USAA is the insurer of millions of members of the military as well as many veterans so it is no surprise that it is the basis for a new phishing email presently being circulated. As with so many phishing emails, this one tells you that you need to click on links in the email in order to resolve security issues. The truth is that if you click on the link or provide personal information, you will become a victim of identity theft as the criminal will use the information you provide to make you a victim of identity theft. Alternatively, merely by clicking on the link provided in the email, you may download keystroke logging malware that will enable the identity thief to steal all of the information in your computer, laptop or other device and use that information to make you a victim of identity theft. In another scenario, clicking on the link will download dangerous ransomware.
Here is a copy of the new phishing email that is presently circulating. DO NOT CLICK ON THE LINKS. As phishing emails go, the graphics are pretty impressive, however there are grammatical errors including the word “has” being used instead of “have”. It also should be noted that the email is directed to “Dear Customer” rather than your name and no account number is provided. These are further indications that this is a scam. Finally, this email was sent by an email address that had nothing to do with USAA, but was undoubtedly part of a botnet of computers using email addresses of hacked email accounts to send out the phishing email.
Frankly, whenever you get an email, you can never be sure who is really sending it to you. Obviously if you receive this email and you do not have an account with USAA, you know it is a scam, however, if you receive something like this that appears to come from a company with which you do business, you should still not click on any links contained in the email unless you have independently confirmed with the company that the email is legitimate. Remember, even paranoids have enemies.