US armed forces bank accounts under cyberattack on the home front

By Dave Michmerhuizen – Research Scientist

Criminals who steal computer passwords to break into bank accounts will target anyone, anywhere – even America's men and women in uniform.  The honeypots at Barracuda Labs have detected a new outbreak of a recurring phishing scheme that impersonates USAA, the United Services Automobile Association.  The USAA serves military personnel and their families and is one of the largest financial institutions in America.

These spams should be easy to spot if you're paying attention.  The link in the message points to a gibberish URL hosted on a dotted IP address.

You should never click on such a link.  However, if you did you would see an impersonation of the USAA home page.  Even with the copied graphics this attempt is rather ham-handed, as the same unusual URL displays in the URL bar of the browser.  Not only that, but the real USAA website uses HTTPS to keep your login safe – the phishing site does not.

Entering your account name and password here sends it to a script on the phishing site.  As if that weren't enough, you are then asked for all sorts of other personal information, which is then used to carry out sustained identity theft.

Bogus “security alerts” are a favorite of spammers because they trigger the fear that something might be wrong with your financial accounts.  The truth is, the vast majority of these sorts of emails are the first step in an attempt to steal your identity and your money.

Make sure you practice good internet security habits.  Don't click on links in unsolicited emails.  If you have doubts about your accounts at an institution, visit their website independently by entering the name in your browser.  Make certain the institution's domain name is displayed in the browser.  Insist on HTTPS when banking on the internet.

Barracuda Networks customers using the Barracuda Spam & Virus Firewall are protected from these emails.