Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









USAA Phishing Scam Email

Outline
Email purporting to be from financial services group USAA claims that members need to follow a link to fill out a new version of the group's confirmation form.



Brief Analysis
The email is not from USAA. In fact, it is a phishing scam designed to steal private information from USAA customers. Links in the message open a bogus webform that asks users to submit personal and financial information.

Bookmark and Share
Detailed analysis and references below example.



Scroll down to submit comments
Last updated: 11th November 2010
First published: 11th November 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: notification from USAA

Confirmation Form


Dear USAA Customer,

We would like to inform you that we have released a new version of USAA Confirmation Form. This form is required to be completed by all USAA customers. Please use the button below in order to access the form:

Access USAA Confrmation Form

Thank you,
USAA

Screen shot of scam email:

USAA Phishing Scam Email




Detailed Analysis
This email, which claims to be from the United Services Automobile Association (USAA), advises USAA customers that they are required to complete a new versions of the "USAA Confirmation Form". The email instructs recipients to click a button to access the new form. The message features seemingly official USAA logos, formatting and links.

However, the email is not from the USAA. The email is a phishing scam designed to trick USAA customers into submitting personal information to Internet criminals. Those who fall for the ruse and click on the link in the scam email will be taken to a bogus website that asks them to logon to their USAA account. They will next be taken to a fake form that asks them to provide a raft of personal information, including their USAA credit card Number, pin, security code and other identity details The criminals operating the scam can collect the information submitted on the bogus website and use it to commit credit card fraud and identity theft.

USAA has posted a notice on its website warning customers about such phishing scams. The warning notes that "USAA will not ask for any personal or account information, including PINs or passwords, in an e-mail".

Phishing scams of this nature are very common and target customers of many financial institutions and service providers all around the world. Scammers use many and varied ruses to try to entice their intended victims into submitting their personal and financial information. Any unsolicited email that claims that you need to update personal information urgently by clicking a link or opening an attached file should be treated as suspicious.

Read more about Phishing Scams

Bookmark and Share

References
Phishing Scam Targets USAA Members
Phishing Scams - Anti-Phishing Information



Last updated: 11th November 2010
First published: 11th November 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer