Scams

For those bonded by CUNA Mutual Group you may contact CUNA Mutual Group’s Credit Union Protection Resource Center to report your incident, sign up to receive RISK Alerts, or to inquire about other risk management/protection services; call 1-800-637-2676 or click on the following link:  CUNA Mutual Protection Resource Center.

FRAUD ALERT for Credit Union IT and Security Professionals!

The Credit Union Information Security Professionals Association (CUISPA) has issued a fraud alert to credit unions. The CUISPA communication stated there has been a great deal of fraud activity over the past week reported by credit unions. They referenced the CUISPA Alert titled: FRAUD ATTEMPT IN ONLINE BANKING.

CUISPA reported that “The attack is widespread and targeted at unprotected end-users (members). This is also the same type of attack leading to commercial account ACH fraud. If a member has reported a similar incident (pop-up) to you, you can assume their account has been compromised. Regardless of whether or not they provided card data on the pop up screen. To eliminate the malware, the member MUST completely wipe their drive. At this time many Anti-virus engines are still not detecting the variants of this malware and removing the code from ones machine or preventing its outbound notification, is difficult.”

CUISPA is interested in hearing from credit unions if they have experienced this type of fraud and how credit unions are choosing to notify their membership. To that end anyone wishing to provide feedback to CUISPA can do so by logging into https://alerts.cuispa.org/news.php to post questions and provide input. The site is free but requires registration/authorization.

Source: CUISPA www.cuispa.org

(Posted 1/11/10)

Important Card Fraud from CUNA Mutual Related to Heartland Payment Systems Breach!

January 8, 2010 CUNA Mutual reported that card numbers not blocked or canceled in association with the Heartland Payment Systems breach continue to be targeted for card fraud. Recent events indicate that fraudsters are still testing and successfully accessing these cards and committing fraud.

Please pass this information on to all appropriate employees. If your credit union has experienced a loss and you are a CUNA Mutual member, contact their Credit Union Protection Response Center at 800.637.2676.

Card numbers not blocked or canceled in association with the Heartland Payment Systems breach continue to be hit with card fraud. Recent events indicate that fraudsters are still testing and successfully accessing these cards.

If your credit union made a business decision to only monitor the impacted card numbers associated with the Heartland Payment Systems breach, beware. Fraudsters are committing fraud on cards that were not blocked or cancelled.

Over the holidays, several credit unions experienced card fraud within accounts where cards were not blocked and reissued, but were part of the Heartland Payment Systems breach. Here’s a summary of two different scenarios that occurred this week:

•  A credit union that did not block and reissue cards noticed a fraud trend on the monitored cards. Cards on a specific BIN were being targeted. Their fraud management system indicated a trend on their cards, which was also identified on their posting report. Initially, the fraud was focused in the Midwest, but migrated to the West, as well as some International locations. The fraud appears to be concentrated at superstores, supermarkets, and gas stations. Because of this additional fraudulent activity, this credit union is now taking immediate action to block and reissue the cards.

• Recently, a credit union that chose to block and reissue cards stemming from the breach noticed an increase in card testing – with fraudsters testing these cards for an authorization within seconds of each other. Because the cards were blocked and reissued, they were not authorized, and the credit union did not suffer any further fraud.
CUNA Mutual has alerted both Visa and MasterCard of the increase in activity and various scenarios.

Loss Prevention Recommendations:

If your credit union opted to monitor the card numbers listed on the Visa CAMs or MasterCard alerts rather than blocking and reissuing them, CUNA Mutual strongly recommends that you block and reissue any active cards that have not yet expired from the Visa CAMs or MasterCard alerts. The fraud ring continues to be extremely active and it is anticipated that the fraudsters will continue to target these cards until they no longer provide approved authorizations.

If you’ve seen very little or no fraud, stay alert to the fact that the fraudsters may find a BIN of card numbers that provide an approved magnetic stripe authorization. If you performed a block and reissue of your cards, you should not see subsequent magnetic stripe fraud related to the Heartland Payment Systems breach; the reissued cards have new CVV/CVC values and card expiration dates.

Related Resources:
• Important Card Fraud Update Related to the Heartland Payment Systems Breach 05.01.2009
• Heartland Payment Systems' Plastic Card Breach: What Should You Do? 01.20.2009

Source: CUNA Mutual Risk Protection Center Alert

(Posted: 1/11/10)

New Recruitment Scam Using Craigslist Targets Credit Unions

Advertisements have been posted on Craigslist as part of member recruitment scams nationwide. The ads solicit current credit union members and offer $75.00 or more for their assistance in gaining membership for ineligible individuals. This scam is targeting credit unions and members across the country.

The following are samples of Craigslist ads targeting credit union members for this recruitment scam:

If you’re a ABC Credit Union Member MAKE SOME EXTRA $$
This is NOT a scam! I am willing to call you and discuss extensively! I need a ABC Credit Union Member to sponsor me into the credit union. I am willing to pay $100 USD for this service. Please email me and we can discuss this in detail. This is a 1 day process and I want to become a member for investment account/interest rate purposes.

Need to find a XYZ Credit Union Member
I was just approved for a visa credit card with XYZ Federal Credit Union and they called me and said that they can not process the application if I do not know any existing member or if I am not employed at one of the list of companies they have. To become a member you have to know a member. So now my app is on hold until I can find someone who is already a member. If you know someone, please tell them to contact me.  I am willing to pay $500. And all they ask for is the members name and member number. Thanks.

ABC and XYZ Members Needed!!!
If you are a ABC or XYZ Federal Credit Union member we will pay you $75.00 per member to sponsor other that would like to join the credit union but do not meet the membership requirements. Please email for details.

Please be aware of these scams and make sure that your credit union members are aware of these scams.

(Posted: 1/11/10)

Hacker in TJX Breaches Pleads Guilty in Heartland and Hannaford Bros. Breaches

On December 10, 2009, CUNA News Now reported that the man responsible for the TJX Cos. data breach in 2007 and 2008 has agreed to plead guilty to two of the largest data breaches in history—the Heartland Payment Systems and Hannaford Bros. grocery chain breaches—as well as breaches at 7-Eleven stores.

CUNA goes on to say, “According to a filing on Dec. 2 with the U.S. District Court in New Jersey, where the Heartland charges were brought in August, Albert Gonzalez, 28, of Miami, Fla., has entered into a plea agreement.” (Reuters Dec. 9 and wired.com Dec. 8).

The hacking compromised millions of cards and accounts, and caused headaches and losses for thousands of credit unions and other financial institutions, spawning class action lawsuits against the companies breached. The breaches also raised questions about the effectiveness of payment card industry security standards and who should pay for losses incurred when financial institutions had to reissue cards to millions of consumers.”

In August, Gonzalez and two unnamed Russian hackers were charged in New Jersey accused of stealing more than 130 million debit and credit cards from Heartland, a card-processing company, and the retailers. This past Tuesday, a federal judge transferred that case to merge with two other cases in Massachusetts where Gonzalez has already entered guilty pleas.

CUNA also reported that Gonzalez, a former Secret Service informant, “was charged with 10 other suspects in May 2008 in New York and August 2008 in Massachusetts with hacking TJX, OfficeMax, Dave & Buster's restaurants, and others. Gonzalez pleaded guilty to the charges and was to be sentenced Dec. 21 in Massachusetts on both cases. He faces 15 to 25 years in prison on the earlier charges.”

Source: CUNA News Now (Posted 12/11/09)

Email Scam Alert – CU’s notified they have won “Prestigious” Award

The New Jersey Credit Union League has been alerted that
recent emails notifying credit unions and other businesses that they have won prestigious awards from a national association appear to be part of a widespread scheme designed to get companies to pay for “Vanity” awards and plaques.

The Setup

The group behind the “awards” program is the U. S. Commerce Association of Washington, D. C. The association has been sending out email and news releases in recent months to businesses nationwide, telling them they have been selected as “outstanding local businesses” and offering them an opportunity to buy one or more awards to mark the honor. An email recently sent to Healthcare Employees FCU said in part, “I am pleased to announce that Healthcare Employees FCU has been selected for the 2009 Best of Princeton Award in the Credit Unions category by the US Commerce Association. In recognition of your achievement, a 2009 Best of Princeton Award has been designed for display at your place of business. You may arrange to have your award sent directly to Healthcare Employees FCU by following the simple steps on the 2009 Best of Princeton Award order form. Simply copy and paste this link into your browser to receive your award:” The email also conveniently has a link to its own website to the press release that announces your credit union has won this award.

The Scam

Once on its Web site, the U. S. Commerce Association says the award program was “created to honor and generate public recognition of the achievements and positive contributions of businesses and organizations in and around (targeted area named here).” Then the site requests credit unions/businesses to purchase its high-priced award plaques.

Tips to Help Credit Unions to Avoid Losing Money to a “Vanity” Award Program Scam
1. Learn everything you can about who is giving the award. If it is coming from a mystery company, chances are it simply wants your money.
2. If you didn't apply for an award, or the group cannot tell you how you were nominated, chances are the award is not legitimate.
3. Most legitimate awards do not come with costs for the recipient. If there is a cost, scrutinize even more closely.
4. Ask specific questions about how your company or organization was chosen for an award, and find out how many similar awards are given each year.
5. Check BBB reliability reports at www.bbb.org or by calling your local BBB office.

The Better Business Bureau (BBB) urges that area businesses exercise caution when dealing with this group or a related organization called the U. S. Local Business Association. Other than the material on its Web site, there seems to be little publicly available about the U. S. Commerce Association.

The Better Business Bureau posted a warning about this company on 7/7/09. To read the warning in full click on the following link http://spokane.bbb.org/article/all-that-glitters-us-commerce-association-awards-to-biz-may-not-be-what-they-seem-11397
(Posted 10-29-09)

If you have a scam or alert to report, please send the information, along with your contact information to info@njcul.org.