Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    2:45 pm (UTC-7)   |    by

    The Trend Micro Content Security Team discovered two phishing URLs just within hours of each other that use legitimate credit unions to trick unknowing users into giving out confidential information.

    Here’s a screenshot of a page that spoofs the O Bee Credit Union:

    Figure 1. Sample phishing page.

    The page is hosted in the URL http://{BLOCKED}, which loads a survey. Credentials such as O Bee access IDs, passwords, email addresses, card numbers, and PIN numbers are stolen when these are entered in the survey boxes.

    The Quimper Community Federal Credit Union was also attacked by phishers.

    Figure 2. Sample phishing page.

    The URL http://www.{BLOCKED} loads a spoofed login site that instructs users to enter personal credentials such as account number and password.

    Figure 3. Fake login page.

    Clicking on the login button directs users to a spoofed confirmation page about filling the form. This page also asks users for account details such as full names, debit card numbers, and PIN numbers.

    The Trend Micro Smart Protection Network already blocks these URLs and protects users from the phishing pages.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice