Fraud Alert – Phishing Scam


As we have all seen over these past few weeks, fraudsters are working overtime to coordinate illegal activities this holiday season. Our League will continue to keep credit unions apprised of fraudulent activity that is trending in the state. The more we share information, the better prepared we all will be to defend against this type criminal activity.

While phishing attempts are not new, we want to inform you of one that impacted a credit union in Maine this week.

What Is Phishing?

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, convinces a victim to reveal sensitive information. These types of attacks often occur by phone or email.

Scenario

A credit union was contacted by an individual claiming to be an officer with a local police department. The fraudster informed the credit union that debit cards had been turned into their station, and was inquiring if the accounts were active. The credit union of course denied the request to provide any account information, despite the caller’s persistency.

Reminder

While the League is reminding you about these types of phishing schemes, it is worthwhile for credit unions to educate their members about them as well. Phishing schemes can be executed in various ways, but these tips are helpful for members to keep in mind:

  • Your credit union, credit card company, or other financial institution will never call, text, or email you to ask that you confirm any account or personal details. Neither will a government agency like the IRS.
  • If you receive a voice, email, or text message from someone claiming to be a representative of your credit union, credit card company, or other financial institution and are unsure about responding to it, call them directly for assistance.
  • Regularly check your account online to see if there are any suspicious transactions that have occurred, especially if you are unsure about a communication you’ve received.
  • Change account passwords often and avoid using the same username and password on multiple sites. Keep in mind that secure passwords often contain letters, numbers, and special characters.
  • Never click on links or open attachments from unknown individuals or companies as it could enable malicious software.
  • Always contact your credit union right away if you believe your information has been compromised!