Computer Crime Research Center


Phishing more phish

Date: January 16, 2006
By: Melissa Campbell

Four times in five weeks, someone went phishing for information from Credit Union 1 members. It's likely that thousands of Alaskans received e-mail messages last month that aimed to bait them into giving up their log-in passwords, personal identification numbers and even credit card information.

When a member clicked on the link, he was taken to a Web site that closely resembled that of Credit Union 1, and was asked to supply names, phone numbers and e-mail addresses. Another field asked for credit card information, including expiration dates, ATM PINs and online passwords.

It was all a bad guy needed to make a fake credit card, or simply go online, and go on a shopping spree.

"A few fell for it," said CU1 spokesman Joe Morrison.

He wouldn't go into specifics, but Pat Berry, CU1's internal auditor and security officer, said a couple members had money stolen from their accounts.

Credit Union 1 isn't the only financial institution in Alaska targeted for phishing scams. Alaska USA Federal Credit Union and First National Bank were also targeted in 2005.

Odds are if you've got e-mail, you've gotten phished.

"People will use any underhanded method - fear, intimidation, build trust - to get people to divulge information," said Erik Bjella, spokesman for First Bank, based in Ketchikan.

The Anti-Phishing Working Group, an association focused on eliminating identity theft and fraud, received nearly 16,000 unique phishing reports in October alone. That's an increase from 13,600 received in September.

Some 87 percent of those scams targeted financial institutions, the group said.

What happens when you're phished
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo