Phishing Scam Victimizes Members of a Credit Union

Several members of the New York-based Finger Lakes Health Care Federal Credit Union recently succumbed to a phishing attack and became victims of the scam. New10Now published this in news on February 25, 2008.

In phishing, the offender copies a genuine Website and uses it to deceive consumers into providing their financial, personal, and other secret information. In the current attack, a fraudulent e-mail was sent out to members in the name of the Finger Lakes Health Care Federal Credit Union.

The members of the union reported that the spoof site asks for their password and account number and on entering that information, it further asks for their debit card details so that their account could be reinstated from a supposed suspension.

The fraudulent e-mail seeks confidential information by further offering members $50-$80 for answering an online questionnaire. The online survey also approached non-members.

According to the Fraud Department of the credit union, authorizations of credit cards have been tentatively suspended. The union has advised customers to use a given telephone number to contact it for reviewing accounts and for waiving off any restrictions.

The union authority said that many people are inquiring if the e-mail is for real and many, who are not union members, are asking why such e-mail is sent to them. Using false e-mail for gaining people's financial and personal information is not new, but when a local organization's name is attached, it might coax people into believing and becoming victim of an old prank.

However, according to the union officials, phishing attacks are increasingly becoming common and more detailed with the e-mails appearing more official. Sometimes differentiating a real e-mail from an unreal one is pretty difficult. This is not the case with only specific credit unions as the disease of fraud does not consider what race or creed or gender it attacks.

The Finger Lakes credit union informed its customers that it never writes e-mail to tell account-holders about suspension of their account and never asks for personal data like debit card numbers. The union also advised customers to avoid opening the e-mails they find suspicious.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 3/3/2008