Updated September 2021

Text Messages

BUZZ, BUZZ, BUZZ

You look at your phone and you have a new text message saying it is USAA. The message tells you to click this link and download a new app to secure your identity or customer account. It’s strange because you’ve never received a text from USAA at this number before, and you already have the USAA app downloaded, or at least you thought?

STOP! Don’t click that link. There are a number of red flags to watch out for to recognize a phishing attack. Although this trick is commonly employed over email, savvy thieves are now trying to install ransomware or steal your financial or personal information by impersonating a bank, credit card company or service provider by phone calls or even text messages. Phishing is when a fraudster tricks a consumer into providing their personal information through a fake app or website. The site may appear have a copy of USAA’s or another company’s logo and appears legit. So how do you tell it’s not?

Follow these tips to detect a scam by text and protect your identity:

• Check the number and search for how USAA has texted you in the past. Are they different? Don’t click the link!
  
  
• Is this message irregular? If you have not recently conducted business, used your cards or logged into USAA via the app, mobile or desktop, it may feel out of context to be receiving this request. Don’t click it!
  
  
• Are they using the right terminology for you and your account? USAA commonly refers to you as a member but this text message says “customer.” Don’t click it!

REMEMBER: Do not download any software or click on unknown links sent to you by email or text! USAA will never ask you to download software in an email or while you are on the phone with us. Use the USAA Mobile app for secure access.

Emails

There are some easy ways to ensure the email is from USAA. Our emails include a Security Zone to help you distinguish a legitimate email from a fraudulent one. Here is what to look for to help identify authentic USAA emails:

Always hover over the sender’s email address to verify who it is from. USAA will only send emails from an address that clearly indicates it is from USAA.

• • A personalized stamp will be at the top right corner of USAA emails.
    
    
  • The stamp will include your first and last name and the last four digits of your USAA member number.
    
    
  • To be effective, you must verify the spelling of your first and last name and the accuracy of the last four digits of your USAA member number every time you receive an email from USAA.
    
    

Phone Calls

RING, RING, RING

The caller ID says “USAA” across the top. It’s not a 1-800 or a 1-877 number, but when you answer, the caller says they are with USAA Bank and now asks for your customer service identification number to verify you. The caller may offer to assist with installing software you need for your financial services … what do you do?

STOP! Don’t share your personal information before verifying the caller. If USAA is calling you, we will never ask for your “customer” identification number, credit card number or other personal information.

Follow these tips to detect a scam by a phone call and protect your identity:

• Do not share security or personal data: USAA will never call you and then ask you for your one-time verification code, USAA PIN, password or other personal identification details.
  
  
• Always know you can call USAA at 1-800-531-8722 to determine if any request for information is valid. When you call us, know that we’ll use the multifactor identification code from your phone to verify you.

“Grandpa, I need your help. My car won’t start. Please send me money using this app…” OR

“Hi, how are you? I can’t deposit any money into my bank account because I am deployed. Can you send me some money for my phone card so we can continue talking? I really miss you.”

STOP! Imposters have many tricks up their sleeves when they are trying to access your information or steal your assets. As discussed above, it could be by impersonating a company through a phone call, email or text, but now they are even trying to contact you on third-party social platforms, like Facebook or Twitter, or through dating apps and sites.

Follow these tips to avoid a grandparent or romance scam:  

• Never send money to someone you don’t know in real life, especially using a third-party app like Zelle, CashApp, etc.
  
  
• If someone claims to be a family member, verify with that family member by calling them directly! If you think your grandson needs help, call him or call his parents before sending money unintentionally to a scammer.
  
  
• Do your research. If you are getting to know someone online, make sure you look them up, validate they are who they say they are. Some also claim to not have access to common resources overseas because they are serving, which is often untrue.

If any of these situations should happen to you, reach out for advice before giving out any personal information. Call USAA at 1-800-531-8722. And, if you get a suspicious email, text, instant message or phone call, you can report it to USAA by emailing abuse@usaa.com or to the Federal Trade Commission at ftc.gov/complaint.

If a scam does trip you up in real life, get help! The FBI has an Internet Crime Complaint Center at ic3.gov. You can also report identity theft to the Federal Trade Commission to 1-877-ID-THEFT (84338).

There are also some easy ways to ensure a text message is from USAA.  Based on your request, USAA may send a one-time code as part of its multi-factor authentication process, which will look like this:

REPORT! Even if you didn’t share personal information or click a questionable link, if you suspect fraud, let us know so we can help prevent it to protect you and other members in the future.

• If you receive a suspicious call from someone claiming to be USAA and is requesting account information or security credential information, hang up immediately!
  
  
• If you provided any personal identifiable information prior to hanging up, alert USAA at 877-762-7256.
  
  
• If you did not provide any information, you should still send an email to abuse@usaa.com reporting the phone number or text message and message details. This helps us to actively work to shut down fraudulent callers, sites and emails.

Imposters can come from the least expected places and they are constantly changing their tactics. That’s why it is so important to always be on alert. While USAA uses sophisticated detection processes, we are most effective in fighting fraud when we work together with our members.

NC0921