Between $3,000 and $6,000 was stolen in a cyber fraud attack at Coast Capital Savings.
Thieves made off with cash from 140 members in November and December, said credit union spokesperson Erin McKinley on Wednesday.
They used two forms of common fraud strategies: phishing and brute force.
Phishing is an attack in which fake emails or text messages are sent to people linking to fake websites that ask for account information. It’s commonly listed the Better Business Bureau of Canada’s top 10 annual scams.
“They built a website that looked like Coast Capital Savings… asking people to enter their information online,” McKinley said.
Meanwhile, brute force involves using computer programs to repeatedly guess simplistic account passwords until the correct one is determined.
McKinley said the credit union has notified its members of the incident. Reimbursement is being considered on a case-by-case basis.
Coast Capital has more than 50 branches around B.C., mostly in the Lower Mainland and in Greater Victoria.