A report from Avanan security researchers has exposed a new phishing campaign used by attackers. The campaign takes advantage of credit unions to steal money and information.
To compromise accounts, the phishing campaign uses different methods including wire transfer codes, payment notifications, and document alerts. The goal of the campaign is to convince the victims to enter their account credentials and conduct banking activities.
One of the phishing emails invites the recipient to click on a link to view their account statement and document online. Another email contains a link that claims to relate to an important notice.
The emails contain a link that takes users to a phony sign-in page impersonating the credit union. Information entered on the platform is therefore taken by attackers to compromise accounts and steal funds and information.
Avast offers several recommendations to protect users from phishing attacks. This includes scrutinizing the sender’s address before they respond to an email from their credit union, ensuring that they are cautious of any personal banking emails sent to their business email address.
Other security tips include conducting a careful examination of any URL in the email and calling their banks or credit union directly. Businesses are advised to put advanced cybersecurity defenses in place.