Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    May 2012
    S M T W T F S
    « Apr    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
    • About Us
    Malware Blog > A Treasury Trove of Phish
    May1
    10:21 am (UTC-7)   |    by

    At its official Web site, the U.S. Treasury Department Federal Credit Union (TDFCU) makes known that its mission is “to serve the financial needs of our members as a safe and sound cooperative financial institution under sponsorship of the Department of the Treasury.”

    Its members include employees of the Treasury Department, Department of Homeland Security, U.S. Courts, and other similar companies & organizations in similar fields of government service. The TDFCU also has members who live, work, and do business with other similar governmental organizations located in Washington, D.C.

    Recently, the TrendLabs Content Security team came across the phishing URL:

    http://75.145.112.12/homepage/www.tdfcu.org/index.php

    This loads a spoofed Web site that bears a close resemblance to the legitimate TDFCU’s online login page. This bogus site also lacks SSL security, as indicated by the absence of the lock icon in the status bar and the protocol used by the Web site.

    tdfcu

    One obvious indication that this is a bogus website is that no attempt has been made to disguise the phishing URL in the address bar, so it is quite easy for a user to determine that the website is not legitimate.

    The phishing site of course, also asks unwitting users for their IDs and passwords. After clicking the login button, the user will be redirected to a web page that prompts for information, which includes the Card Holder Name, e-Mail Address, Phone Number, Credit Card Number, Expiration Date, Code Verification Number, and ATM PIN.

    tdfcu2

    Of course, this site is now blocked by Trend Micro’s WCS (Web Classify Server).

    Like previous IRS-related phishing cases (see our posts here and here), this one could be targeting more high-profile personalities since members may belong to important government institutions (as mentioned in the beginning of this post). The TDFCU reminds its members that it does not send out e-mail requesting that the recipient download information onto their computers.

    At the legitimate TDFCU website, they advise: “If you receive a request that appears to be from the Treasury Department Federal Credit Union with attachments requesting that you download information to your computer for security, DO NOT DO IT.”

    That’s always good advice.

    Updated by Mayee Corpin (Technical Communications) & Paul Ferguson (Advanced Threats Research)





    Share this article
    		 Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon



    This entry was posted on Thursday, May 1st, 2008 at 10:21 am and is filed under Mobile . Both comments and pings are currently closed.



    Comments are closed.



     

    Other Trend Micro blogs
    CTO Insights
    CounterMeasures Blog
    Cloud Security Blog
    Consumerization Blog
    Fearless Web
    Internet Safety for Kids & Families
    Simply Security News
    Trend Micro Blog [German]
    TrendLabs Security Blog [Japan]
    Cloud Security APAC
    Trend Micro Free Tools Threat Encyclopedia Trend Micro Videos
    Do you have a product-related question? Visit our eSupport website.

    © Copyright 2011 Trend Micro Inc. All rights reserved. Legal Notice