USAA phishing

[IndependentlyPoor]

A friend of mine uses some of his ER free time to help track down web scams for the OpenDNS folks. This site was recently shut down, then popped up again at a different ISP.

See anything wrong with this page (other than the Phishtank logo)?
I don't either.

Be Careful!

 

[REWahoo]

I've had several of these USAA phishing attempts hit my email over the past couple of weeks. They are scarily realistic.

 

[IndependentlyPoor]

I haven't seen the emails. I suppose they give some reason for logging into your account and then include a link to the phony site. Could you post some details?

 

[REWahoo]

Here is the text of an email I got last week. The message was from USAA Savings Bank and titled "Unauthorized Activity".

 

[IndependentlyPoor]

I presume you weren't taken in. I just might have been.

 

[REWahoo]

I presume you weren't taken in. I just might have been.

I never respond to an email from any of my financial sites through a link in the message. But it is easy to see how some dottering old Colonel who thinks he's still at the top of his game could easily fall for it.

 

[easysurfer]

I almost fell the for ol' paypal phishing scam before. I had just purchased something via paypal by coincidence and while caught off guard, my mind automatically incorrectly associated my purchase with the phishing email. I use Spoofstick as a safety check when any emails seem phishy.

 

[audreyh1]

Any time I get a phishing email, I forward it (with headers expanded) to the financial institution being targeted. Most institutions have an email address for fraud.

Audrey

 

[ziggy29]

Most scams like this use a generic greeting like "Dear Member" or "Dear Customer" or something like that. Most genuine communications will actually refer to you by name. (That's not a sure thing, but I would look with *extreme* suspicion in an e-mail from a financial institution that didn't address me by name.)

Also, any legitimate e-mail that contains links will also allow you to perform the same action directly by typing in the site's URL in the browser.

Note also that in a phishing scam, even when they display a legitimate URL (as in the USAA phishing example above), the underlying code takes you to a different place which often differs from the legitimate site by adding another letter or putting in a dash instead of a slash among other things.

 

[kumquat]

Right click the link and select <Properties>. This will give you (among other things) the URL that will be addressed if you follow the link. Usually it's easy to spot a non-authentic URL. If you're not sure, assume its phishing.

Using Firefox, you can also:
Roll your mouse over the link, then look at the bottom left area in your browser. The URL will be there.

 

[Nords]

Haven't seen it yet. Might not ever see it.

Since I switched from Hotmail to Gmail my spam has gone from 3-4/day to one or two a week. Oddly enough they're for SEO, nothing else.

 

[donheff]

The best defense is to never follow an email link to a financial site - period. Trying to analyze URLs or other means to determine whether it is a phish attempt risks getting fooled by especially talented phishers. Granted this one was typically weak. Look at the following language, certainly not from the English grads in the marketing department: "...appreciate your support in helping us maintaining the integrity..."

 

[scrabbler1]

My ladyfriend has received a few of those from those claiming to be her bank but she is savvy enough to suspect them and not click on the link. Instead, she contacted her bank and was given an email address of their security/fraud team to send the phishing email to. She got an email from one claiming to be my bank so she forwarded it to me and I sent it to my bank's security/fraud team.

 

[Darryl]

I got this email closed it signed into USAA the normal way and they had a warning posted already about the scam. The fake quality is improving.

 

[IndependentlyPoor]

I wish USAA would switch to a two-step login like the one Vanguard uses.

 

[Bimmerbill]

I have not seen it, but my log in page doesn't ask for PIN up front. It only asks for PIN once I've logged in and try to select one of my accounts.

 

[beowulf]

I've received several of the USAA e-mails and forwarded them to abuse@usaa.com. Each time I received an acknowledgement from USAA. They send these things to millions of e-mail addresses and have no idea who is or is not a USAA member. I also get them for many banks I do no business with and some I have never heard of.

I agree with everyone who said never to sign into a webpage linked to an e-mail. That's the safest way.

 

[Alan]

I wish USAA would switch to a two-step login like the one Vanguard uses.

I like this approach also, but apparently it doesn't help the vast majority of account holders. A phishing site will put out a message apologizing that their image server is down and the person being phished will proceed and enter their password.

 

[mickeyd]

USAA has had an alert regarding phishing scams like this on it's web site for a while. I suppose that it's an ongoing problem. Always good to remember that legit financial sites do not EVER send out emails asking for data from their customers.

 

[Rustic23]

USAA, and others could solve this. All they have to do is stop putting links in their emails, and let their customers know that they won't. Then when you get and email with a link in it, you know it did not come from USAA. If they want to direct you to some page, tell you to log on to USAA and click the 'Whats of futsit button'! or link on their site.

 

[Orchidflower]

I never respond to an email from any of my financial sites through a link in the message. But it is easy to see how some dottering old Colonel who thinks he's still at the top of his game could easily fall for it.

I just got an email this morning from a supposed "Fidelity" regarding my email account. I didn't open it at all, but, obviously, there is a phish firm out there using the Fidelity name to scam. Address looked realistic, and, if I had known about this thread, would have made a note of it.
And the reason I know it could not have been Fidelity: they have no clue about the account the phishing letter was sent to. Caught them!

 

[Rustward]

Seems like most people -- at least the computer literate ones -- have become aware of phishing -- at least with email, and use good judgement or err on the side of caution. Don't know the hit ratio on phishing (when the crook actually gets the phishee to give out some information useful to him) but it must be pretty small. The phishers are sending out thousands of emails. Personally I think the email providers could do more to help in this area, but so much of this stuff is free, and well, maybe anti-phishing costs money to implement.

I use Verizon for primary mail. No phishing. Also have several Yahoo and Gmail accounts that I only use occasionally, and most of that mail I don't even open. I have the spam detectors enabled on all of them. Did see some interesting spam. When somebody sends you an email attachment named n.txt or links to websites with names like walliepills.ru and luckcroud.com and ur.lc.j0u and grabdagolds.com -- well those look suspicious.

Have not received a phish in -- can't remember when. Would any of you who received one care to tell us through which email provider you received it?

The crooks will always be looking for new weaknesses in either the technology or the human interaction with the technology to exploit.

 

[FIREd]

I have never received those phishing emails (my email service is great at removing the spam before it reaches me). Anyways, I bookmarked USAA's website and only use that bookmark to log into my account.

 

[donheff]

USAA, and others could solve this. All they have to do is stop putting links in their emails, and let their customers know that they won't. Then when you get and email with a link in it, you know it did not come from USAA. If they want to direct you to some page, tell you to log on to USAA and click the 'Whats of futsit button'! or link on their site.

That wouldn't solve the problem. The fact that institutions don't send links doesn't prevent the scammers from doing so. And there will always be the few confused or distracted customers who will click on them. Very few (if any) financial institutions send links to their sites in emails and USAA probably doesn't. Only the phishers do. USAA already has the above scam posted on their site and they warn customers not to click on links in "suspicious" emails. That doesn't guarantee that they don't have links in their own "non-suspicious" emails but it would seem pretty dumb for them to do so and might constitute malfeasance in light of their knowledge of the scams..

 

[Rustic23]

USAA does! So Does Wells Fargo! USAA has quite an advertising campaign that they will 'never ask for personal information'. In fact it is so stupid that I think I even got one touting this and 'click on here for more information' Here is one of their latest, at least I think it is one of theirs.

[FONT=Verdana, sans-serif]To ensure delivery to your inbox, please add USAA.Web.Services@customermail.usaa.com to your address book.[/FONT]


<img alt="" border="0" height="41" width="61"> USAA Documents Online [FONT=Verdana, sans-serif]View Accounts | Privacy Promise | Contact Us[/FONT] [FONT=Verdana, sans-serif]Online Security Guarantee[/FONT] <img alt="" border="0" height="24" width="18">
[FONT=Verdana, sans-serif] Dear (My Name, First and Last)(first clue it is most likely legit),
You have the following new tax return documents on usaa.com. Log on to view your documents.

• 2009 MUTUAL FUND TAX FORM 5498 IRA 0001-00xxxxxxx

You may have elected to turn off these notifications, but we're required to send them for tax document delivery.

<img height="15" width="15"> View Your Documents <img border="0" height="9" width="12"> Get 25% off Turbo Tax®. Learn more.
Thank you,
USAA[/FONT]




The links appear to be USAA links, with all their graphics. As I said, it was addressed to me, and while nothing will stop the uninformed from clicking a link, if I know my financial institution will not send a link, I won't try t click on one if someone sends me a fraudulent email.