It’s the riskiest time of year for scammers to break through and ruin your holiday cheer. USAA employee Mia A. tells her story to help other employees avoid ruining the festivities by accidentally giving fraudsters access to USAA systems.
Earlier this fall, I received an email from the USAA mail room notifying me that a package had been delivered to me through UPS at the San Antonio office. Since I’m working remote, I followed the instructions to have the package delivered to my home. Two days later, a box arrived with a huge gold bow. The box contained gold confetti, a $500 Amazon gift card and a note. My first emotion, before reading the note, was excitement as I began to think about all the Christmas presents I could buy my almost 2-year-old daughter.
The first red flag occurred when I proceeded to inspect the gift card, noticing it did not have a barcode on the back. Then, I opened the note that read “Our company is truly grateful for being our loyal customer for a long time, so we would like to send you $500 gift card. You can spend it on any goods from the list that you will find on the USB stick. Thanks again for choosing us!”
Before reading the note, I had thought the gift came from USAA, but then I realized that it was sent to USAA from an outside source that considered me a “customer.” This statement was the second red flag, and it started to cause some concern.
The last red flag was the particular direction to choose specifically from the list on a USB drive that was buried under all the confetti. I inspected all items for a few minutes and reached out to a couple close teammates to confirm my initial thought that this was in fact a phishing attempt to gain access to USAA systems. They both agreed with my suspicion. At all times, I kept the USB away from my corporate laptop, as I felt strongly that it was a threat.
Even though I was disappointed about not receiving such a gift, I knew I had to act quickly to report this. So, I contacted my director and requested guidance and he instructed me how to proceed.
I strongly believe that these scammers use the holiday season to target vulnerable people. Knowing people are busy and distracted during the holidays, they use any means possible this time of year. I want to encourage everyone to remain vigilant in protecting yourself and USAA from fraud.