Application security, Malware, Phishing

USAA members hit with multiple phishing attacks

Multiple phishing campaign that play off consumers' fear of having their financial information being hacked are hitting customers of United Services Automobile Association (USAA).

Paul Tolbert, email security specialist at AppRiver, said in a blog, that his team has noticed a steady increase in spam blasts involving USAA members, each using a socially engineered note asking the victim to click on a link where certain personal information would be requested. Two recent examples displayed by AppRiver show USAA customers receiving emails stating that either a pending transaction was cancelled or that their account must be updated.

The goal is to obtain the customer's USAA login credentials, Tolbert told SCMagazine.com in an email, adding that no other malware was downloaded.

In order to garner a response from the victim, the malicious actor makes certain to clearly state that the new information is required to keep the account in question safe from being accessed by unauthorized personnel.

 

An example of a phishing email sent to USAA members.

However, Tolbert noted that the emails are flawed, can be spotted by an observant person and that the bad guys in question also depended on having some luck to make their scheme work.

“During our investigation, however, we found several red flags that proved otherwise,” he wrote. "The email also contains the usual discrepancies found in many phishing campaigns like a rogue sending IP, spoofed sender address, etc."

The part of the campaign requiring luck involves the "spray and pray" methodology used to find USAA members.

“We are not able to confirm that these were being sent only to USAA members,” Tolbert said. "Most of the time these are sent in mass to a list of email addresses and the attackers are playing the percentage that some of their messages will reach the inbox of some actual members."

Tolbert closed telling SCMagazine.com that this type of attack is back in vogue again. “USAA is one of many financial institutions that we see targeted around the clock.”

USAA said it is seeing an uptick in such activity and has responded by attempting to educate its members tot he dangers of phishing and other online scams through a series of articles on the topic. 

Updated to include USAA comment.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.