Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phishing Scam Targets USAA Customers

According to Director of Research in Computer Forensics Gary Warner at the U.S-located UAB (University of Alabama at Birmingham), an infamous cyber-criminal group namely Avalanche is running an advanced phishing campaign wherein the e-mails pose as messages from the United Services Automobile Association (USAA).

It's noteworthy that USAA is one of the Fortune 500 financial services enterprises providing insurance, investment and banking to families or individual persons who served or still serve in the U.S military.

Enlightening on the particular phishing campaign, Warner pointed out that the fraudulent electronic mails displayed headers like Automatic reminder, Automatic notification, important instructions, important banking mail from USAA - Ref No. 911592, instructions for customer, information from USAA customer service, and many more. Garwarner.blogspot.com reported this on November 1, 2010.

It's also reported that the fraudulent message addressing USAA customer notifies the recipient that the Association has introduced another edition of USAA Confirmation Form, which every USAA customer needs to fill out. Subsequently, it requests the recipient to click a given button that apparently leads to the form.

Named "Access USAA Conformation Form," the button, however, doesn't take the user onto the phishing website straight away.

Rather, numerous redirect web-links are used, several of which have been created via tinyurl.com, thesurl.com, migre.me, j.mp etc., which are names of URL-condensing services. Additionally, the phisher seems to have as well created around 290 '.tk' Web-domains with the help of the service for setting up genuine appearing domain names that divert onto their phishing websites.

Highlights Warner that the host of the 'USAA Confirmation Form' is really haphazardly-produced hostnames on "vsdfile.ru" which's a Web-domain.

He also notes that although nearly not a single spam mail has its origin in the USA, nearly each and every URL-address inside the messages belong to USA.

Eventually, to remain safe from the phishing campaign, USAA clients are recommended that they shouldn't click the web-link provided in the e-mail for accessing the site. Also, they should instantly erase unsolicited e-mails, no matter whether the messages look to be sent from reputed organizations like USAA. And, finally they must ensure that their security software is up-to-date.

Related article: Phishing With A Redirector Code

ยป SPAMfighter News - 11/10/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page