FMFCU Security Info
FMFCU Security Center | Web Targeting and PreventionOnline Targeted Attacks have become extremely widespread in today's Internet world. Fraudsters are targeting individuals, businesses, and worldwide corporations using some of the following:
Every day someone is attacked and their computer or personal information is compromised. FMFCU members need to be prepared to recognize these attempts and this section will help you understand what to look for when surfing the net or reading e-mails.
How It Works
The term Phishing comes from the fact that Internet scammers are using increasingly sophisticated lures as they "fish" for users' private information. The most common ploy is to copy the look and feel of a web page from a major site and use that design to set up a nearly identical page that appears to be part of the company's site.
LEARN HOW TO IDENTIFY PHISHING AND TAKE ACTIONIt is very important to read our section on how to identify phishing. Internet users around the world are getting phished daily and it's up to you to know how to prevent these criminals from getting your personal information.
How It Works
The fraudster sets up software to dial select phone numbers. When the phone is answered, an automated voice recording is played. It tells the consumer that fraudulent activity has occurred on their credit or debit card. It then instructs them to call a certain phone number which is actually the criminal's computer. Then the consumer is instructed to enter their card number, PIN, expiration date, and other personal information. Once the consumer does this, the criminal now can use the card and commit fraud.
Read how to protect yourself. This article from CNET.com explains it all.
This type of attack is not common and many ISPs have upgraded their software to prevent pharming since it's introduction.
Example: The fraudster sets up an 800 phone line to have people call in. They mail (yes, snail mail) bogus postcards or letters to victims and have them call the telephone number. Once the victim calls the telephone number, the victim provides all the typical information needed to validate an account. In the mean time, the fraudster collects what is needed and the victim is assured things are fine based on the validated information. The sad part is that the victim actually is completely unsuspecting that anything fraudulent occurred since they personally called the telephone number rather than receiving a call. It is also more assuring that the inquiry was via the mail. Based on simple marketing metrics for response rates, the numbers will add up for a fraudster to spend the money to mail the letters.
How the pharm works: The pharm uses a toll free number, which would have been registered, possibly using fake names or contact information. The appearance of a toll free number on the pharm resonates with the typical toll free phone numbers used by the legitimate financial institution. When users dial the toll free number, they are greeted by a recorded message apparently from the FI. Below is a transcript of a recorded message:
Pharmer: Welcome to FI account verification.
How It Works
Cell phone users receive messages that read: "We're confirming you've signed up for our dating service. You will be charged $2/day unless you cancel your order at our website."
Many consumers fearful of incurring premium rates on their cell phone bill visit the web site. However, once they arrive, they are prompted to download a program which is actually a Trojan horse.
Copyright © 2014 FMFCU. All Rights Reserved. Federally insured by NCUA.