USAA
Community Manager
Community Manager

Updated September 2021
How to Detect Imposter Scams USAA Community.jpg

Text Messages


BUZZ, BUZZ, BUZZ

 

You look at your phone and you have a new text message saying it is USAA. The message tells you to click this link and download a new app to secure your identity or customer account. It’s strange because you’ve never received a text from USAA at this number before, and you already have the USAA app downloaded, or at least you thought?

 

STOP! Don’t click that link. There are a number of red flags to watch out for to recognize a phishing attack. Although this trick is commonly employed over email, savvy thieves are now trying to install ransomware or steal your financial or personal information by impersonating a bank, credit card company or service provider by phone calls or even text messages. Phishing is when a fraudster tricks a consumer into providing their personal information through a fake app or website. The site may appear have a copy of USAA’s or another company’s logo and appears legit. So how do you tell it’s not?

 

Follow these tips to detect a scam by text and protect your identity:

  • Check the number and search for how USAA has texted you in the past. Are they different? Don’t click the link!

  • Is this message irregular? If you have not recently conducted business, used your cards or logged into USAA via the app, mobile or desktop, it may feel out of context to be receiving this request. Don’t click it!

  • Are they using the right terminology for you and your account? USAA commonly refers to you as a member but this text message says “customer.” Don’t click it!

 

REMEMBER: Do not download any software or click on unknown links sent to you by email or text! USAA will never ask you to download software in an email or while you are on the phone with us. Use the USAA Mobile app for secure access.

Emails

 

There are some easy ways to ensure the email is from USAA. Our emails include a Security Zone to help you distinguish a legitimate email from a fraudulent one. Here is what to look for to help identify authentic USAA emails:

USAA Security Zone USAA Community.png


Always hover over the sender’s email address to verify who it is from. USAA will only send emails from an address that clearly indicates it is from USAA.

    • A personalized stamp will be at the top right corner of USAA emails.

    • The stamp will include your first and last name and the last four digits of your USAA member number.

    • To be effective, you must verify the spelling of your first and last name and the accuracy of the last four digits of your USAA member number every time you receive an email from USAA.

Phone Calls

RING, RING, RING

 

The caller ID says “USAA” across the top. It’s not a 1-800 or a 1-877 number, but when you answer, the caller says they are with USAA Bank and now asks for your customer service identification number to verify you. The caller may offer to assist with installing software you need for your financial services … what do you do?

 

STOP! Don’t share your personal information before verifying the caller. If USAA is calling you, we will never ask for your “customer” identification number, credit card number or other personal information.

 

Follow these tips to detect a scam by a phone call and protect your identity:

  • Do not share security or personal data: USAA will never call you and then ask you for your one-time verification code, USAA PIN, password or other personal identification details.

  • Always know you can call USAA at 1-800-531-8722 to determine if any request for information is valid. When you call us, know that we’ll use the multifactor identification code from your phone to verify you.

 

“Grandpa, I need your help. My car won’t start. Please send me money using this app…” OR

 

“Hi, how are you? I can’t deposit any money into my bank account because I am deployed. Can you send me some money for my phone card so we can continue talking? I really miss you.”

 

STOP! Imposters have many tricks up their sleeves when they are trying to access your information or steal your assets. As discussed above, it could be by impersonating a company through a phone call, email or text, but now they are even trying to contact you on third-party social platforms, like Facebook or Twitter, or through dating apps and sites.

 

Follow these tips to avoid a grandparent or romance scam:  

  • Never send money to someone you don’t know in real life, especially using a third-party app like Zelle, CashApp, etc.

  • If someone claims to be a family member, verify with that family member by calling them directly! If you think your grandson needs help, call him or call his parents before sending money unintentionally to a scammer.

  • Do your research. If you are getting to know someone online, make sure you look them up, validate they are who they say they are. Some also claim to not have access to common resources overseas because they are serving, which is often untrue.

 

If any of these situations should happen to you, reach out for advice before giving out any personal information. Call USAA at 1-800-531-8722. And, if you get a suspicious email, text, instant message or phone call, you can report it to USAA by emailing abuse@usaa.com or to the Federal Trade Commission at ftc.gov/complaint.

 

If a scam does trip you up in real life, get help! The FBI has an Internet Crime Complaint Center at ic3.gov. You can also report identity theft to the Federal Trade Commission to 1-877-ID-THEFT (84338).

 

There are also some easy ways to ensure a text message is from USAA.  Based on your request, USAA may send a one-time code as part of its multi-factor authentication process, which will look like this:USAA Community Text Example.png

 

REPORT! Even if you didn’t share personal information or click a questionable link, if you suspect fraud, let us know so we can help prevent it to protect you and other members in the future.

  • If you receive a suspicious call from someone claiming to be USAA and is requesting account information or security credential information, hang up immediately!

  • If you provided any personal identifiable information prior to hanging up, alert USAA at 877-762-7256.

  • If you did not provide any information, you should still send an email to abuse@usaa.com reporting the phone number or text message and message details. This helps us to actively work to shut down fraudulent callers, sites and emails.

 

Imposters can come from the least expected places and they are constantly changing their tactics. That’s why it is so important to always be on alert. While USAA uses sophisticated detection processes, we are most effective in fighting fraud when we work together with our members.

 

NC0921

8 Comments
Comrades
Contributor
wow
DoggyMom
Contributor

"Our emails include a Security Zone . . ."

 

What is a Security Zone? I have no idea what this means.

Briana Hartzell USAA
Administrator
Administrator

Hi @DoggyMom 

Thank you for your comment. The security zone is section in the top right corner of every email you receive from USAA. It looks like this:

 

USAA Security Zone.JPG

 

I hope this helps!

 

Thank you,

Briana

 

Chris139
New Member

I never thought I would fall victim to a phone scam and I feel violated. This guy called claiming to be from USAA (phone number was 800-531-8722) which I knew to be USAA's main number. He said he was calling to let my wife and I know there were fraudulent charges made to our checking account, between the chaos of my wife and I arguing while on the phone with this guy things just got out of control. I gave him information that I should never have given. I don't know how he knew what he knew but the aftermath of the situation is scary. How did he know we were members, how did he know my cell number and both our names. I am still struggling with this. Don't ever trust anyone who calls you. Hang up and call them back to verify they are legitimate. I hope no one goes through this. 

USAA Social Service
USAA Service
USAA Service

Good morning, Chris139.  We can understand your concern. I will have this matter looked into and appreciate you letting us know. ~JD

Nkoj Htims
Occasional Visitor

The security zone is good except USAA don't always use it!

usnret
Visitor

".... Do not share security or personal data: USAA will never call you and then ask you for your one-time verification code, USAA PIN, password or other personal identification details. ...."

How ironic then that this is exactly what you just did to me.  Somebody from USAA just called and asked me to reveal personal information allegedly on file in order to verify my association with one of my accounts.  I offered to confirm or correct what you say is in my file rather than the other way around, which is exactly what a scammer would want me to do: provide information that he doesn't have.

 

You should conform to your own advice.

Irish Faerie
Occasional Visitor

Your article says "Use the USAA Mobile app for secure access."  I can't believe a bank would recommend this.  That is the WORST possible thing you could do.  A mobile device is a *very* high security risk. With 3½ billion smartphones in use, mobile devices are the *number one* target for those who want to take your money and your identity. Apple and Android stores let users download apps that steal your data from other apps and/or record your interactions.  Never use your phone to access information that you don’t want stolen. Especially, do not install financial apps like USAA. The app itself may be secure, but your phone is not.