MSU Federal Credit Union was recently targeted by a Phishing Scam (~6:00 pm,
03/03/05). Very shortly after the incident, we sent a warning to over 65,000
of our members notifying them of the fraudulent message. (We have learned
that some of these warning messages were blocked by spam filters, due to the
wording of the message).
The following is the official "talking point" list for inquiries about the
current Phishing Scam targeting the MSU Federal Credit Union.
- MSUFCU's computer system was not breached; our security was not
compromised.
- MSUFCU accounts are safe and secure. There is no need to take any action
unless a member responded to the email and released personal financial
information such as account, VISA card numbers, social security numbers, or
PIN numbers.
- We are uncertain of the source of the email address list. They appear to
be mostly .edu addresses. University email addresses are easily available.
Think of all the lists you sign and list your email address. It is the way
the University communicates. Plus, they are published.
- We have notified our members via a blanket email as to MSUFCU being a
target of "phishing" scam. It is also on a banner at the top of our
homepage.
- Again, if the member gave out no information, no action is necessary. What
should members do if they revealed information?
+ Call the credit union. We will remove ComputerLine access, VISA access if
the member revealed a credit card number and ATM if PIN was revealed.
+ Come into the credit union and establish new accounts.
+ Notify the police department and Federal Trade Commission.
+ Contact the credit reporting companies and place a "fraud alert" on the
report. This will make it more difficult for someone to apply for a loan
with the stolen information.
+ Review credit report regularly.
- We have notified the MSU police, the FBI, the Federal Trade Commission,
and the NCUA.
- Full details about the incident and what members can do if they responded
and ways they can prevent identity theft can be found on our website at
http://www.msufcu.org/ .
- In addition, we have replaced our logo image linked from the Phishing
Email so that it now displays a warning message. The image can be seen at
https://www.msufcu.org/graphics/drk_msufculogo.gif . I would also like to
add that the domain linked from the Phishing Email has been shut down and
any attempt to link to the site will be served an 'HTTP Error 403 -
Forbidden' message from the hosting site.
Kevin Walter
Operations Manager - Info Tech
MSU Federal Credit Union
517-333-2319
-------------------------------------------------------
This electronic transmission and any information that it contains is the
property of MSU Federal Credit Union and is intended for the use of the
intended recipient. If you are not the intended recipient, any disclosure,
copying or other use of this information is strictly prohibited. If you
acquired this transmission in error or feel that any of the information
contained within it is offensive or inappropriate, please contact
[log in to unmask]
|