Below is a good example of a scam phishing email send by an identity thief attempting to lure the receiver of the email, (in this case, me) to download the attachment, which will then cause of one of two things to happen, both of which are bad.   Either by downloading the attachment, you will either unwittingly download keystroke logging malware that will steal the information from your computer and use it to make you a victim of identity theft or the download will, under the guise of providing greater security to you, require you to provide personal information that will be used to make you a victim of identity theft.  Here is a copy of the email I received.  DO NOT CLICK ON THE LINK OR DOWNLOAD THE ATTACHMENT.   You can see that the email looks quite legitimate and the logo looks real.  However, one good indication that this is a scam is that the salutation is “Dear Customer” instead of inserting a real name.


Dear Customer,

We’re writing to let you know that your online account has been temporarily

suspended due to recent access to your account from an unknown IP address.

To re-activate your account, download “Navy_Federal_Update_Form”

attached to this message and complete the process.

Thank you for helping us serve you .

Yours sincerely,
� 2015 Navy Federal Credit Union, All Rights Reserved.


My advice whenever you get an email or text message with an attachment or a link is not to download the attachment or click on the link unless you have confirmed that it is legitimate.  In this case, I am certain that this is a scam because, among other indications, I do not have an account with the Navy Federal Credit Union.  However, even if I did, I would not click on the link or download any attachment.  Instead I would call the Navy Federal Credit Union at a telephone number that I knew was accurate to check on this email.