Attackers Use Phishing Attacks Impersonating Credit Union To Steal Credentials

A report from Avanan security researchers has exposed a new phishing campaign used by attackers. The campaign takes advantage of credit unions to steal money and information.

To compromise accounts, the phishing campaign uses different methods including wire transfer codes, payment notifications, and document alerts. The goal of the campaign is to convince the victims to enter their account credentials and conduct banking activities.

One of the phishing emails invites the recipient to click on a link to view their account statement and document online. Another email contains a link that claims to relate to an important notice.

The emails contain a link that takes users to a phony sign-in page impersonating the credit union. Information entered on the platform is therefore taken by attackers to compromise accounts and steal funds and information.

Avast offers several recommendations to protect users from phishing attacks. This includes scrutinizing the sender’s address before they respond to an email from their credit union, ensuring that they are cautious of any personal banking emails sent to their business email address.

Other security tips include conducting a careful examination of any URL in the email and calling their banks or credit union directly. Businesses are advised to put advanced cybersecurity defenses in place.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web