Phishing Scam Steals from USAA Member Bank Accounts

United Services Automobile Association has issued an alert to its members regarding an advanced phishing e-mail scam, which makes the effort for loading a harmful banker Trojan onto their PCs, published ThreatPost on December 19, 2011.

Specifically, according to USAA, the e-mail, exhibiting the caption "Deposit Posted," contains an accurate logo as well as a "Security Zone" number of 4 digits, which resembles the actual member number of the customer. Besides, the e-mail notifies the recipient that one particular deposit the firm treated has been posted onto his account.

Thereafter, below the artificially created deposit, it's urged in the message that users require opening a given attachment and know about additional details. But, on doing so, one instantly gets attacked with a malicious PC-Trojan that pilfers his banking credentials. The act subsequently also necessitates an entire reinstallation of the operating system on the victimized PC because of the computer's vulnerability to the theft, USAA explains.

Meanwhile USAA, during September 2010, cautioned its members of a phishing scam targeting them wherein the messages, asserting that they spotted fraudulent account operations, attempted at digging user-credentials. Later, during November 2010, the identical phishing e-mail scam was observed although that one served phony login pages to the targets while tried to so influence them that they willingly provided personal financial details. That way the scammers didn't have to contaminate the targets' computers with malware.

Overall, USAA suggests its clients that incase they get the above type of bogus electronic mail then they must ascertain whether the Security Zone contained 4-digit number corresponds to the end 4-digits of their member number with USAA.

Eventually, as per security specialists, people mustn't trust e-mails without being sure of their veracity when their sender is a financial institution, and which particularly direct them to follow doubtful web-links alternatively, feed in their confidential information. Lawful banks or other financial institutions won't ever dispatch uninvited e-mails requesting for recipients' online-banking particulars.

Besides, running an AV program on users' PCs is also crucial as this assists in identifying phishing scams. Last but not the least, utilizing one's commonsense too can keep people away from harm.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 12/27/2011