From:C.U. Rewards [mailto:email@example.com] Sent:Monday, August 27, 2007 Subject: Credit Union $100 Reward Survey
You have been chosen by your Credit Union Online Department to take part in our quick and easy reward survey.
In return we will credit $100 to your account - Just for your time!
Helping us better understand how our customers feel, benefits everyone.
With the information collected we can decide to direct a number of changes to improve and expand our online services.
The information you provide us is all non-sensitive and anonymous - No part of it is handed down to any third party groups.
It will be stored in our secure database for maximum of 3 days while we process the results of this Survey.
We have come up with a new less stressing solution. You can complete our survey directly on your email fast and secure.
We kindly ask you to spare two minutes of your time in taking part with this unique offer!
Continue the survey by completing the fields below and submitting them.
After you finish,you will be redirected to official site of National Credit Union Association.
What do you think about the site appeareance:
What can we do to improve our service:
At the bottom of the email, the scammer wants you to provide your card number, expiration date, and ATM PIN number.
If you receive any email along these lines, DO NOT complete the survery but instead delete the email immediately!
Please remember, USFCU does not ask for your personal identification or financial information via email.If you receive any such email request, DO NOT click on any link or enter any information but notify us at (888) 202-1212 or (423) 989-2100.
Also, any e-mail that purports to be from NCUA and asks for account information should be considered a fraudulent attempt to obtain personal account data for an illegal purpose.If you feel you have received a suspicious email, please visit the following website
Below is an example of recent phishing email with fraudulent website url links:
From:Credint Union Coop-Network [mailto:firstname.lastname@example.org] Sent:Sunday, August 20, 2006 Subject: You account has been limited. Importance: High
Credit Union is constantly working to ensure security by regularly
screening the accounts in our system. We recently reviewed your account,
and we need more information to help us provide you with secure service.
Until we can collect this information, your access to sensitive account
features will be limited. We would like to restore your access as soon
as possible, and we apologize for the inconvenience.
In the latest credit card phone scam, the caller doesn't ask you for your account number; he already has it!The caller claims to be from the Security and Fraud Department at VISA/MasterCard, and even gives you a badge number, reference number, and a 1-800 call-back number, sounding very official.He says your account has been flagged because of unusual activity.The caller then asks if you made a specific purchase (naming a product, amount, and company location).When you say No, the caller says that he will credit your account for the amount.Heres the IMPORTANT part on how the scam works:he will then ask you to verify that you have possession of your card by reading the three-digit security number off the back.This number is what the scammers want, so they can make online purchases with your account.NCUA Phishing Email Alerthttp://www.ncua.gov/Phishing/phishing.htm to forward the email to NCUA and file a formal complaint with the FBI.
If you receive a call like this, hang up.Do not give out your 3 digit number!The important thing to you need to know is that while VISA/MasterCard or even USFCUs Electronics Department may call cardholders on suspect transactions, neither VISA nor the credit union (or any other financial institution) will ever ask for information contained on the card since they already know the information.
Vishing mimics phishing by trying to trap you into divulging your account numbers. But instead of being phished in an e-mail message, you may receive a telephone call from an automated random dialer, and the voice on the other end of the line may tell you your credit card has been used illegally. You're then asked to dial a fake 1-800 number with another voice that asks you to confirm your account details and credit card number.
If you give the information, you can count on your accounts being drained.
All this is possible because of Voice over Internet Protocol (VoIP), the new technology that makes possible inexpensive and anonymous Internet calling. And industry analysts are concerned that it's becoming more difficult to tell phish and vish from actual attempts to contact customers (USA TodayJuly 12).
A similar attack recently imitated PayPal (The Wall Street Journal July 17). The fraudulent message urged victims to call a California-based phone number to update credit card account information "to prevent any fraudulent activity from occurring." The number was traced to an Internet-phone service and shut down.
Take steps to avoid being vished:
If you get a phone call and someone asks you to give or confirm credit card or personal information, hang up. Then call your credit union or the financial institution that issued the card by using the phone number on the back of the card or on your statement and report the attempt. If the call was legitimate, the provider will know it (InfoWorld.com July 10).
If you get a call from someone who claims to be from a financial institution you do business with, and who knows your credit card account number but wants the three-digit code on the back of the card, immediately hang up.
If you get an e-mail message asking you to call a toll-free number to verify account information, delete the e-mail. Never provide personal information or account information based on an e-mail request.
Don't be fooled by the fact that the caller's phone number appears to be a regional telephone number--it could have been spoofed, which is easy to do using VoIP.
Be suspicious of any phone or e-mail contact that doesn't use your first name or surname.
Never dial a call return number--or reply to an e-mail--regarding any financial matter.