LEWISTON – The 17,000 members of Maine Family Credit Union are the latest targets in an Internet scam that tries to dupe people into revealing personal financial information.
“It’s the scam-du-jour,” said Jon Paradise, public affairs manager for the statewide Maine Credit Union League. “Consumers have to understand that this is not the way financial institutions operate.”
Maine Family Credit Union members and others have received e-mails warning of attempts to breach personal accounts. To protect those accounts, the e-mail asks members to click on a link, which brings them to a screen bearing the Maine Family Credit Union logo. Members are then instructed to fill out boxes for name, credit card number, expiration date and PIN numbers for access to ATM machines.
“It’s definitely a scam,” said Ron Fournier, president of Maine Family Credit Union. “We’ve been trying to notify everyone not to respond to requests for personal information of any kind.”
Fournier said the credit union has received about a dozen calls from e-mail recipients.
“But it’s the ones who don’t call that you worry about,” he said. He said he’s unaware of any members who have provided their personal account information to the scammer.
This scam – dubbed phishing – is the latest in a string that started about three months ago. Paradise said several other credit unions and some banks have been the targets previously. The league’s security technology people began investigating when the first scam appeared in late summer and traced it back to China. He said the FBI was notified at that point.
“Unfortunately, as soon as we get to the bottom of one, another pops up,” said Paradise. He emphasized that the e-mails are trying to elicit personal financial information are not attempts to hack into the credit unions’ databases.
Neither Paradise nor Fournier knew where the scammer was getting the e-mail addresses. Credit unions don’t sell client lists to marketing companies, Paradise said.
Fournier said he heard speculation that the scammer might be scraping e-mail addresses from institutional or municipal Web sites and dumping them into his own database.
Both men advised consumers to be on the alert for future scams.
“Never give out personal financial information, account numbers, Social Security numbers, via e-mail,” said Paradise. “If an e-mail from a financial institution is unsolicited, don’t open it.”
Comments are no longer available on this story