The State Worker

Chronicling civil-service life for California state workers

June 4, 2009
CalPERS' issues scam alert

This e-mail went out this afternoon to CalPERS' employees:

From: Hofer, Sheri

Sent: Thursday, June 04, 2009 2:36 PM To: Exchange Users, All Subject: Security Bulletin - Scam Involving Golden 1 Credit Union

Phishing, Vishing, and Smishing are examples of blended threats using social engineering techniques; perfectly camouflaged to look like something else - something familiar - until they strike. The California Office of Information Security has issued the following advisory for all employees regarding the latest scam involving the Golden 1 Credit Union.

The California Office of Information Security has received reports that a new scam is currently being used to obtain individual's personal financial information through a social engineering technique. Social engineering is an approach used to gain unauthorized access to or acquisition of information assets. This approach relies on misrepresentation and the trusting nature of individuals, and is often carried out through the use of phishing telephone calls or email. A phishing telephone call or phishing email may sound or look as though it comes from an organization you do business with, such as a bank or government entity, but they are generally from a scammer trying to obtain your personal information under false pretenses.

This particular scam is being carried out by telephone as follows:

An individual leaves a message on an employee's work phone number, stating they are with the Golden 1 Credit Union. In this scam, the message states that the targeted person's credit and/or debit card has been temporarily suspended and instructs them to push "1" to reach security. Do not push "1". If you push "1", a second recording will ask you put your card number. DO NOT PUT IN YOUR CARD NUMBER!!!!

The following are general practices to avoid becoming a victim of these types of scams:

· Do not respond to unsolicited (spam) e-mail. Simply delete it.

· Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail, telephone or other means.

· Do not click on links contained within an unsolicited e-mail.

· Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.

· Validate the legitimacy of the organization by directly accessing the organization's website rather than following an alleged link to the site.

· Do not provide personal or financial information to anyone who solicits information.

The Golden 1 Credit Union has been made aware of this scam. Additional information from Golden 1 Credit Union regarding fraud is available on their website at: https://www.golden1.com/privacysecurity/phonefraud.aspx

The California Office of Information Security (COIS) has also published a monthly newsletter on Social Engineering released in April 2008 which discusses the various attack methods, and ways individuals can defend themselves against these types of attacks. The newsletter is accessible on the COIS website at: http://www.oispp.ca.gov/government/library/documents/April2008.doc .

Sheri Hofer
Enterprise Privacy
Caland Security Office

About Comments

Reader comments on Sacbee.com are the opinions of the writer, not The Sacramento Bee. If you see an objectionable comment, click the "report abuse" button below it. We will delete comments containing inappropriate links, obscenities, hate speech, and personal attacks. Flagrant or repeat violators will be banned. See more about comments here.

What You Should Know About Comments on Sacbee.com

Sacbee.com is happy to provide a forum for reader interaction, discussion, feedback and reaction to our stories. However, we reserve the right to delete inappropriate comments or ban users who can't play nice. (See our full terms of service here.)

Here are some rules of the road:

• Keep your comments civil. Don't insult one another or the subjects of our articles. If you think a comment violates our guidelines click the "report abuse" button to notify the moderators. Responding to the comment will only encourage bad behavior.

• Don't use profanities, vulgarities or hate speech. This is a general interest news site. Sometimes, there are children present. Don't say anything in a way you wouldn't want your own child to hear.

• Do not attack other users; focus your comments on issues, not individuals.

• Stay on topic. Only post comments relevant to the article at hand. If you want to discuss an issue with a specific user, click on his profile name and send him a direct message.

• Do not copy and paste outside material into the comment box.

• Don't repeat the same comment over and over. We heard you the first time.

• Do not use the commenting system for advertising. That's spam and it isn't allowed.

• Don't use all capital letters. That's akin to yelling and not appreciated by the audience.

You should also know that The Sacramento Bee does not screen comments before they are posted. You are more likely to see inappropriate comments before our staff does, so we ask that you click the "report abuse" button to submit those comments for moderator review. You also may notify us via email at feedback@sacbee.com. Note the headline on which the comment is made and tell us the profile name of the user who made the comment. Remember, comment moderation is subjective. You may find some material objectionable that we won't and vice versa.

If you submit a comment, the user name of your account will appear along with it. Users cannot remove their own comments once they have submitted them, but you may ask our staff to retract one of your comments by sending an email to feedback@sacbee.com. Again, make sure you note the headline on which the comment is made and tell us your profile name.

hide comments
blog comments powered by Disqus


About The State Worker

Jon Ortiz The Author

Jon Ortiz launched The State Worker blog and a companion column in 2008 to cover state government from the perspective of California government employees. Every day he filters the news through a single question: "What does this mean for state workers?" Join Ortiz for updates and debate on state pay, benefits, pensions, contracts and jobs. Contact him at (916) 321-1043 and at jortiz@sacbee.com.

FOLLOW US ON FACEBOOK

Now on the State Worker column

    [an error occurred while processing this directive]

State Pay Database

This database allows you to search the salaries of California's 300,000-plus state workers and view up to four years of their pay history.

Latest Capitol Alert headlines

    404 - Not Found - The Sacramento Bee, Sacramento, California

    404 Not Found

    Our apologies....

    We can't find the page you requested in this location.

    The story may have moved or expired.

    You may wish to:

  • » More on the Capitol Alert blog

Categories


May 2013

Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Monthly Archives