ILCU Warns About Hoax E-mail Targeting Credit Union
According to Irish Credit Union, it has issued an alert notice about a phishing e-mail scam that is currently circulating in Ireland and attacking the members of the union.
Security investigators said that the fake e-mail pretending to come from the Irish League of Credit Unions (ILCU) Account Review Department uses the subject line "Unauthorized access to your account" or "Security Alert", as it reaches the recipient's mailbox.
Moreover, the text message in the e-mail says that due to risks from online scams, the recipient is asked to submit certain personal details such as his payment card number by filling out a form available on a certain Website for confirmation.
Peter Oakes from the Financial Regulation Firm Compliance Ireland said that the new scam is highly sophisticated and the fraudsters responsible for it have obviously prepared themselves well, as reported by The Irish Times on October 30, 2008.
Exemplifying the phishers' cleverness, Oakes stated that the phishers were aware that the credit unions issue debit cards and not credit cards; therefore, to make their e-mail appear legitimate to the recipients, they worked hard to create a fake site of the Irish Credit Union.
Meanwhile, first-stage investigations helped Financial Regulation Firm Compliance to obtain the registration particulars of the fake Website that was sending the bogus e-mails. It was found that the Website was registered somewhere in California. Subsequently, the final investigation results helped the Financial Regulation Firm Compliance to trace the phisher who was based in Melbourne. But, according to other security investigators, the real place of the fraudster might be some other location and not Melbourne.
In addition to ILCU issuing the security alert, the Credit Union News too published a security warning on its official Website, asking members to remain vigilant of hoax or spoofed e-mails. The Credit Union News stated in its warning message that it wouldn't ever request its members for their login details for any kind of verification. The message also urges the members to erase such hoax e-mails as soon as they receive one.
» SPAMfighter News - 14-11-2008