USAA

COMMUNITY

USAA · September 01, 2020

Updated September 2021
How to Detect Imposter Scams USAA Community.jpg

Text Messages

BUZZ, BUZZ, BUZZ

You look at your phone and you have a new text message saying it is USAA. The message tells you to click this link and download a new app to secure your identity or customer account. It’s strange because you’ve never received a text from USAA at this number before, and you already have the USAA app downloaded, or at least you thought?

STOP! Don’t click that link. There are a number of red flags to watch out for to recognize a phishing attack. Although this trick is commonly employed over email, savvy thieves are now trying to install ransomware or steal your financial or personal information by impersonating a bank, credit card company or service provider by phone calls or even text messages. Phishing is when a fraudster tricks a consumer into providing their personal information through a fake app or website. The site may appear have a copy of USAA’s or another company’s logo and appears legit. So how do you tell it’s not?

Follow these tips to detect a scam by text and protect your identity:

Check the number and search for how USAA has texted you in the past. Are they different? Don’t click the link!
Is this message irregular? If you have not recently conducted business, used your cards or logged into USAA via the app, mobile or desktop, it may feel out of context to be receiving this request. Don’t click it!
Are they using the right terminology for you and your account? USAA commonly refers to you as a member but this text message says “customer.” Don’t click it!

REMEMBER: Do not download any software or click on unknown links sent to you by email or text! USAA will never ask you to download software in an email or while you are on the phone with us. Use the USAA Mobile app for secure access.

Emails

There are some easy ways to ensure the email is from USAA. Our emails include a Security Zone to help you distinguish a legitimate email from a fraudulent one. Here is what to look for to help identify authentic USAA emails:

USAA Security Zone USAA Community.png

Always hover over the sender’s email address to verify who it is from. USAA will only send emails from an address that clearly indicates it is from USAA.

- A personalized stamp will be at the top right corner of USAA emails.
- The stamp will include your first and last name and the last four digits of your USAA member number.
- To be effective, you must verify the spelling of your first and last name and the accuracy of the last four digits of your USAA member number every time you receive an email from USAA.

Phone Calls

RING, RING, RING

The caller ID says “USAA” across the top. It’s not a 1-800 or a 1-877 number, but when you answer, the caller says they are with USAA Bank and now asks for your customer service identification number to verify you. The caller may offer to assist with installing software you need for your financial services … what do you do?

STOP! Don’t share your personal information before verifying the caller. If USAA is calling you, we will never ask for your “customer” identification number, credit card number or other personal information.

Follow these tips to detect a scam by a phone call and protect your identity:

Do not share security or personal data: USAA will never call you and then ask you for your one-time verification code, USAA PIN, password or other personal identification details.
Always know you can call USAA at 1-800-531-8722 to determine if any request for information is valid. When you call us, know that we’ll use the multifactor identification code from your phone to verify you.

“Grandpa, I need your help. My car won’t start. Please send me money using this app…” OR

“Hi, how are you? I can’t deposit any money into my bank account because I am deployed. Can you send me some money for my phone card so we can continue talking? I really miss you.”

STOP! Imposters have many tricks up their sleeves when they are trying to access your information or steal your assets. As discussed above, it could be by impersonating a company through a phone call, email or text, but now they are even trying to contact you on third-party social platforms, like Facebook or Twitter, or through dating apps and sites.

Follow these tips to avoid a grandparent or romance scam:

Never send money to someone you don’t know in real life, especially using a third-party app like Zelle, CashApp, etc.
If someone claims to be a family member, verify with that family member by calling them directly! If you think your grandson needs help, call him or call his parents before sending money unintentionally to a scammer.
Do your research. If you are getting to know someone online, make sure you look them up, validate they are who they say they are. Some also claim to not have access to common resources overseas because they are serving, which is often untrue.

If any of these situations should happen to you, reach out for advice before giving out any personal information. Call USAA at 1-800-531-8722. And, if you get a suspicious email, text, instant message or phone call, you can report it to USAA by emailing abuse@usaa.com or to the Federal Trade Commission at ftc.gov/complaint.

If a scam does trip you up in real life, get help! The FBI has an Internet Crime Complaint Center at ic3.gov. You can also report identity theft to the Federal Trade Commission to 1-877-ID-THEFT (84338).

There are also some easy ways to ensure a text message is from USAA. Based on your request, USAA may send a one-time code as part of its multi-factor authentication process, which will look like this: USAA Community Text Example.png

REPORT! Even if you didn’t share personal information or click a questionable link, if you suspect fraud, let us know so we can help prevent it to protect you and other members in the future.

If you receive a suspicious call from someone claiming to be USAA and is requesting account information or security credential information, hang up immediately!
If you provided any personal identifiable information prior to hanging up, alert USAA at 877-762-7256.
If you did not provide any information, you should still send an email to abuse@usaa.com reporting the phone number or text message and message details. This helps us to actively work to shut down fraudulent callers, sites and emails.

Imposters can come from the least expected places and they are constantly changing their tactics. That’s why it is so important to always be on alert. While USAA uses sophisticated detection processes, we are most effective in fighting fraud when we work together with our members.

NC0921

Comrades · September 14, 2020

wow

DoggyMom · October 15, 2020

"Our emails include a Security Zone . . ."

What is a Security Zone? I have no idea what this means.

Briana Hartzell USAA · October 16, 2020

Hi @DoggyMom

Thank you for your comment. The security zone is section in the top right corner of every email you receive from USAA. It looks like this:

USAA Security Zone.JPG

I hope this helps!

Thank you,

Briana

Chris139 · August 27, 2021

I never thought I would fall victim to a phone scam and I feel violated. This guy called claiming to be from USAA (phone number was 800-531-8722) which I knew to be USAA's main number. He said he was calling to let my wife and I know there were fraudulent charges made to our checking account, between the chaos of my wife and I arguing while on the phone with this guy things just got out of control. I gave him information that I should never have given. I don't know how he knew what he knew but the aftermath of the situation is scary. How did he know we were members, how did he know my cell number and both our names. I am still struggling with this. Don't ever trust anyone who calls you. Hang up and call them back to verify they are legitimate. I hope no one goes through this.

USAA Social Service · August 27, 2021

Good morning, Chris139. We can understand your concern. I will have this matter looked into and appreciate you letting us know. ~JD

Nkoj Htims · October 15, 2021

The security zone is good except USAA don't always use it!

usnret · October 16, 2021

".... Do not share security or personal data: USAA will never call you and then ask you for your one-time verification code, USAA PIN, password or other personal identification details. ...."

How ironic then that this is exactly what you just did to me. Somebody from USAA just called and asked me to reveal personal information allegedly on file in order to verify my association with one of my accounts. I offered to confirm or correct what you say is in my file rather than the other way around, which is exactly what a scammer would want me to do: provide information that he doesn't have.

You should conform to your own advice.

Irish Faerie · October 17, 2021

Your article says "Use the USAA Mobile app for secure access." I can't believe a bank would recommend this. That is the WORST possible thing you could do. A mobile device is a *very* high security risk. With 3½ billion smartphones in use, mobile devices are the *number one* target for those who want to take your money and your identity. Apple and Android stores let users download apps that steal your data from other apps and/or record your interactions. Never use your phone to access information that you don’t want stolen. Especially, do not install financial apps like USAA. The app itself may be secure, but your phone is not.

USAA Social Service · October 18, 2021

Hello @usnret, certainly get your concerns when it comes to privacy and possible scams. With so many robo calls these days it is unsure who is calling us. However, if you unsure about a call you get from USAA, you may ask them to notate your profile and you will reach back out to them via USAA's phone number or/and forward the number that called you to abuse@usaa.com to verify the number. ~Marco

Sheeky · October 27, 2021

As I was reading this article I saw something about USAA phone numbers well sometime I speak with people from USAA and the numbers start with area code 210. I think that members should also know this. From what I understand there call center representatives or work from home due to the pandemic.

Briana Hartzell USAA · October 28, 2021

Thanks for commenting @Sheeky

You are correct that the number may also appear as: 210-531-8722.

Thanks again!
Briana

RetUSA · October 30, 2021

A scam that isn't mentioned here, one that I experienced just this past week, is a Security Breach alert while browsing on a tablet, the only use for it. The pop-up was IDENTICAL to the screens appearing when I am in contact with service support at Microsoft. So much so that after a few minutes consideration, I went to the computer and called the number provided - which ALSO appeared to be associated with MS.
I called the number, the guy was great - he answered with a name, an extension, an employee ID# and '24 x 7 support.'
Foolishly, after some minutes in 'conversation' I granted remote access. He wasn't answering my direct questions but returned to what was clearly a script. I challenged his script more than once.
Eventually, we got to the meat. He was 'offering' service 'protection' at the rates of $299.99 for one year, $599.99 for 5 years OR "since you are obviously an elderly person receiving social security payments" we have a special LIFETIME $699.99 for you.

I cut him off - cancelled remote access within seconds of the call. Contacted my service provider to determine if the router had been hacked. Froze my bank accounts and took the computer to a technician to determine what, if any damage had been done.

Nothing had been compromised - they just wanted money which they didn't get.

BOTTOM LINE - DO NOT fall for any of those online 'security breach alerts.' Turn everything off and begin again. BTB, I don't save anything to that cloud nor do I allow my passwords, etc. be saved online.

Briana Hartzell USAA · November 01, 2021

Thanks for sharing @RetUSA

Its frightening how good these scam artists are getting! I am glad you shared so others can learn and keep their information protected!

Briana Hartzell USAA · November 02, 2021

Moved:

@SJEANOOBB291 I am so sorry to hear about your situation. In order to keep you updated in one place, I have moved this comment into your other thread. Thank you for taking the time to post here in the Community.

Pagliaccio · August 06, 2022

I was trying to make an online purchase, which went to a screen requiring a one-time code (I thought maybe it was part of the process). I foolishly clicked to send me a code and immediately received an email from USAA Web Services showing in my inbox as: "USAA.Web.Services@customermail.usaa.com"<usaa.web.services@customermail.usaa.com>. I later looked and saw the security zone had the last 4 of my card. but since it looked legit at the moment, I used the code sent.

I then received an email to call USAA. This one had the security zone with the correct number.

I forward that first email to the abuse@usaa.com email and strangely the reply came from "USAA <USAA.Web.Services@customermail.usaa.com>" with the title,

"Thank you for Reporting Fraud to USAA", but this email did not have the security zone in the reply.

LouLou978 · January 20, 2023

I worked for a utility company. The amount of money that the elderly get tricked out of is insane. It’s their own bank sometimes. Sometimes the scammer is the one you think is protecting your assets. You work so hard all your life, have earned every little brown penny legally and ethically only to have scumbags take it from you. It’s hard enough as it is, earning a living. I pay close to $300 a month for a 2011 paid Jetta just to keep the car protected on the streets. Insurance is exceedingly high just like everything else. Raise wages! We are treated as third world sweet shop workers while corporate America elites keep getting richer off the sweat of our backs! Raise wages! Treat workers with respect and raise their wages!