Pennsylvania, Ohio and Indiana hit hard by phone phishing

Last month, we reported about a phone phishing outbreak in Kentucky and Indiana. This month we have seen many community banks and credit unions in Indiana, Ohio and Pennsylvania attacked with phone phishing in a similar manner.

In the attacks, the criminals use automated dialing to call consumers with a recorded message that claims to be from the targeted institution and conveys an "urgent" reason for the consumer to call a specific telephone number.  When the consumers call the number given, they are greeted with a recording that requests their personal information.

While the reported losses have been relatively small, many institutions, even those not directly targeted in the scams, report being overwhelmed with customer inquiries in all channels: phone, email and in person at the branches.

The best course of action for all institutions is to have a phishing response plan in place and ready to execute.  This plan should include messaging for all your customer and member touch points.