Phishing Scam Targets Military Credit Unions
A pair of phishing sites masquerading as credit unions used by military servicemen and servicewomen has been stealing personal banking information for months.
U.S. Strategic Command officials are joining leading security software vendors in warning soldiers serving in the U.S. Armed Forces to be on high alert for a new phishing scam that targets customers at a pair of credit unions catering to servicemen and their families.
Gen. Kevin P. Chilton, the STRATCOM commander, is warning soldiers and their families that bogus Web sites imitating both USAA, a popular insurance and financial services firm catering to military families, and the Navy Federal Credit Union have successfully stolen the personal and banking data of an unknown number of customers.
In a blog posting this week, Symantec officials said the phishing sites ask customers to fill in a form with their sensitive data to unlock what the corrupt Web page claims is a login error created by too many failed login attempts.
This information includes social security numbers, credit card information, birth dates and mothers' maiden names.
"The page also includes a fake CAPTCHA that accepts data irrespective of the number entered," Symantec's security team wrote. "When the sensitive information is entered, the phishing site states that the customers password is unlocked for logging in. The page is then redirected to the legitimate site."
Earlier this month, the Anti-Phishing Working Group (APWG) released a study that found that one phishing gang known as the "Avalanche" syndicate was responsible for more than two-thirds of the 126,000-plus phishing scams it unearthed in the last six months of 2009.
Facebook has become a particularly attractive target for malware cons because scam artists are often successful at using social networking friends and acquaintances to lure people into divulging personal information online.
Symantec said this latest attack comes from Web sites hosted on servers in Taiwan and variants of this particular phishing URL have been used to spoof other online brands, as well.