Phishing Scam Targets Tulsa Employees
Both Tulsa Teachers Credit Union (TTCU) and Tulsa Municipal Employees Credit Union have reported that several "phishing" schemes launched to attack their members as reported by Zwire on June 11, 2008.
Phishing is similar to brand spoofing, wherein e-mails claim to have been sent by legitimate organizations and businesses where the recipient might hold membership or deal with. The email usually carries an authentic-looking format and feature corporate logos that come with legitimate messages.
In the present case, the phishing scam includes an email that urges the recipients to fill-up surveys stating that their credit accounts have been compromised, necessitating an additional information. Then, the potential victim is asked to either make a call on a specified phone number or follow an Internet link and provide their personal credit account information.
After the phishing reports came in, Kristi Cohea, the Marketing Director at TTCU alerted all the members of the credit union neither call on any of the specified numbers nor divulge their account details over the links given in the email as TTCU database isn't compromised. These attacks are primarily to target non-members, as reported by Zwire on June 11, 2008.
In fact, following the instructions mentioned in the email would lead to the compromise of the account's security and enable the phishing scammers to rob the funds. According to a statement issued by TTCU on June 10, 2008, the fake emails have spread through the entire Tulsa city.
As the emails and text messages were sent randomly, a large number of non-members were the recipients too. The fake messages warned the recipient that their account had been terminated due to suspicious activity.
The credit union has explicitly denied all claims of its database being compromised and added that most phishing messages have reached people who don't have accounts with them. TTCU's phone system got overwhelmed due to a large number of calls enquiring about the scam. The credit union has also asked the recipients of the suspicious mails to forward them to Report_Fraud@ttcu.com.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 30-06-2008