In early November, USAA members began receiving email claiming to be from USAA with the
subject line: USAA Protection Alert. In an elaborate scheme, the email informs members about a
failed usaa.com login attempt and to click on a link to update their identity.
Clicking on the link directs the member first to a counterfeit website to log on. Logging on
produces the second website, asking for a PIN. Clicking "Next" produces another website asking
for the member to set up security questions and after clicking "Next" again, a final website opens,
asking for the member's sensitive information including:
Card Holder's Name* Card Number Expire Date*
Card Verification Code* Billing Address* Billing Zip Code*
Billing Phone Number* Email Address* Email Password*
Although the e-mail includes a USAA logo and appears to be from USAA, it is not.
This is a phishing scam - targeting USAA Members / Military Personnel
Recently Joint Base Lewis-McChord personnel have reported receiving this phishing scam.
If you get an email or pop-up message that asks for personal or financial information, do not
reply. And don’t click on the link in the message, either. Legitimate companies don’t ask for this
information via email. If you are concerned about your account, contact the organization
mentioned in the email using a telephone number you know to be genuine, or open a new Internet
browser session and type in the company’s correct Web address yourself. In any case, don’t cut
and paste the link from the message into your Internet browser — phishers can make links look
like they go to one place, but that actually send you to a different site.
Need help Identifying TA-50 Items?