Fake USAA e-mails phishing for card information   Leave a comment

E-mails purportedly sent by the United States Automobile Association (USAA) have been hitting inboxes in the last few days, M86 researchers warn.

In it, the recipients are urged to fill out a “new version of USAA Confirmation Form” by following the offered (shortened) link, which redirects the potential victim to the phishing page. The fake form requests users to enter their online ID, password, name, e-mail, USAA card number, expiration date, security code and PIN – since the USAA provides a banking and credit card service:

Luckily for the potential victims, there are many things in this e-mail campaign that can raise their suspicion. A small mistake in the wording of the message, the use of bit.ly shortened links and the warning of the link-shortening service that there might be a problem with the destination URL:

Even if the user chooses to disregard this warning, when he finally lands on the phishing page one look at the address bar will tell him that this is not the correct address.



Posted November 5, 2010 by axxerainc in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: