Increasingly, credit unions and community banks are more likely to be targeted by cyber-attacks than larger financial institutions (FIs). This is due in part to hackers perceiving smaller organizations as easier targets. Another reason is the recent resurgence of traditional telephone voice phishing attacks. Criminals from all over the world are masking their location by using the same area code when voice calling credit union members and bank customers to gain access to their accounts. The crooks are taking advantage of geographically assigned mobile and landline phone numbers to enhance the ROI of their phishing attempts.

According to a recent Credit Union Journal article, new data from security firm AdaptiveMobile indicates there were 112,220 attack messages sent to U.S. FIs during a four-month period from mid-September 2014 through mid-January 2015.

In these phishing schemes, hackers sent SMS and email messages or made voice phone calls to consumers to attack credit and debit accounts. Cardholders received a message or a phone call that appeared to originate from their FIs, alerting them their card had been deactivated (detained, locked, frozen, etc.). Cardholders were then told to call a 24-hour cardholder service number.

Many of these and similar phishing attempts are carried out in the evenings and on weekends to avoid potential defenses that might be in place during daytime or weekday hours. This highlights the importance of offering 24×7 cardholder support like many TMG issuer clients do through TMG’s call center services. Our fraud experts continue to monitor trends, research new authentication technologies and collaborate with clients to educate consumers on risky behaviors.

continue reading »