28 March 2023
SMS Phishing Scam
***MEMBER NOTICE***
We've been made aware of a scam text, purporting to be from 'Credit Union', claiming that accounts have been 'placed on hold' and asking the recipient to click a link (to a cloned credit union website) to verify their account. Your credit union will never contact you by text or email asking you to click a link to verify your account.
If you get such a text or email, please do not click on the link. Similarly, if you receive a phone call masked to appear that it is from the number 01 614 6700, please do not answer, or if you do so, hang up immediately.
If you are in any doubt about any message you receive in relation to your credit union account, please contact us at 050491700 or visit one of our branches in Killenaule, Urlingford or Thurles.
Be Fraud Aware. Misspellings, an unusual website address or a message asking you to act immediately can all be warning signs that the message may be fraudulent.
This phishing scam has been reported to the Gardai at Pearse Street and we have also reported the matter to our website company who in turn have raised an abuse request with the company hosting the scam website. We hope to have the site taken down as soon as possible but this does not mean that a similar scam site will not emerge elsewhere.
DocuSign Phishing Scam
It has come to our attention that a sophisticated phishing scam has been circulating this week. This scam asks users to click on a link in a mail similar to the below examples to review or complete DocuSign documents.
Upon clicking on the link you are taken to a fake Microsoft sign in page. On the fake page you will be asked to input your email credentials, at this stage your account would be compromised. It is important to NOT download the file and delete the email immediately if you receive it.
Most web browsers display the URL of a web page above the page in an address bar. If you are expecting documents via DocuSign, please check with whoever you are expecting to send it to you that it is indeed from them. It is also strongly advised to check the URL (Web Address) of the site you are providing sign in details to. The fake sign in pages are extremely realistic, giving the exact look and feel of a real Microsoft page, even down to the branding.
The difference between a genuine Microsoft page and a fake sign in page are illustrated below. Ensure that the URL starts with login.microsoftonline.com
CUSOP have also alerted us about a new smishing technique that is currently circulating. All members please be aware of the following types of communication:
- Member receives unsolicited messages from an unknown number
- The messages typically claim to be sent from a son/daughter of the member
- The messages state that the sender has lost/damaged their mobile phone, their bank cards have been cancelled, have no access to funds & request an urgent payment to be sent to a 3rd party (in this context the Payee name and the IBAN is provided in the message)
- The fraudulent payment transfers were undertaken both online and over the counter in the credit union
It is important to note that scams can take many formats and you should remain vigilant in order to protect yourself. Below are some useful links for further information on common scams and steps which you can take to avoid becoming a victim of a scam.
