"Deposit Posted." Phishing Attack Targets US DOD

January 2, 2011

A recent aggressive phishing attack is making the rounds in an email which appears be from USAA, a financial services company that serves military members, their families, and veterans. The email subject begins with "Deposit Posted."

Members are asked to open a Zeus-infected attached file. Once opened, it launches a malicious virus which could provide access to personal information and may require a complete reinstall of the computer operating system.

Anyone who gets caught by phishing scams loses money, time and security. Phishing is usually an unsolicited email that prompts an action, such as divulging secure information, downloading potentially dangerous files, or sending money to an unknown source.

Other attacks have been directed at U.S. military installations and defense facilities. Official-looking emails appear to come from a senior officer or other authority figure not known to the recipient, instructing the recipient to download and install software. This is often portrayed as a critical security measure that must be immediately deployed.

What actually happens is that the software is either a Trojan Horse that will destroy systems and networks, or data-mining software that will now be past firewall defenses.

Phishers prey on greed, fear, and especially for military targets, obedience to authority. They have become increasingly sophisticated, and create official-looking emails and design sites for gathering data.

Be wary of any unsolicited email that requests secure information or instructs you to download software, G-6 officials warn. It is extremely rare for any financial institution, including PayPal and Ebay, to ask for such information.

Check official websites for information on how to recognize fraudulent emails and sites, said G-6 officials. Always get confirmation from a trusted source before downloading and installing software, they said, adding if something doesn't seem quite right, it probably isn't.