The Agency Insider with Linda McGlasson

Phishy Credit Union Closed

Mich. Regulator Puts End to Internet-Based Scam
Phishy Credit Union Closed

Not something you see every day in our industry, but it was needed. The so-called Whitestone Credit Union had a website, a toll-free number and all the bells and whistles of a real brick and mortar establishment -- everything that it needed, in fact, except it was only a sham institution out to nab consumers' personal data.

The state's Office of Financial and Insurance Regulation says it looks like Whitestone, through its website and telephone answering service, was posing as a legitimate credit union. For some unwary consumers it was only bad news.

The problem is that this kind of scam hurts everyone in the industry. 

OFIR Commissioner Ken Ross says it looks like these scammers were posing as a legitimate credit union in order to obtain information used in identity theft. The fake financial institution was encouraging customers to apply for loans by providing personal information, including social security and financial account numbers. Whitestone's website is currently shut down, and the numbers have been disconnected.

Ross says consumers are encouraged to call the agency if they think they have discovered one of these classic phishing schemes. Further, he urges consumers to develop "face-to-face" or personal relationships with a financial institution before entering into a business contract. Prior to opening an account at an internet bank or credit union, consumers should check with their state bank regulators to verify the institution is legitimate.

Now, we see phishing attempts every day. In fact, today I got one from Navy Federal Credit Union. (Yes, you guessed it, I don't have an account at Navy.) Hundreds of attacks are made against banks and credit unions every week, some artfully worded, (like the one I got from Navy) and some with blatant misspellings in every sentence. So, yes, most people are used to seeing phishing emails land in their inbox.

But I see this incident as a sign of the times -- fraudsters will stop at nothing to get your customer's data. The golden keys of personal information -- name, social security number, credit card data -- are under attack from a different direction. If they can't get you to give information based on a real institution, they're starting to make them up!

The problem is that this kind of scam hurts everyone in the industry. It erodes the thinning layer of trust that consumers have for financial institutions. Bank reputations have been battered in the past year or so during the financial meltdown and the bailout. Credit unions, on the other hand, were looked upon by consumers as being more trusted.

For the real, legitimate internet-based institutions out there, like Realtors Federal Credit Union, in Rockville, Md., I'd say it would be a good thing to check out the new competition every time they appear.

As for the brick and mortar institutions, if you're hearing about a new internet-based bank or credit union in your area, take time to check if it is legitimate. We certainly can't afford to lose any more of the trust of our customers -- especially not to the likes of scammers and phishers.



About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.