**Cybersecurity Alert**

Phishing Email Targeting Credit Unions

Updated May 27, 2022

This Cybersecurity Alert urges credit unions to remain vigilant against phishing attacks and to alert them of a recent phishing scheme that has targeted credit unions.

Over the past few days, phishing perpetrators have targeted credit unions by asking them to complete a web form to stop the suspension of their email accounts. The email appeared to have come from an NCUA email address. However, these actors spoofed the NCUA email address in order to trick recipients into thinking a message came from the NCUA.[1]

A sanitized copy of the body of the phishing email follows:

Dear Valued Customer,

You requested your Email Account to be Suspended on May. 25, 2022, If you believe this is an error, Click on to cancel this request, else your Email Account will be Suspended.

We are sorry for any inconvenience this may cause but you must verify your personal information by clicking on the above link to complete the Email Verification form, else you will be unable to Send or Receive messages on your Email Account.

Recipients of this email should not click on any links and should immediately delete the email.

How to Avoid Being a Victim of Phishing Attack

  • Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information.
  • Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes clicking on or following links sent in email.
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the entity directly, by another means, such as the phone.
  • Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.
  • Take advantage of any anti-phishing features offered by your email client and web browser.
  • Use and enforce the use of multi-factor authentication.

The NCUA encourages credit unions to review the Cybersecurity and Infrastructure Security Agency’s Shields-Up website, which provides information regarding cybersecurity threats, including several resources and mitigation strategies.

Credit unions should also continue to report any cyber incidents to the NCUA, and your local FBI field office or the Internet Crime Complaint Center, and the Cybersecurity and Infrastructure Security Agency.

Also, know that the NCUA will never call, text, or contact you on social media to ask for money, personal information, or your login credentials for systems, like MERIT or your credit union’s network.


NCUA Risk Alert 22-RISK-01, Heightened Risk of Social Engineering and Phishing Attacks

NCUA Letter to Credit Unions 05-CU-20, Phishing Guidance for Credit Unions And Their Members