Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Scammed E-mails Apparently Coming from USAA

Cybercriminals have been sending an electronic mail, which appears to be coming from the United Services Automobile Association (USAA), with the aim to filch the member's private information, according to a Stripes Central news report dated December 1, 2011.

The victims allege that the scammed email, which appears to be coming from the USAA, asks the recipient to follow a link in order to secure his account. The post includes the message stating that the user has tried to access usaa.com, but he was denied the access mainly due to two reasons, either the personal authentication question did not go with the record or the answer was not given.

The email also asks the user to choose for 'That Was Not Me' option if he has forgotten about when he tried to access the online banking. He is then driven to fill in his present identity.

The USAA asserts that the victims, who click on the link given, are questioned about their billing address, PIN and card number, and other vital data.

On clicking 'Next', the member is taken to another website which asks to set up security questions, and a subsequent hit on the 'Next' button leads to the opening of a website which finally inquires about the member's card details, like card number, expiry date, email ID, password, etc.

Though the post contains a USAA sign for the authenticity, security experts are sure that the Association would not inquire about any personal information, like password for email.

According to experts, authentic USAA websites make use of Extended Validation (EV) certificates which are part of a verification process that turns the Web address bar green and helps user visit a genuine website.

The USAA advises the victims that if they get any email or pop-up message which inquires about personal or financial details, then they should neither reply nor click on the link in the post. The genuine companies never ask for such details through emails. On receiving such a post, the recipient should contact the company mentioned in the email through telephone.

Related article: Second Life Exploit Allows Hackers Steal Linden Currency from Avatars

ยป SPAMfighter News - 12/9/2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page