MSU Federal Credit Union was recently targeted by a Phishing Scam (~6:00 pm, 03/03/05). Very shortly after the incident, we sent a warning to over 65,000 of our members notifying them of the fraudulent message. (We have learned that some of these warning messages were blocked by spam filters, due to the wording of the message). The following is the official "talking point" list for inquiries about the current Phishing Scam targeting the MSU Federal Credit Union. - MSUFCU's computer system was not breached; our security was not compromised. - MSUFCU accounts are safe and secure. There is no need to take any action unless a member responded to the email and released personal financial information such as account, VISA card numbers, social security numbers, or PIN numbers. - We are uncertain of the source of the email address list. They appear to be mostly .edu addresses. University email addresses are easily available. Think of all the lists you sign and list your email address. It is the way the University communicates. Plus, they are published. - We have notified our members via a blanket email as to MSUFCU being a target of "phishing" scam. It is also on a banner at the top of our homepage. - Again, if the member gave out no information, no action is necessary. What should members do if they revealed information? + Call the credit union. We will remove ComputerLine access, VISA access if the member revealed a credit card number and ATM if PIN was revealed. + Come into the credit union and establish new accounts. + Notify the police department and Federal Trade Commission. + Contact the credit reporting companies and place a "fraud alert" on the report. This will make it more difficult for someone to apply for a loan with the stolen information. + Review credit report regularly. - We have notified the MSU police, the FBI, the Federal Trade Commission, and the NCUA. - Full details about the incident and what members can do if they responded and ways they can prevent identity theft can be found on our website at http://www.msufcu.org/ . - In addition, we have replaced our logo image linked from the Phishing Email so that it now displays a warning message. The image can be seen at https://www.msufcu.org/graphics/drk_msufculogo.gif . I would also like to add that the domain linked from the Phishing Email has been shut down and any attempt to link to the site will be served an 'HTTP Error 403 - Forbidden' message from the hosting site. Kevin Walter Operations Manager - Info Tech MSU Federal Credit Union 517-333-2319 ------------------------------------------------------- This electronic transmission and any information that it contains is the property of MSU Federal Credit Union and is intended for the use of the intended recipient. If you are not the intended recipient, any disclosure, copying or other use of this information is strictly prohibited. If you acquired this transmission in error or feel that any of the information contained within it is offensive or inappropriate, please contact [log in to unmask]