USAA Members Beware: Email Phishing Scam Circulating
October 8th, 2007USAA Federal Savings Bank is warning its members about a new email phishing scam that tries to collect sensitive account information.
The email has the USAA logo at the top and contains the subject “Unauthorized Activity!”. The rest of the text attempts to trick users into thinking that their accounts have been compromised and tells them to click on a link in the email in order to “confirm their records”:
We have recently determined that different computers have logged onto your Online Banking Account, and multiple password failures were present before the logons. We now need you to reconfirm your account information to us.
If this is not completed by October 21, 2007, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this matter.
To confirm your Online Banking records click on the following link:
[scammer’s link here]Thank you for your patience in this matter.
USAA Customer Service
Phishing is a tactic that is used by scammers in order to collect login information like usernames, passwords, etc. that can be used later to hack into people’s accounts or commit some type of fraudulent transaction using the victim’s identifying information. In this particular case, the email link redirects users to a fake website that tries to trick them into entering their account information.
I have received similar phishing emails in the past that claimed to have come from banks such as Wachovia or Washington Mutual and also from payment processors such as PayPal and e-gold. Most of the fake PayPal and e-gold mails were easily recognizable as phishing attempts because they contained obvious spelling and grammatical mistakes that would be very unlikely to appear in a legitimate email. It is also important to remember that most legitimate financial institutions and payment processors will never ask you to click on links contained in emails. Therefore, any email message such as this latest USAA phishing scam that tries to entice you to click on a link in order to access your account (as opposed to simply going to the site directly and logging in normally) should be immediately flagged as suspicious.
