There are reports that a new configuration of the data stealing trojan Zeus is targeting credit and debit cardholders across the country with a phishing exploit that spoofs Verified by Visa and MasterCard SecureCode. Additionally, the phishing page reportedly allows the attackers to obtain all the necessary information to carry out credit card fraud and even make online transactions with retailers that participate in the Verified by Visa or MasterCard SecureCode programs.
Members would never be asked for a PIN number and/or social security number. If a member feels too much information is being requested, or if they are suspicious about the website, they should be warned to NOT enter any personal information and instead contact a known phone number for their card company (800 number on back of card) or contact the credit union directly to verify the request.