What do you think is more secure- a complicated password or a 4-digit pin?
Watch as Mike Slaugh from USAA Financial Crimes Prevention shares how multi-factor authentication can provide an extra layer of security to your accounts.
Learn more at usaa.com/securitycenter
Forward all "fishing" attempts to firstname.lastname@example.org I get them almost weekly now. First hint: Member number msiing in upper right corner. Contact information missing on bottom of email. Otherwise, they look pretty convincing. Never click any link and delete right after forwarding!
I would appreciate a collaborative approach involving information sharing when such an email Is forwarded. A response indicating the actions taken, source IPS, or as close to source as could be identified, and the precise purpose and techniques being used should we have fallen for it rather than forwarded to abuse. Even just a response with an ID that categorizes your phish into a group of the exact same ones reported and a smaller central database accessible to USAA members would work. As they say, knowledge is power, and this type of information could be used to help protect others and allow knowledgeable USAA members to investigate with that information in a crowd sourced type of way that would provide more resources than would be reasonable for USAA to supply on its own. Thoughts? Roadblocks?
I already do multifactor authentication using my cellphone. However, an even stronger authentication is possible using a physical security key like Yubikey that uses FIDO2 or U2F public standards. These keys are nearly foolproof and extremely easy to use. I already use a security key for one of my other financial institutions. Does USAA plan on supporting these keys anytime in the near future?
Like DewClaw, I'm interested in knowing if adoption of YubiKey is on USAA's roadmap ?
Thanks for your comment. We absolutely appreciate your partnership and support in using multifactor authentication. USAA believes this is the best approach in preventing fraud. While we don’t have a FIDO option for our members, we are continuously exploring new, enhanced methods to bridge security and simplicity together. Thanks again for your input.
@Jasg27, Thank you for your comment, I have reached out to the Security team with your suggestions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.