« Another AppleID Phishing Attempt | Main | Fake Email Server Settings Warning »
Home | The Book | Training | Events | Tools | Stats |
September 16, 2017
Fake USAA EmailAs Americans freak out about the recently revealed Equifax security breach, you shouldn't be surprised to find crooks ramping up their efforts to capitalize on consumer fears. One I saw today is particularly cynical because it targets USAA, an insurance and financial services company that assists US military families. Here's the dastardly piece of work:
The message begins by claiming to warn recipients against the precise kind of phishing email message that this message is. Then it asks recipients to confirm their information by clicking a link in the message. Doing the mouse rollover trick, you see a URL that does not begin with the expected usaa.com domain, but whose deeper folders contain those letters as a way to make one think it's legit.
It is not.
If you are a USAA member and fall for this message by logging into the fake site (thus giving the crooks the keys to your account), you can truly put your family's financial future at risk.
As always, if you are concerned that an email may be warning you of an account problem, NEVER click on links or buttons in the email. Instead, use a previously-saved bookmark to log into your account. If there is a genuine problem with your account, you will learn about it there. But 99.99999% of the time, there will be no problem with your account.
Please be extra vigilant in these times of private information uncertainty. It's bad enough that outfits like Equifax, which collect our private information without our permission, let themselves be hacked. Just don't help the crooks get the other half of Americans not included in the recent breach.
Posted on September 16, 2017 at 10:50 AM