Hackers Impersonating US Navy Federal Credit Union to Steal Customer Accounts
Hackers have launched an email phishing campaign targeting US Navy Federal Credit Union account holders. The phishing emails impersonate official credit union communications. The messaging informs the user they have received a stimulus check and need to validate some information to accept the money. When the recipient follows the instructions in the hacker’s email, they are redirected to a malicious website that steals account information. According to a report by email security company, Abnormal Security, this attack affects over 70,000 account holders.
The email sent on Office 365 by hackers impersonates the US Navy Federal Credit Union. The email is designed to trick the recipient into thinking it is an official email from their credit union. The body of the email states that the recipient is to receive an $1,100 dollars deposit as a so-called stimulus payment. The recipient should be immediately suspicious of this email since “stimulus payment” is not an official name for the Coronavirus Aid, Relief, and Economic Security (CARES) Act.
Chip Kohlweiler, US Navy Federal Credit Union Vice President of security, said in a statement: “We’re aware of the various ways fraudsters try to steal information, and our team is constantly taking steps to protect our members’ information and accounts. In addition, we regularly provide our members with tips on how they can avoid phishing scams. We encourage everyone to be wary of unsolicited messages and to follow best practices when it comes to email security.”
The email urges the user to click on a link in the email to validate tehri credit union account to that they may receive the money. The link in the email is cloaked so hide the website name, If the user clicks on the link, they are sent to a spoof website that prompts them for account login credentials. The landing page is designed to trick the reader into thinking it is a legitimate Navy Credit Union website. When they enter their account details to supposedly validate the account, the information is sent to the hackers and their credit union account is now compromised.
US Navy Federal Credit Union Phishing Email Content
and states that the user has received $1,100 dollars due to the COVID-19 pandemic. The message claims that if the user has not received funds, they must validate their account with the link provided, which directs them to a phishing credentials webpage.
- The recipient’s email address is in the BCC field. The “TO” field sends the email back to the sender
- The mail greeting does not contain personalization – meaning it does use the recipient’s name in the first line
How Can I Tell If a Navy Credit Union Email Is Fake?
- The official name of the program is, “economic impact payment”
- Although some call its stimulus check or stimulus money this is not an official phrase used by governmental agencies or banks
- The economic impact payment amount is $1200 per individual, not $100 as the phishing email states
- No bank or agency will contact you to inform you that you need to take action to receive your economic impact payment
- If you are eligible your payment will be direct deposited to your bank account. No action by you is needed to “accept” the money
How Can We Prevent Phishing?
Protect Yourself from Phishing Scams
- Be suspicious of all emails you receive, even if it the email appears to be from someone you know
- Keep in mind, hackers send emails using contacts names of your friends or companies you do business with
- Never click on any links in a suspicious email
- Do not open any attachments contained in a suspicious email. When in doubt call the sender first to verify they sent an attachment
- Do not follow instructions in any email to send sensitive information as a reply email or to go to a website to submit the data
- Use antimalware application to filter phishing emails and detect malicious websites.