Websense® Security Labs™ have received reports of a phishing attack that targets First National Bank in Manitowoc customers. Users receive a spoofed email message, which asks them to complete a survey in order to receive a $50 credit to their account. The email provides a link to a phishing site that attempts to collect personal and account information.

This phishing site is hosted in the United States and was down at the time of this alert.

Phishing email text:

Dear Customer, *CONGRATULATIONS!*

You have been chosen by *First National Bank in Manitowoc* online department to take part in our quick and easy 5 question survey. In return we will credit $50 to your account - Just for your time! Helping us better understand how our customers feel benefits everyone. With the information collected we can decide to direct a number of changes to improve and expand our online service.
We kindly ask you to spare two minutes of your time in taking part with this unique offer!

SERVICE: *First National Bank in Manitowoc Online $50 Reward Survey* EXPIRATION:
*April 20, 2007*

Confirm Now < URL REMOVED >  your *$50 Reward Survey* with *First National Bank in Manitowoc Online Reward* services.
The information you provide us is all non-sensitive and anonymous No part of it is handed down to any third party groups. It will be stored in our secure database for maximum of 3 days while we process the results of this nationwide survey.

Phishing screenshot:

This is an opinion of the NCUA Office of the General Counsel addressing Dividend Rewards Program for Use of Certain Services

The Multiple Common Bond Expansion Report identifies the number of select group expansions approved, deferred and denied for federal credit unions. The report is presented in a year-to-date format and is updated monthly.

Websense® Security Labs™ have received reports of a phishing attack that targets CEFCU customers. Users receive a spoofed email message, claiming that their credit card has been reported lost or stolen and that their accounts have been suspended. The email provides a link to a phishing site that attempts to collect personal and account information.

This phishing site is hosted in the United States and was down at the time of this alert.

Phishing email text:

We have been notified that a card associated with your account has been reported lost or stolen. Therefore, as a prevention measure, we have temporarely limited access to sensitive CEFCU On-Line account features.

To ensure that your account is not compromised please take a review on your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure no changes have been made. If any unauthorized activity has taken place on your account, report this to CEFCU On-Line Security Center immediately.

To get started, please click the link below:

< URL REMOVED >

This e-mail contains information directly related to your account with us and/or any application you may have submitted. CEFCU On-Line and its service providers are committed to protecting your privacy and ask you not to send sensitive account information through e-mail.

You can view our privacy policy and contact information at
< LINK REMOV|ED >

Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.If you choose to ignore our request, you leave us no choice but to temporary suspend your account.

Thank you for using CEFCU On-Line Home Banking!

Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in < LINK REMOVED > to your CEFCU On-Line
account and choose the Help link located in the top right corner of any CEFCU On-Line page. To receive email notifications in plain text instead of HTML, update your preferences here < LINK REMOVED >.
We do business in accordance with the Federal Fair Housing Law and the Equal Credit Opportunity Act.
Copyright© 2007 CEFCU On-Line. All rights reserved

Phishing screenshot #1:

Phishing screenshot #2:

Websense® Security Labs™ have received reports of a phishing attack that targets Rainbow Federal Credit Union customers. Users receive a spoofed email message, claiming that due to too many unsuccessful login attempts, their accounts have been suspended. The email provides a link to a phishing site that attempts to collect personal and account information.

This phishing site is hosted in the United States and was up at the time of this alert.

Phishing email text:

Rainbow Federal Credit Union department temporary suspended your account.
After three unsuccessful login attempts your account was temporary suspended until further investigations.
All cards from this account are suspended.
You must reactivate your account immediately, or you won’t be able to use your cards again.
Once you have completed these steps, we will send you an email notifying that your account is available again.
The information you provide us is all non-sensitive and anonymous - No part of it is handed down to any third party.

Sorry for any inconvenience this may cause and thank you for your patience.

To continue please click the link below:
< URL REMOVED >

© 1995-2007 Rainbow FCU

P O Box 741, Lewiston ME 04243-0741

Phishing screenshot #1:

Phishing screenshot #2:

This guidance letter addresses problems recently reported with underwriting and servicing of many sub-prime and non-traditional loans and the need for adequate monitoring of MBS by management.

In 2005, the National Credit Union Administration (NCUA) discussed increasing risks to mortgage borrowers in Letter to Credit Unions 05-CU-15, Increasing Risks in Mortgage Lending. As discussed in that letter, some residential mortgage borrowers are experiencing mortgage repayment difficulties or “payment shock,” as the interest rates on their mortgages reprice or reset. Some of these borrowers may not have the ability to repay substantially higher payments since they were qualified based on low initial interest rates.

The federal bank, thrift and credit union regulatory agencies are encouraging financial institutions to work with homeowners who are unable to make mortgage payments. Prudent workout arrangements that are consistent with safe and sound lending practices are generally in the long-term best interest of both the financial institution and the borrower. Institutions will not face regulatory penalties if they pursue reasonable workout arrangements with borrowers.

NCUA has reviewed the offer by Wings Federal Credit Union (Wings) to pay members of Continental Federal Credit Union (Continental) $200 apiece if Continental merges with Wings, and has informed Wings that the payment is impermissible under the provisions of the Federal Credit Union Act.

The National Credit Union Administration (NCUA) has assumed control of service and operations at Obelisk Federal Credit Union, with assets of $51 million, located in New Albany, Indiana.