"Official Notifications" are Phishing Scams

Many of us have received many emails on our ccpa.net accounts from (supposedly) Member's 1st Federal Credit Union and the Bank of Lancaster County. Today, Eric (the Computer Guy) sent out this message to all staff, which I want to share here:

Since many of you probably have an account [with Members 1st or Bank of Lancaster County] - don't fall for this.

How do I know it's not legit? I don't give out work email for personal accounts. Also read the last line - doesn't sound very 'bank-like'.

Remember ANY time you get something like this from ANY of your institutions
close the email & ALWAYS go DIRECTLY to their site....the phishers will use a link to take you to a bogus site that may look pretty convincing and then capture your personal information!

There is excellent information on this subject at OnGuardOnline.gov if you want to know more about how and why this is done, how to avoid getting caught and what to do if you think your personal information has been compromised (there is even a fun little game to test your knowledge!)

The message itself will read something like this, and may contain a legitimate company logo:

From: Members 1st Federal Credit Union [mailto:eservices@members1st.org]
Sent: Monday, February 11, 2008
To: undisclosed-recipients
Subject: Official Notification

Dear Members 1st Federal Credit Union Customer,

This is your official notification from Members 1st Federal Credit Union, Your online account has expired. If you want to continue using our service you have to renew your online account. If not, your online account will be deactivated and deleted. To
continue click here, complete the renew form with your currentinformation.

Many Thanks and Kind Regards - Members 1st Federal Credit Union - Update
Department

or this

From: Bank of Lancaster County [mailto:service@blcnet.com]
Sent: Tuesday, January 22, 2008
To: undisclosed-recipientsSubject: Please renew your BLC services!

Dear Member,

This is your official notification from Bank of Lancaster County that the service(s) listed below will be deactivated and deleted if not renewed immediately. Previous notifications have been sent to the Billing Contact assigned to this account. As the Primary Contact, you must renew the service(s) listed below or it will be deactivated and deleted. Renew Now your Sterling Online and Bill Payer services.

SERVICE: Sterling Online and Bill Payer.
EXPIRATION: January 26, 2008

Thank you for using Sterling Online. We appreciate your business and the opportunity to serve you.

Copyright (c) 2008, Bank of Lancaster County. All rights Reserved.

If you use online services with any financial institution, your best bet is to contact them directly if you receive a message like this and are unsure of it's authenticity.