Fake USAA / Navy Federal Credit Union / Pentagon Federal military banking account suspended, locked, or unauthorized transaction phishing — fraudulent email impersonating USAA, Navy Federal Credit Union, or PenFed claiming the recipient's military bank account has been suspended, locked, or restricted due to suspicious activity or unauthorized access — directing them to sign in, verify identity, or secure their account through a credential-harvesting portal; USAA 13M+ members; Navy Federal Credit Union 13M+ members; Pentagon Federal 2.7M+; military banking accounts store direct deposit payroll, savings, investment, and insurance products in one institution; military members are specifically targeted because geographically mobile deployments delay response times; FTC and CFPB both publish annual warnings about military member financial targeting; IC3 2024: active duty and veteran financial fraud exceeded $120M

Phishing emails impersonating USAA, Navy Federal Credit Union, or Pentagon Federal Credit Union (PenFed) claiming the recipient's military banking account has been suspended, locked, or restricted due to suspicious activity, unauthorized access, or a regulatory security hold — directing them to sign in, verify identity, or secure their account through a credential-harvesting portal that captures banking credentials, SSN, and account routing details. Key facts: (1) Military banking accounts are uniquely valuable to attackers: USAA provides banking, insurance, investment, and auto/home loans all under one login for 13M+ members; Navy Federal Credit Union serves 13M+ members with the same breadth; compromising one USAA credential gives access to the member's checking, savings, mortgage, auto insurance, and investment accounts simultaneously — a full financial exposure unmatched by single-product bank phishing; (2) Military members are specifically targeted because of structural vulnerabilities: frequent Permanent Change of Station (PCS) moves make account geographic anomalies harder to detect; deployments to remote or overseas locations delay responses to security alerts; young enlisted service members (18-22) are high targets because of guaranteed income (BAH + BAS + base pay) and potential unfamiliarity with phishing tactics; (3) Security clearances held by many service members and DoD civilians make identity theft more damaging — a compromised identity can jeopardize a clearance renewal, which can end a career; (4) USAA-specific trust dynamics: because USAA is a military-exclusive institution, members have very high trust in USAA communications and do not expect impersonation — they may be less skeptical of urgent USAA security emails than they would be for a mass-market bank. Warning signs: sender domain not usaa.com, navyfederal.org, or penfed.org; USAA and Navy Federal never send account security emails from external alert domains; any email directing to a login page to "verify your military banking account" should be accessed only via typed URL or official app — never via email link.