Hackers Spoof Credit Unions to Obtain User Credentials and Extract Funds: Avanan

In February, the National Credit Union Administration (NCUA) put out a statement noting that, due to the geopolitical climate, credit unions should “adopt a heightened state of awareness and to conduct proactive threat hunting.” Studies showed that 66% of credit unions lack proper email security to protect against phishing and 92% of credit unions don’t have strong enough email security. Avanan researchers have seen a significant uptick in spoofs of local credit unions, all with the goal of taking funds and credentials from end-users.

With that said Avanan, A Check Point Company published a new attack brief that analyzes how threat actors are impersonating local credit unions to get into inboxes. Hackers presented victims with a variation of attack strategies, ranging from wire transfer codes to incoming payment notifications to document alerts. 

I would recommend giving this report a look as it not only details the attack strategies, but it also makes suggestions as to how to mitigate these attacks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: