USAA, NatWest, USPS, and Costco – Top Scams of the Week

Author: Trend Micro

June 16, 2023

We’ve found lots of scams this week, including ones relating to USAA, NatWest, USPS, and
Costco. Would you have been able to spot all these scams? 

 Phishing Scams: Scammers Want Your Personal Data

Impersonating trusted brands, and under a variety of pretenses, scammers love to
spread phishing links via text message or email — always with the goal of stealing
your personally identifiable information (PII) (i.e. bank login details, email address, Social
Security number, credit card number, and more). 

The phishing links lead to phishing sites designed to record your PII, with which scammers can
commit other crimes, such as identity theft.  
Most commonly, the phishing links will take you to fake login pages where scammers can
record your login credentials and other data. In other cases, you will be taken to fake survey
forms where you could end up exposing your PII.

This week we found many phishing attempts in which scammers pose as banks or financial
service companies to exploit people.

United Services Automobile Association (USAA) Scam

We’ve reported on banking scams (fake notification emails/texts) before. This week, USAA, the
American financial services company that provides insurance, retirement, and other banking
solutions to the military and their families, is the new target:

 

Falsely claiming you need to update your USAA security settings, scammers instruct you to click
on the attached file to validate your account. If you do so, a link embedded in the file will take
you to a very convincing (but fake) USAA login page.

 

Fake USAA login page

 

Real USAA login page

The fake login page, as mentioned, is a phishing page. On it, scammers can gain access to any
login credentials you submit and use them for their own good. Don’t let them!

Stay Away from Phishing Scams

The top safety tip to avoid phishing scams is to NEVER click on any unknown attachments or
links. Or, you can use our 100% FREE tool, Trend Micro Check, to detect scams with ease!   
   
Trend Micro Check is a free browser extension and mobile app for detecting scams, phishing
attacks, malware, and dangerous links. Download today and surf the web with confidence!

 

The Trend Micro Check browser extension blocks dangerous sites in real time!

 

The Trend Micro Check app automatically detects and filters scams and spam 24/7.  

 

NatWest Email Scam

Another targeted bank this week is NatWest. Again, scammers pretend to be from NatWest and send you fake security notification emails. They try to make you worry and wonder if unusual activities are occurring with your account and ask you to run a security check using the attached link:

 

The link will take you to a fake NatWest login page that can collect any data entered into it. The scammers will record your login credentials and use them to hack into your account. Be careful and don’t click!

 

Delivery companies are also one of the most commonly impersonated business types:

USPS Tracking Scam

Tricking you into thinking that your package’s delivery was unsuccessful, scammers pose as USPS and send phishing text messages containing malicious links:

 

  •  MSG: Due to a lack of complete address information,  We have been unable to deliver your parcel.  Currently your parcel is being stored in our depot.  Click here to reschedule delivery  <URL>    USPS-ID-#383976730

As we’ve stressed many times, the links attached are phishing links that lead to phishing sites designed to record your PII.

 

A fake USPS tracking page

CVS Credit Scam

We wrote about a series of CVS scams in 2022, and this week they’ve started to circulate again. Promising you free money and credit, scammers try to lure you into clicking on fake links. Watch out!

  • CVS..Cares: <NAME>, you will forfeit a <MONEY> in-store credit if you <NAME>'t finish our survey by today. Your code is #CV000 Claim Your Unused In-store Credit Here .

Costco

Costco is another commonly impersonated company. This time around, the scammers are saying that you can win a reward simply by taking an online survey (of course it’s fake!):

  • CostcoMsg: It's almost June and we are asking select shoppers to help out and answer a couple simple questions for us. <URL>

 

Again, in the end, you will be asked to provide PII, like credit card details, which will be stolen and used by the scammers! Don’t let that happen.

 

More Tips to Stay Safe Online   

  • Double-check the sender’s mobile number/email address. Even if it seems legitimate, think twice before you take any action.     
  • Free gifts are a red flag.     
  • Only use official websites/applications. Never click on dubious links! (Use Trend Micro Check).      
  • Check if any of your PII has been leaked and secure your social media accounts using Trend Micro ID Protection
  • Finally, add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.

 

If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.   

 

Image source: unsplash.com

 

Report a Scam!

Have you fallen for a hoax, bought a fake product? Report the site and warn others!

Help & Info

Popular Stories

As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu

So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking.  If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller.  The condition of the item was misrepresented on the product page. This could be the