Navy Federal Phish Alert: Spammers Want Your Account Information
Did you get an email from Navy Federal Credit Union claiming that your account has been deactivated due to “unusual activity” and you need to update your account to re-activate it?
Don’t click the link and definitely do NOT enter any of your account information.
Spammers are sending out Navy Federal spam in hopes of collecting the account details of unsuspecting members. Below is a copy that we received this morning:
Subject: Please Update Your Account Details
From: Federal Navy Credit Union <firstname.lastname@example.org>
A new message from Naval Federal Credit Union®
We have detected an unusual activity in your account.
We have temporarily de-activated your account for your own protection.
kindly update your account and enter your security questions and Answer correctly, so we can Re-Activate your Account immediately.
Click here to update your account https://www.navyfederal.org
For those who are curious, the link in the phishing email does NOT take you to Navy Federal’s website. Instead, it leads to a compromised third-party website that has been configured to collect the following information about your NFCU account: access number, user ID, password and account name.
Here’s a screenshot of the phishing page (PhishTank #2747913):
Any information entered on this page will be relayed back to the cybercriminals behind this scam. Don’t submit any of your Navy Federal information!
What to Do With NFCU Phishing Emails
Did you get a suspicious Navy Federal email? It is recommended that you:
- Do NOT click on any links embedded within the email.
- Do NOT provide any personal or financial information.
- Report the email to Navy Federal by forwarding it to email@example.com.
- Delete the email.