Thousands of dollars were stolen in a cyber fraud attack at Coast Capital Savings.
Thieves made off with cash from 140 members in November and December, said credit union spokesperson Erin McKinley on Wednesday.
She said while the total amount is unknown, each member lost an average of $3,000 to $6,000.
The credit union is currently investigating each incident.
They used two forms of common fraud strategies: phishing and brute force.
Phishing is an attack in which fake emails or text messages are sent to people linking to fake websites that ask for account information. It’s commonly listed the Better Business Bureau of Canada’s top 10 annual scams.
“They built a website that looked like Coast Capital Savings… asking people to enter their information online,” McKinley said.
Meanwhile, brute force involves using computer programs to repeatedly guess simplistic account passwords until the correct one is determined.
McKinley said the credit union has notified its members of the incident. Reimbursement is being considered on a case-by-case basis.
Coast Capital has more than 50 branches around B.C., mostly in the Lower Mainland and in Greater Victoria.
NOTE: This story has been corrected. The original said that $3,000 to $6,000 was stolen in total, but that was the estimated amount per member.