A hacker allegedly was phishing for credit card numbers of MSU Federal Credit Union members Jan. 11, according to an email sent to credit union members last night.
MSU Federal Credit Union, or MSUFCU, which services a large population of MSU students and employees, fell victim to an email scam offering recipients $10 to complete an online survey.
The survey requested credit card numbers and other personal information.
April Clobes, executive vice president of MSUFCU, said the scam email was detected early, and the credit union sent a warning email to all members the evening of the incident.
Clobes said the credit union members who initially called about the email all had MSU email addresses, but said the correlation might have been a coincidence and the full extent of the scam email is unknown.
Although a handful of credit union members said they took the survey, Clobes said their account information was changed before the scammer behind the phishing email used their personal information.
No money was stolen, she said.
“Nothing fraudulent happened,” Clobes said. “We were able to compromise their numbers and take care of the situation very quickly and effectively.”
At the beginning of each semester, email systems such as MSUFCU and MSU’s emailing system typically are more vulnerable to phishing attacks, said Steve Devine, team leader of the MSU Mail Team.
Devine said phishing emails are on the rise and criminals interested in hacking into people’s accounts often target large Listservs such as MSU accounts at the beginning of the semester because of an influx of new, possibly uninformed students.
“They fool people into believing that they’re legitimate,” he said. “You have a lot of new users, they’re not so aware, … so at the beginning of the semester we get targeted.”
Smart Internet procedures should be exercised by anyone online to prevent valuable information from getting stolen, such as not providing any credit card information, bank account numbers or passwords to any site over the Internet, Devine said.
Nutritional science freshman and MSUFCU member Melanie Strouse wasn’t sure if she’d received the initial scam email — she said if she had gotten it, she had probably just deleted it — but after a flutter of initial concern, she was comfortable with the situation.
“I thought they handled it pretty well — they informed everybody quickly,” Strouse said.
Clobes said credit union members or anyone who might have received the spam email should contact the credit union at (517) 333-2424 or (800) 678-4968.
Staff writer Stephen Brooks contributed to this report.
Support student media! Please consider donating to The State News and help fund the future of journalism.
