website with the phishing site shown below (broken in IE7):
This is a new twist in phishing attacks that can bypass the normal URL filtering bar for malicious sites. It requires that the mechanism that determines if it’s a phishing site recognize that EXEs can also be used in phishing. It makes sense that this would evolve, We suspect we’ll see more of this soon. ----------------------------------------------------------------------------------------------------------------------------------------------------------------
Scam alerts! We would like to make you aware of a NEW form of a phishing attack. As many of you know, Phishing is the attempt to send you an email that looks like it was sent by a credible source. The email typically tells you that your account has a problem and you need to update your information by clicking on a link within the email. The link typically looks like it's the right website but the hyperlink actually goes somewhere else. The following is an example of this new type of attack. Rather than asking the user to select a link in an email, the scammers have taken over a toll free phone number and asked that the member call this number and reactivate the account. The reason this is a little scarier is that we have spent countless hours training members not to click on links into emails but to call the Credit Union instead. This new form of attack utilizes that information to make the member believe that they are doing the right thing by calling the phone number. Also notice how the scammer reinforced the fact that the member should never click on a link in an email but should call the credit union directly. Here is what the letter would look like: --------------------Original Message---------------------------- From: Sent: Monday, November 12, 2007 5:28:15 AM Subject: Alert! ALERT Last Updated: November/12/2007 Dear Member, We will never contact you to obtain your personal financial data via any means, including email, USPS mail, instant message, etc. Why not? If you are a member, we already have it. If you receive any type of solicitation for that information, do not provide it--it is a fraudulent scam. If you receive any emails requesting this information, do not provide it, and do not click on embedded links in the email. Clicking on them may install spyware, Trojans, keystroke loggers, or other malicious software aimed at capturing your login credentials. See What is "phishing" section below for more information. Due to unusual levels of fraud we have had to suspend any future authorizations being conducted with your Check Card. Your Check Card is now inactive. How to re-activate your card. Call our Card Department from Monday through Friday, 7:00 a.m. to 7:00 p.m., and 8:00 a.m. to 1:00 p.m. on Saturday. Toll-Free (877) 228-0944 Our automated system allows you to quickly activate your card. Card Department (877) 228-0944 We apologize for any inconvenience this may cause. * * * * * * * * * As a test, we called the phone number above and entered in a fake 16 digit CC number, pin and expiration date. The first response from the system was that the card number was invalid and I had to enter it again. Once a user hears this, they may become a little less suspicious because it leads them to believe that it was actually checking a source file. We entered in the fake number a second time and it responded that the card was now reactivated. Interesting, even the scammers have controls in place for data integrity. If the user enters in the same number twice, the card must be valid... Please pass the information along to our members. ----------------------------------------------------------------------------------------------------------------------------
Please note: An MSECU Credit Union member reported to member support that he received an email saying that his account has been partially blocked by the online system due to incorrect password entry. Below is the text of the fraudulent e-mail. Always bear in mind: financial institutions and service organizations never ask for any personal credit card or financial information via e-mail. If you receive a message like the email below or something similar, DO NOT RESPOND, it is a phishing scam. Instead, please forward the email to phishing@ncua.gov and report this phishing incident to the Anti-Phishing Work Group at http://www.antiphishing.org/report_phishing.html mailto:support@paylinks.cunet.org> https://paylinks.cunet.org and enter necessary information. Should 3 of your attempts be invalid due to incorrect login/password entry, your account will be completely blocked. DO NOT RESPOND TO THIS E-MAIL. IT IS AN ATTEMPT TO CAPTURE YOUR PERSONAL FINANCIAL INFORMATION, WHICH IS THE FIRST STEP IN IDENTITY THEFT. --------------------Original Message---------------------------- From: IT Support Team (support@paylinks.cunet.org) < Sent: Thursday, June 28, 2007 11:03 AM Subject: Paylinks Credit Union support Mail.
Dear User (Client) ____________________________ Due to incorrect password entry, several attempts of access to our client's accounts have been detected and blocked by our security department within the latest day. At the moment, access to your account is partially blocked by the system. It means that you may browse accessible information, change settings but you can not make any transactions. In order to remove restrictions, you have to enter your login and password received at the moment of your account registration in our banking system as soon as possible. Just follow the link We hope for understanding and make our apologies for inconveniences
IT-Security department
-----------------------------------------------------------------------
Attempted Phishing 3/19/2007
Below is a copy of an email that is an attempt to phish the mail recipient. MSECU, the NCUA, CUNA and other Financial Service Providers will not contact you via email to obtain private and personal information. We already have it. This email is not legitimate and should be reported to the appropriate authorities.
Analysis reveals that the executable will take your data and send it to at least two different servers |
 |
Home | What's New | Rates | Products | Services | Online Services | About Us | Contact Us | Search |
|
 |
|
Privacy
Policy Notices, Terms, and Conditions Design & Hosting by Cavion Plus SM Browser Requirements Copyright © Harland Financial Solutions, Inc. All Rights Reserved. |
