Scammers ‘Phish’ Emporia by e-mail
By Bobbi Mlynar
Originally published 12:57 p.m., November 5, 2007
Updated 12:57 p.m., November 5, 2007
At least four new e-mail scams have surfaced recently in Emporia.
One involved a “phishing” expedition, with the senders phishing to get personal financial information by warning recipients that the financial institution allegedly sending the e-mail was alerting its customers to a phishing scam.
The message stated that the Emporia State Federal Credit Union “is aware of new phishing e-mails that are circulating. These e-mails request consumers to click a link because of the compromise of a credit card account. Cardholders should not respond to this message, which says, in part:
“For your security we have deactivate (sic) your card.”
The e-mail goes on to say that the recipient should not respond to the message, and instead should call a toll-free number to have the card reactivated.
“Absolutely, we have not sent out that e-mail, nor would we ever send that type of e-mail,” said Angie Miller, manager of the credit union.
Miller said she became aware last week of another e-mail supposedly sent by CUNA Mutual insurance company, which is involved in insurance plans offered to credit union members.
“Whoever they are, they’re targeting Emporia for some reason,” Miller said.
Miller said that detectives, Federal Bureau of Investigation agents and phone companies had been working since last week to deactivate the toll-free numbers given in the e-mails. By mid-morning, one of the numbers had been eliminated and telephone workers were preparing to make the second number inactive.
A third scam is income-tax related and was noticed by Dan Robertson, certified public accountant with Agler & Gaeddert, Chartered. Robertson e-mailed clients and friends to warn them that one of his clients had received an e-mail purporting to be from the Internal Revenue Service.
Robertson’s e-mail cautioning clients and friends not to respond has been circulating for several days. This morning, he received a second e-mail scam related to the IRS.
“There was another one that came out today,” he said.
Robertson included in his first e-mail information from the IRS Web site.
The initial e-mail tells taxpayers that the IRS has calculated their “fiscal activity” and that they are eligible to receive a tax refund. Taxpayers are directed to a Web site titled “Get Your Tax Refund!” that mimics the appearance of the IRS’s own “Where’s My Refund?” page.
On both the fraudulent and the real IRS Web site, taxpayers are asked to enter their Social Security numbers and filing status.
“However, the phony Web page asks taxpayers to enter their credit card account numbers instead of the exact amount of refund as shown on their tax return, as the real ‘Where’s My Refund?’ page does. Moreover, the IRS does not send e-mails to taxpayers to advise them of refunds or to request financial information.
The newer e-mail scam appears to be a solicitation from the IRS and the U.S. government for charitable contributions to victims of the recent wildfires in California.
“A link in the e-mail, when clicked, sends the e-mail recipients to a Web site that looks like the IRS Web site, but isn’t,” Robertson said. “They are then directed to click on a link that opens a donation form that asks for personal and financial information.
“The scammers can use that information to gain access to the e-mail recipients’ financial accounts.”
Robertson said that the e-mail uses an actual speech about the wildfires made by a member of the California Assembly to lend credence to the scam.
He added that the IRS also believes that clicking on the link downloads malware, or malicious software, onto the recipient's computer.
More information on such scams may be viewed at http://www.irs.gov or by calling the Treasury Inspector General for Tax Administration, (800) 366-4484.
slipandslide (anonymous) says...
why is the credit union always the target?
November 5, 2007 at 2:17 p.m. ( permalink | suggest removal )
create (anonymous) says...
Good question, slipandslide, I was wondering the same thing. Might there be someone on the inside involved? Never can tell.
November 5, 2007 at 2:43 p.m. ( permalink | suggest removal )
steakbuffet (anonymous) says...
Bank of America was also named.
November 5, 2007 at 3:13 p.m. ( permalink | suggest removal )
hottopics (anonymous) says...
I guess I have learned whats legit and isnt by now. Its a shame that people are still falling for this emails. I used to get them all the time but now hardly at all anymore.
Nothing is sacred anymore.
November 5, 2007 at 3:57 p.m. ( permalink | suggest removal )
traceygraham (Tracey Graham) says...
I'm still getting these kinds of emails all the time. Many from banks of which I am not a customer, so I know the messages are bogus. If I ever did get one from ESFCU (of which I _am_ a customer), I wouldn't respond by clicking on a link in the email, I would contact ESFCU directly. I think it's possible the reason ESFCU appears to be "targeted" is that they're the ones that seem to be _catching_ these things most often. There aren't many ESFCU members falling for the phishing scam, but they are reporting it to ESFCU, who in turn reports it to the Gazette, which in turn prints a warning to all of us.
What I'm wondering is why it's possible for someone to set up an 800 number and not get caught. The government can wiretap us if they think we might be a security threat, but they can't catch these scumbags preying on people foolish enough to respond to BS emails?
November 5, 2007 at 7:35 p.m. ( permalink | suggest removal )
mattas (anonymous) says...
How in the world could anyone think that this was an inside job? Use a litte common sense. Don't you think that the people that work at the credit union already have access to all of the information without having to phish for it.
November 5, 2007 at 9:38 p.m. ( permalink | suggest removal )
lorint (anonymous) says...
I got the "Bank of America" version of this scam this morning. I made a recording of the phone call and posted it on my blog:
http://geekswithblogs.net/lorint/arch...
Pretty sly. I'm sure it's tripping up quite a few people.
November 9, 2007 at 10:16 a.m. ( permalink | suggest removal )