CERT mailing list archives
Current Activity - USAA Phishing Scam and Malware Campaign
From: Current Activity <us-cert () us-cert gov>
Date: Tue, 20 Dec 2011 11:16:29 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity USAA Phishing Scam and Malware Campaign Original release date: December 20, 2011 at 11:00 am Last revised: December 20, 2011 at 11:00 am US-CERT is aware of public reports of an active spear-phishing attack via email messages directed at United Services Automobile Association (USAA) members. These messages contain the subject line "Direct Posted" and contain a randomly generated four-digit number placed in the USAA security zone section. The messages ask users to open an attached file containing malicious software that if activated could provide access to a user's personal information. US-CERT encourages users to do the following to help mitigate the risk: * Review the alert posted by USAA regarding this issue. * Do not open attachments in email messages from unknown sources. * Refer to Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams. * Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks. * Install anti-virus software and keep virus signature files up to date. Relevant Url(s): <http://www.us-cert.gov/cas/tips/ST04-014.html> <http://www.us-cert.gov/reading_room/emailscams_0905.pdf> <https://www.usaa.com/inet/pages/2011_19_12_deposit_phish_scam> ==== This entry is available at http://www.us-cert.gov/current/index.html#usaa_phishing_scam_and_malware -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTvC01D/GkGVXE7GMAQIbJgf/d1h8JzPGfMDQGZaPfVWz0cH2IbkBjpWd mSRecnjFVBKebsz6liJFk2h+11RGdCz0AX97YAJLnx2sjiOWrj49pjK08T3bSq6P cTU7BHyBX2K7jsxlrorQqW8WyQuPXR/7ZpVV4rINBf0E6e/cblN/51Yylz9mtUVM rmYKM5v96fXwyi5Hzl1mCJ3x4Cgj8H9mMMGqb04lcO3v6JeIUw6hxoUbZw0esrGk Zlc1rRO+RIs45J9UEgSpqaZYL7wgZNbiJFhuscaUenN74TU6XZhs5HrekE+pEsuZ dipPa7OsgHszwXbDSgMrqEIe4TqM93rDT7rpimgLCH8qrTGbep8z+Q== =tMFF -----END PGP SIGNATURE-----
Current thread:
- Current Activity - USAA Phishing Scam and Malware Campaign Current Activity (Dec 20)