CUNA Website Subject of Illegal Phishing Message
SCENARIO/METHOD: CUNA (Credit Union National Association) Website Phished
The Credit Union National Association (CUNA ) Website is the subject of an illegal phishing message e-mailed to credit union members to collect their User Name and Password information. CUNA is warning people who receive the e-mail not to click on the link to the fake Web page and to instead delete the message. Do not click on the Website link in a message that's telling you that the organization's information is slightly out of date or incomplete.
The fraudulent message uses graphics from CUNA's Website. It uses the America's Credit Unions logo, contains the word "consumer" on the right side of the page and addresses the credit union member. It also has CUNA's copyright. The phish message says that "during our regular accounts verification, it has come to our attention that your credit union account may be slightly out of date or incomplete. This irregularity can and must be fixed through the Credit Union National Association Confirmation process that takes 10 minutes to complete and involves logging in and confirming your identity over a secure connection" at the link.
CUNA does not have such a link on its CUNA.org Website, and there is no confirmation process for accounts at CUNA, which is a national trade association for credit unions. CUNA does not have access to credit union member accounts. The phish message also warns that disregarding the notification means the member's account might be restricted, and the member won't be able to access the account online, pay their monthly bill online, review and download monthly statements or request a credit line increase or change of address.
LOSS PREVENTION RECOMMENDATIONS:
If you are a victim of a "phish" consider the following:
|
