While the NCUA continues to investigate an online phishing scam that attempted to convince consumers to provide personal information, a new report reveals that phishing remains an overwhelming security concern.
"NCUA is working with the appropriate federal agencies on this matter," John Fairbanks, public affairs specialist, said. "To date, we are not aware of any financial losses or loss of personal information as a result of this phishing operation."
The regulator issued a warning earlier in the week about a new phishing campaign, in which consumers received emails from a site named the National Credit Union website at ncuuk.cu.cc/corporate, which has since come down from that location. The site appeared to originate in Australia and claimed to offer services in the United States, Europe and the Commonwealth of Independent States.
The NCUA provided assurance that the copycat website was not affiliated with the agency, and recommended consumers should neither provide information nor attempt to conduct any financial transactions through the site.
Phishing schemes deploy emails that attempt to persuade individuals to provide personal information, such as Social Security numbers, account numbers and login information, or transfer large amounts of money through a provided web link. The individuals behind the attacks aim to imitate what people normally see on secure web servers and legitimate web addresses.
Data breaches, phishing and malware threats have proliferated as cyber criminals become more sophisticated and their methods stealthier. The Anti-Phishing Working Group, a global consortium of companies and agencies, counted 128,378 phishing sites in the second quarter of 2014. That represents the second-highest number of phishing sites ever detected in a single quarter.
There's no doubt the problem has kept some CIOs awake at night—a KnowBe4 co-sponsored study by Osterman Research revealed five out of six IT decision-maker concerns relate to phishing or the aftermath of a successful phishing attack. Equally distressing is that nearly 80% of CIOs see no improvement in the phishing problem, and a third sees the problem getting worse. The new study also showed 67% of networks surveyed were successfully infiltrated by malware through email and another 63% through web surfing.
Coincidently, the Federal Financial Institutions Examination Council, which includes the NCUA, provided an overview this week of its cybersecurity priorities for the remainder of 2015. The plan includes the development and issuance of a self-assessment tool that financial institutions can use to evaluate their readiness to identify, mitigate and respond to cyber threats.
The NCUA is just the latest major organization that suffered an apparent phishing attack recently. In February, Cox Communications said its southern Nevada customers received emails urging recipients to update their billing records by activating a web link, and in Denver in early March, a phishing scam apparently led to the theft of several direct deposit paychecks from Denver Public Schools employees.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
