Insidious phishing email

Last week I received a email pretending to be from a credit union, in an email phishing attempt, which is insidiously credible. I can imagine that upwards of 90% of the population receiving this email would think that it legitimately came from their credit union. This email scam looks like a survey, from your credit union, where they are willing to pay you $100 for your opinion on a few simple questions. That sounds very much like something a credit union would do (well, okay, it’s a little bit too much to pay for a six question survey, but the most of the public doesn’t realize that.) Clicking the email takes you to a web page with the six easy questions. These questions LOOK legitimate… “Have you recently noticed changes to the speed at which our web site surfs? How would you rate our new banking system? Are you happy with the services we offer?”

Except for a few details, like the logo, and the fact that the amount being paid for your opinion is way too high, this email survey looks and smells very legitimate. Unfortunately, it will successfully fool many people. The scammers snare their prey immediately below the survey. The web page asks you for your account information so they can credit your account. They also ask you for your credit card number, CVV, expiration date, and PIN claiming that that is where they will credit your account. Very very sneaky! I know that many credit unions are trying to educate their members about phishing attacks like this. It’s just that I’ve never before seen one that was this cleverly convincing.

Advertisements

2 Responses to “Insidious phishing email”

  1. Jeffry Pilcher Says:

    You might want to take a screenshot of the URL/link before it gets pulled down. Scam sites have a way of disappearing quickly.

  2. Morriss Partee Says:

    Great idea Jeffry. Unfortunately I am too late. It was there for about 5 days, but now it’s gone. If I see another one like it, I’ll snap it and post it here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: