In late June, the FBI reported that they are seeing an increase in spear-fishing attacks. The purpose of the attacks is to gain access to a computer network with the intent of creating fictitious identities and stealing personal information to steal money from unsuspecting individuals.
The FBI indicates that fraudsters will send an email that contains some form of personal information of the victim that may have been previously stolen from data obtained on social networking sites, blogs or other similar websites. This personal information is used to make the communication appear legitimate with the hope of having the recipient answer questions or open a link attached to the email. This link contains malicious software used to steal account numbers, passwords and other personal financial information.
The FBI identifies several tips and suggestions that should be kept in mind:
•Online businesses, including credit unions and merchants will not ask for personal information, such as usernames and passwords, via e-mail. When in doubt either call the credit union / company directly or open your computer’s Internet browser and type the known website’s address.
•Avoid using the telephone number contained in the e-mail, which is likely to be fraudulent as well.
•Avoid following links sent in e-mails, especially when the sender is someone you do not know or appears to be from a business / credit union advising that your account information needs updated.
•Keep your computer’s anti-virus software and firewalls updated.
•If you believe you may have fallen victim to a spear-phishing attack, file a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov/.