CERT mailing list archives

Previous By Date Next
Previous By Thread Next

Current Activity - USAA Phishing Scam and Malware Campaign

From: Current Activity <us-cert () us-cert gov>
Date: Tue, 20 Dec 2011 11:16:29 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

USAA Phishing Scam and Malware Campaign

Original release date: December 20, 2011 at 11:00 am
Last revised: December 20, 2011 at 11:00 am


US-CERT is aware of public reports of an active spear-phishing attack
via email messages directed at United Services Automobile Association
(USAA) members. These messages contain the subject line "Direct
Posted" and contain a randomly generated four-digit number placed in
the USAA security zone section. The messages ask users to open an
attached file containing malicious software that if activated could
provide access to a user's personal information.

US-CERT encourages users to do the following to help mitigate the
risk:
  * Review the alert posted by USAA regarding this issue.
  * Do not open attachments in email messages from unknown sources.
  * Refer to Recognizing and Avoiding Email Scams (pdf) document for
    more information on avoiding email scams.
  * Refer to the Avoiding Social Engineering and Phishing Attacks
    document for more information on social engineering attacks.
  * Install anti-virus software and keep virus signature files up to
    date.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

<https://www.usaa.com/inet/pages/2011_19_12_deposit_phish_scam>

====
This entry is available at
http://www.us-cert.gov/current/index.html#usaa_phishing_scam_and_malware

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTvC01D/GkGVXE7GMAQIbJgf/d1h8JzPGfMDQGZaPfVWz0cH2IbkBjpWd
mSRecnjFVBKebsz6liJFk2h+11RGdCz0AX97YAJLnx2sjiOWrj49pjK08T3bSq6P
cTU7BHyBX2K7jsxlrorQqW8WyQuPXR/7ZpVV4rINBf0E6e/cblN/51Yylz9mtUVM
rmYKM5v96fXwyi5Hzl1mCJ3x4Cgj8H9mMMGqb04lcO3v6JeIUw6hxoUbZw0esrGk
Zlc1rRO+RIs45J9UEgSpqaZYL7wgZNbiJFhuscaUenN74TU6XZhs5HrekE+pEsuZ
dipPa7OsgHszwXbDSgMrqEIe4TqM93rDT7rpimgLCH8qrTGbep8z+Q==
=tMFF
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: