Review account statements regularly to ensure all charges are correct. If your account statement is late in arriving, call your fi nancial institution to find out why.  If your financial institution offers electronic account access, periodically review activity online to catch suspicious activity. 

IRS Phishing Emails - Tax Refunds

 CUNA Mutual alerts credit unions of the following risk. Please pass this information on to all appropriate employees.  If your credit union has experienced a loss contact our Credit Union Protection Response Center at 1-800-637-2676.

SCENARIO/METHOD: IRS Phishing Emails - Tax Refunds

The Internal Revenue Service and the Internet Crime Complaint Center have issued consumer alerts about an Internet scam in which consumers receive an e-mail informing them of a tax refund. One e-mail, which claims to be from the IRS, tells the recipient that they are eligible to receive a tax refund for a given amount.  It then directs the consumer to a link that requests personal information, such as Social Security number and credit card information.

Another e-mail titled "Refund Notice" claims to provide information to recipients regarding the status of their IRS Tax Refunds. The e-mail contains a link, which mirrors the true IRS web site. This site purportedly allows recipients to check the status of their IRS tax refund after providing the following information:

• First and last name
• Social Security Number or IRS Individual Taxpayer Identification Number
• Credit card information

The IRS has seen numerous attempts over the years to defraud the public and the federal government through a variety of schemes, including abusive tax avoidance transactions, identity theft, claims for slavery reparations, frivolous arguments and more. More information on these schemes may be found on the criminal enforcement page at

 What is phishing?

From the webopedia Computer dictionary: fishing) (n.) The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the users information. For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the users account was about to be suspended unless he clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBays site to update their account information. By spamming large groups of people, the phisher counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately.

Phishing, also referred to as brand spoofing or carding, is a variation on fishing, the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

Other forms: phish (v.)

Seacoast Credit Union wants to let our members know about this phishing fraud done through email and the internet. There have been other Financial Institutions that have had AUTHENTIC LOOKING email with an attached website sent to their members.  This website will ask for information such as Debit and Credit card numbers, PIN #s, expiration dates etc. 

Under no circumstances would an employee of Seacoast Credit Union request this information either by email or by phone! 

If you are unsure, please call Kristie Aversano @ 603-926-5653 and we will verify if it is from us.

•  Never submit information over the Internet through one of these emails.
•  If you have already submitted your information,  click on the

EXAMPLE 1 of PHISHING EMAIL

From:     F.C.U. Security Service {confirm@ncua.gov}

Sent:       Monday September 12, 2005 11:21AM

T

Subject:  {QUARANTINE} IMPORTANT: FCU Verification

Importance: Low

Credit union is constantly working to ensure security by regularly screening the accounts in our system.  We recently reviewed your account and we need more information to help us provide you with secure service.  Until we can collect this information, your access to sensitive account features will be limited.  We would like to restore your access as soon as possible and we apologize for the inconvenience

Why is my account access limited?

Your account access has been limited for the following reason(s):

*We would like to ensure that your account was not accessed by an unauthorized third party.  Because protecting the security of your account is our primary concern, we have limited access to sensitive Credit Union account features.  We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.

(Your case ID for this reason is PcU1-410-320-3334.)

At Credit Union, one of our most important responsibilities to your, our customer, is the safekeeping of the nonpublic personal ("confidential") information you have entrusted to us and using this information in a responsible manner.  Appropriate use of the confidential information you provide us is also at the heart of our ability to provide you with exceptional personal service whenever you contact us.

How can I restore my account access:

Please confirm your identity here: Restore My Online Banking and complete the "Steps to Remove Limitations."

Completing all of the checklist items will automatically restore your account access.

Phishing

www.IRS.gov.

 The IRS does not ask for personal identifying or financial information via unsolicited e-mail.

• Be mindful of groups reporting to be affiliated with legitimate organizations asking for donations or requesting you to visit their web site.
• Contact these organizations on your own.  Go to their web site rather than clicking on a link in an email sent to you.
• They may be fraudulent or hosting malicious code designed to steal personal financial information.
• Report suspicious Internet sites and emails to the government and for additional protection tips visit the Internet Crime Complaint Center at www.ic3.gov or the Federal Government's consumer information center at www.concumer.gov/tech.htm

 IMPORTANT- 3/29/2007

 IMPORTANT 3/15/2007

 IMPORTANT

Please be aware emails are circulating that trick you into giving out your personal information.  Including but not limited to the following: name, social security number, Debit / Credit card numbers, PIN numbers etc. 

Please remember that Seacoast Credit Union would NOT ask you to submit such confidential  information.  If you receive an email that is questionable, please DO NOT REPLY,contact Seacoast Credit Union immediately.  We can be reached at 603-926-5653 option 4

We have been notified that there is an email going around that states if you fill out a survey Seacoast Credit Union will pay you $100.00. We are not conducting any such survey. This is a scam!

Credit union members are receiving VoIP scam calls that are automated and insistent that the card holder call a toll free number to update important financial information. Once the toll free number is dialed an automated phone system asks for the card number, PIN and expiration date. VoIP lines are telephone systems that utilize the Internet instead of traditional telephone land lines to deliver communication services.   This is a scam!