CUNA TEXT MESSAGES SCAM >>

Greetings:

CUNA Mutual alerts credit unions of this risk. Please pass this information on to all appropriate employees. If your credit union has experienced a loss, contact our Credit Union Protection Response Center at 800.637.2676.

Details:
Credit union information received within the last week suggests an increase in phishing activity.
The fraud appears to be widespread geographically and fraudsters are utilizing a variety of ways to obtain personal member information. Educating members may be a never-ending process, but credit unions must remain committed to this task so scammers are not able to trick members into divulging personal and financial information. Examples of recent reported phishing activity includes the following:

Text messages were sent to members indicating they should call a specific number and provide credit card information based on a freeze on their account.
Computerized calls to members indicated possible tampering of their check cards and asked them to enter their 16-digit check card number. The phone number shown on Caller ID appears to be a legitimate number, possibly hijacked by the fraudsters.

Members were blanketed with phone and text messages stating their cards had been suspended and directed them to call a number to reactivate. When members call back, they are instructed to input their card numbers and PIN. It is our understanding that counterfeit cards were then created and ATM/Debit card PIN-based transactions took place in Romania. For this to happen, we believe that most likely CVV/CVC counterfeit protection encoded in the mag stripe was not validated. Please reference our previous risk alert on CVV/CVC/CV PIN validation for more detailed information.

Fraudulent e-mail and text messages are being sent to appear as if they are from the credit union. The credit union's Web site has been re-created by the scammer, who then asks members to enter their card numbers, expiration date, PIN andCVV2/CVC2 numbers. Members are also being called in the middle of the night stating their cards are experiencing fraud, and they are then asked to provide personal information.

Credit cardholders received a telephone message from an unknown party who left a telephone number for the member to call. The caller ID read 'economic relief.' When members returned the call, they were prompted to press 1 to lower rates, a person then came on and asked for social security number, credit card number, etc.

The Credit Union National Association (CUNA), NOT CUNA Mutual Group, has also been the subject of recent phishing attacks. Credit union members received e-mail messages appearing to be from legitimate e-mail addresses for CUNA and other credit unions stating "Your card has been deactivated." The members are directed to call an 800 number (there are multiple 800 numbers being used) to 'activate' their card and PIN. One aspect of this scam causing particular concern is the realistic nature of the call: a message indicates all operators are busy, callers hear music for several seconds, and then a normal sounding (non-computer generated) voice prompts them to leave their name and a callback number. Our understanding is they will receive a call back from an actual person making the request seem valid. For additional information, please link to the Fraud Alert on CUNA's Web site. Credit Unions can report suspicious activity and phishing emails for CUNA by sending the information to: abuse@cuna.org.

Unfortunately, the threat of fraud due to phishing attempts continues to be very active. Fraudsters are increasing in sophistication and this type of activity shows no sign of slowing down. In these economic times, it is even more critical to continue educating members on the various ways fraudsters try to obtain their personal information for financial gain.

Loss Prevention Recommendations:

Educate your members that you will NEVER solicit personal or financial information.
Instruct members NEVER to respond to requests for information unless they initiated the request - explain this includes requests via e-mail, phone, text messaging or through the mail.
Work with your internet provider or telephone carrier to shut down fraudulent sites or phone numbers.

Make member education an ongoing priority using a variety of communication methods - credit union web site (home page and occasional alerts once they are signed in), newsletters, statement stuffers, phone messages, lobby notices, or any other delivery method you find effective.
Additional resources on phishing, smishing, and vishing scams and detailed loss prevention recommendations are available in our August 2008 Risk Alert on Phishing, Smishing and Vishing.
If you are aware of a risk in your area, whether it has struck your credit union or not, please complete the Report a RISK Alert form.

The information contained in this RISK Alert is intended for the sole use of our Credit Union Bond policyholders to prevent fraud losses. Any further distribution of this information could subject you to liability under common law and various statutes including the Fair Credit Reporting Act.

CUNA Mutual Group does not provide any warranties or guarantees with respect to the performance of services by any vendor, and is not liable for any products or services purchased from any vendor by any credit union. Each credit union is ultimately responsible for determining the products and services that it may require, selecting the vendor that best meets the credit union's needs (whether or not a preferred partner), and contracting directly with that vendor.