Cybersecurity expert and former Washington Post reporter Brian Krebs recently reported in his column, Krebs on Security, that a malicious malware campaign targeted credit unions last week. In the article,
Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions,” Krebs says because the phishing campaigns were sent to specific anti-money laundering contacts, there is some speculation the data was taken from the NCUA.

According to Krebs, “On the morning of Wednesday, Jan. 30, BSA officers at credit unions across the nation began receiving emails spoofed to make it look like they were sent by BSA officers at other credit unions.

“The missives addressed each contact by name, claimed that a suspicious transfer from one of the recipient credit union’s customers was put on hold for suspected money laundering, and encouraged recipients to open an attached PDF to review the suspect transaction. The PDF itself comes back clean via a scan at, but the body of the PDF includes a link to a malicious site.”

Read the full article here.