More CUs report phishing, vishing scams

Several more credit unions reported that they have been fraudulently used in phishing and vishing scams that target consumers:

>> E-mails were sent to Vermont residents by scammers purporting to be from Vermont State Employees CU (VSECU), a $366 million asset, Montpelier, Vt.-based credit union, informing consumers of attempts to steal their personal information by compromising their credit card accounts. The e-mail tells recipients to call a Vermont phone number and asks them for their 16-digit credit card number to reactivate their card. Exploiting the public's increasing knowledge of scams, the e-mail even uses a copyright notice from VSECU at the bottom of the e-mail (The Barre Montpelier Times Argus Aug. 5).

>> Fraudsters posed as officials from Chesterfield (Va.) FCU, a $52 million asset credit union. The scam began with automated phone calls and then progressed to e-mails--all claiming to come from the credit union. Respondents were given a phone number to call and asked for personal information. In some instances, the phone number was toll free; in others, the phone connection went to Iowa and Oregon. The scam targeted members and nonmembers (Richmond Times-Dispatch Aug 6).

>> In a scam known as spoofing, thousands of members of Langley FCU, a $1.224 billion asset, Hampton, Va.-based credit union, received telephone calls Friday afternoon, with a recording asking them to call an 877 number that appeared to be from the credit union. When members called the number, they were asked for personal information such as a personal identification number for an account. The phone number has been deactivated by the phone company, according to the credit union ( Aug. 3).

>> Scammers targeted members of Three Rivers FCU, a $455.5 million asset, Fort Wayne, Ind.-based credit union, with a recorded message telling them to call in because security at the credit union had been breached. Once connected, the respondents are told to press "1" and enter their account number, making the information available to identity thieves. The credit union warned members that its security has not been compromised and that they should not respond to the recording (The Journal Gazette Aug. 6).

A fraudulent e-mail that appeared to be from the National Credit Union Administration (NCUA) that was sent to various credit union members provided a link to a mock-up of the NCUA website. Recipients were asked to provide credit card information and other personal data (Targeted News Service July 29).