Credit union agency warns of fake CD-ROMsThe agency that supervises federal credit unions is warning institutions to be on the lookout for in search of; looking for. See also: Lookout fake fraud alert letters that are accompanied by CD-ROMs containing malware.The National Credit Union Administration The National Credit Union Administration (NCUA) is responsible for chartering, insuring, supervising, and examining federal credit unions (FCUs) and for administering the National Credit Union Share Insurance Fund. (NCUA NCUA National Credit Union Administration (US government) NCUA Nbcs Control Unit Atm ) issued a legitimate fraud alert this week, announcing that it was aware of at least one federally insured credit union that received the bogus letter. In an ironic twist, the package also contained two CD-ROMs that purportedly contained training material to defend against fraud.However, the fake fraud alert CD-ROMs are malicious, and the NCUA warned against loading them into a computer."Doing so could result in a possible security breach to your computer system or have other adverse consequences," the alert said.Paula Musich, senior analyst for enterprise security at Current Analysis, told SCMagazineUS.com on Thursday that this is the first time she has heard of a ploy like this, but she is not surprised.Though the risk of sending such a letter via standard mail may be higher than, say, delivering a malware-laden email, the ruse Ruse (r  `sĕ), city (1993 pop. 170,209), NE Bulgaria, on the Danube River bordering Romania. The chief river port of Bulgaria, it is also an industrial and communications center. could prove successful for its orchestrators, she said."It's a novel approach to trying to distribute malware," she said. "Given that it focuses on credit unions, I would hazard a guess that what they're after is access to people's accounts."Citing the recently released IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) X-Force report, which showed a noticeable decline in phishing Pronounced "fishing," it is a scam to steal valuable information such as credit card and social security numbers, user IDs and passwords. Also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their ISP, bank or retail establishment. incidents during the first half of this year, Musich said cybercriminals are finding alternative methods to perpetrating their scams as organizations get better at defending against digital message attacks."The creativity of these guys, I find amusing," she said. An NCUA spokesperson could not be reached for comment on Thursday.
|
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion