High-risk phishing and impersonation scam currently in circulation

We have been notified by another credit union of a high-risk phishing and impersonation scam currently in circulation.

The member received a fraudulent text message claiming that long-standing credit union members were entitled to a €1,500 energy grant.

The text message included a malicious link.

When clicked:

• The member was taken to a fake webpage requesting:
• Three digits of their online banking PIN
• Followed by another three digits, capturing the full six-digit PIN
• They were then asked to complete a form providing:
• Name
• Date of birth
• Branch
• Member number

Approximately 20 seconds later, the member received a phone call from a fraudster posing as the Credit Union.

During the call, the fraudster:

• Claimed there was suspicious activity on the account
• Asked whether family members had access to online banking
• Said they would send a One-Time Passcode (OTP) to “verify details”

Thankfully, the member became suspicious, ended the call, and contacted their credit union immediately. The account was secured before any loss occurred.

Please be conscious of the following red flags:

• Unexpected texts offering grants, refunds, or energy credits
• Links requesting PIN digits or login credentials
• Follow-up phone calls claiming to be from the Credit Union
• Requests for OTPs or verification codes
• Pressure, urgency, or warnings of “suspicious activity”