U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

USAA Phishing Scam and Malware Campaign

Original release date: December 20, 2011 | Last revised: October 23, 2012

US-CERT is aware of public reports of an active spear-phishing attack via email messages directed at United Services Automobile Association (USAA) members. These messages contain the subject line "Deposit Posted" and contain a randomly generated four-digit number placed in the USAA security zone section. The messages ask users to open an attached file containing malicious software that if activated could provide access to a user's personal information.

US-CERT encourages users to do the following to help mitigate the risk:

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top