Phisher uses CUNA, Wal-Mart 'breach' as bait
From CUNA News Now:
MADISON, Wis. (4/9/08)--The Credit Union National Association (CUNA) and Wal-Mart Stores have shut down a new e-mail phish attempt purportedly from CUNA and advising of a Wal-Mart data breach.
"This scam is notable for several reasons," said Kevin Knope, director of Web services at CUNA:
- "It mentions a specific incident--a Wal-Mart breach--rather than the generic 'your account has been compromised.'"
- It does not state that the account has been locked. Instead it offers a benefit of "enhanced card security." "In more generic terms, it doesn't make a claim of urgency," said Knope.
- It provides a link to a legitimate third-party sight, in this case an antiphishing site, http://www.nophishing.org.
The message says CUNA is aware of a recent breach at Wal-Mart and its "Customer Security Team" is taking proactive steps such as gathering information and re-issuing compromised cards if necessary.
It encourages recipients to review their account and report suspicious activity, and it recommends they activate an "enhanced card security," at a phone number provided.
It also warns recipients to be alert to scams and not provide any personal or account information to anyone e-mailing or calling who claim to be from Visa and MasterCard. It offers more information about fraud through a link to the legitimate www.nophishing.com site.
CUNA took immediate action to stop the phish.
"CUNA and Wal-Mart have been working on the problem in parallel, and the number is offline as of this morning," Knope told News Now Tuesday.
View the entire phish message. » (pdf) |
