USAA phishing

[IndependentlyPoor]

A friend of mine uses some of his ER free time to help track down web scams for the OpenDNS folks. This site was recently shut down, then popped up again at a different ISP.

See anything wrong with this page (other than the Phishtank logo)?
I don't either.

Be Careful!
phishing.PNG

[REWahoo]

I've had several of these USAA phishing attempts hit my email over the past couple of weeks. They are scarily realistic.

[IndependentlyPoor]

I haven't seen the emails. I suppose they give some reason for logging into your account and then include a link to the phony site. Could you post some details?

[REWahoo]

Here is the text of an email I got last week. The message was from USAA Savings Bank and titled "Unauthorized Activity".

[IndependentlyPoor]

I presume you weren't taken in. I just might have been.

[REWahoo]

Quote:

Originally Posted by IndependentlyPoor I presume you weren't taken in. I just might have been.

I never respond to an email from any of my financial sites through a link in the message. But it is easy to see how some dottering old Colonel who thinks he's still at the top of his game could easily fall for it.

[easysurfer]

I almost fell the for ol' paypal phishing scam before. I had just purchased something via paypal by coincidence and while caught off guard, my mind automatically incorrectly associated my purchase with the phishing email. I use Spoofstick as a safety check when any emails seem phishy.

[audreyh1]

Any time I get a phishing email, I forward it (with headers expanded) to the financial institution being targeted. Most institutions have an email address for fraud.

Audrey

[ziggy29]

Most scams like this use a generic greeting like "Dear Member" or "Dear Customer" or something like that. Most genuine communications will actually refer to you by name. (That's not a sure thing, but I would look with *extreme* suspicion in an e-mail from a financial institution that didn't address me by name.)

Also, any legitimate e-mail that contains links will also allow you to perform the same action directly by typing in the site's URL in the browser.

Note also that in a phishing scam, even when they display a legitimate URL (as in the USAA phishing example above), the underlying code takes you to a different place which often differs from the legitimate site by adding another letter or putting in a dash instead of a slash among other things.

[kumquat]

Right click the link and select <Properties>. This will give you (among other things) the URL that will be addressed if you follow the link. Usually it's easy to spot a non-authentic URL. If you're not sure, assume its phishing.

Using Firefox, you can also:
Roll your mouse over the link, then look at the bottom left area in your browser. The URL will be there.

[Nords]

Haven't seen it yet. Might not ever see it.

Since I switched from Hotmail to Gmail my spam has gone from 3-4/day to one or two a week. Oddly enough they're for SEO, nothing else.

[donheff]

The best defense is to never follow an email link to a financial site - period. Trying to analyze URLs or other means to determine whether it is a phish attempt risks getting fooled by especially talented phishers. Granted this one was typically weak. Look at the following language, certainly not from the English grads in the marketing department: "...appreciate your support in helping us maintaining the integrity..."

[scrabbler1]

My ladyfriend has received a few of those from those claiming to be her bank but she is savvy enough to suspect them and not click on the link. Instead, she contacted her bank and was given an email address of their security/fraud team to send the phishing email to. She got an email from one claiming to be my bank so she forwarded it to me and I sent it to my bank's security/fraud team.

[Darryl]

I got this email closed it signed into USAA the normal way and they had a warning posted already about the scam. The fake quality is improving.

[IndependentlyPoor]

I wish USAA would switch to a two-step login like the one Vanguard uses.

[Bimmerbill]

I have not seen it, but my log in page doesn't ask for PIN up front. It only asks for PIN once I've logged in and try to select one of my accounts.

[beowulf]

I've received several of the USAA e-mails and forwarded them to abuse@usaa.com. Each time I received an acknowledgement from USAA. They send these things to millions of e-mail addresses and have no idea who is or is not a USAA member. I also get them for many banks I do no business with and some I have never heard of.

I agree with everyone who said never to sign into a webpage linked to an e-mail. That's the safest way.

[Alan]

Quote:

Originally Posted by IndependentlyPoor I wish USAA would switch to a two-step login like the one Vanguard uses.

I like this approach also, but apparently it doesn't help the vast majority of account holders. A phishing site will put out a message apologizing that their image server is down and the person being phished will proceed and enter their password.

[mickeyd]

USAA has had an alert regarding phishing scams like this on it's web site for a while. I suppose that it's an ongoing problem. Always good to remember that legit financial sites do not EVER send out emails asking for data from their customers.

[Rustic23]

USAA, and others could solve this. All they have to do is stop putting links in their emails, and let their customers know that they won't. Then when you get and email with a link in it, you know it did not come from USAA. If they want to direct you to some page, tell you to log on to USAA and click the 'Whats of futsit button'! or link on their site.