The NCUA received consumer calls about a suspicious text message claiming to come from the agency. The message reads: “National Credit Union Administration Alert for (recipient’s phone number). Contact 844-234-5445.”
“This is not a communication from NCUA. The agency does not seek personal information through the internet or on the telephone,” a press release from the agency stated.
The NCUA urged consumers to contact NCUA’s Consumer Assistance Center at 1-800-755-1030 between 8 a.m. and 5 p.m. Eastern for those receiving one of these messages. NCUA also recommended members contact their credit union, local law enforcement or the Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center.
This is not the first time the NCUA was an online phishing fraud target. In March 2015, the regulator issued a warning about a campaign, in which consumers received emails from a site named the National Credit Union website. The site appeared to originate in Australia and claimed to offer services in the United States, Europe and the Commonwealth of Independent States.
Opportunistic cybercriminals are tapping into the wealth of personal and behavioral data available online, or launching spear-phishing attacks intending to trick recipients into transferring money into bogus third-party accounts.
That was a major conclusion drawn from San Mateo, Calif.-based security provider Agari’s Executive Brief: Top Phishing Attacks, which reviewed some of the past year’s most newsworthy phishing attacks, lessons learned from them and available countermeasures.
Two recent examples of so-called CEO fraud involved Ubiquiti Networks’ finance department, which transferred $46.7 million into an overseas account held by external third parties; and, a Mattel finance executive wired more than $3 million to the Bank of Wenzhou after the supposed new CEO requested a vendor payment.