Phishing Season is upon us - Watch for those Spoof e-mails

The following e-mail looks really official. As a matter of fact, the e-mail address it came from looks really official, memberservice@suneast.org. I know it looks official because I checked out SunEast Federal Credit Union on the internet and found that their website is www.suneast.org so the e-mail has to be right, right? Wrong! This is just another example of phishing or spoofing that is happening more and more on the web. These seemingly real e-mails come asking you to access your account through the link provided (this time through a telephone number) and then they have you. 

 

	Our records indicates a bank by phone password does not exist for your account. Please call us immediately at 1-877-280-9439 to activate this feature. We're available 24/7 to take your call. Please disregard this e-mail if you've already call us since the date this e-mail was sent. We appreciate your prompt attention to this matter. Thank you

My first indication that something was wrong was pretty easy, I don't have an account with SunEast. As a matter of fact, I can't figure out why I would possibly have an account with a Pennslyvania Credit Union when I live in Oregon. But they are not the only financial organization being attacked. I have gotten phishing attempts on Washington Mutual, Wells Fargo and Bank of America. The pirates are out there trying to get your information.

What do you do? Well, just deleting the phishing e-mail is OK, but better would be forwarding it to the financial institution that is being phished. Most organizations have a specific email set up at at something like spoof@financialcompany.com. In this case, I called Sun East and found out they want theirs sent to a specific person. If you are getting phishing e-mails, don't respond. Check them out. Forward the e-mail. Help get these guys caught.

 authored by Fred Chamberlin, senior mortgage consultant, Eugene/Springfield, OR, 541-342-7576