iT security and control firm Sophos is warning computer users to be extra vigilant about any emails which claim to come from financial institutions, no matter how genuine the correspondence appears. The warning comes as customers of a small credit union, Kessler Federal, are being targeted with phishing emails that attempt to cash in on a phishing warning posted on the organisation’s website, and entice worried customers to call a fake phone number to verify their details.

Sophos experts note that to add credibility to the phish, the cybercriminals have stuck very closely to the text used on Kessler Federal’s website and have included legitimate URLs which link to official advice pages, as well as the proper email address for reporting abuse. However, the phishers did change the date, text and phone number at the bottom of the email in an attempt to solicit phone calls to the posted number. Voice phishers cash in on genuine warning with cloned switchboard