Skip to content

Phishing scam Visa cards

January 14, 2011

This information is being sent by John T. McCain, Program Manager, Charge Card Service Center Program Office.

The CCSC has received notification from GSA ‘s Office of Charge Card Management that there is a phishing scam being sent to cardholders using “Visa” and the “Verified by Visa” program. The scam sends an email similar to the one below and attempts to capture charge card information.
Dear Visa Card user,

In addition to our other ways of preventing, detecting, and resolving fraud, we offer Verified by Visa, a free, simple-to-use and free service that confirms your identity with an extra password when you make an online transaction.

Since January 20, 2011 we require all our customers to enroll their visa cards in the Verified by Visa program. If you do not do so you will not be able to shop online with your visa card.
This is a reminder to activate the Verified by Visa feature for your card as soon as possible.
Click here to activate your account
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you. We apologize for any inconvenience.

Visa Inc.
*Please immediately inform all cardholders that these emails ARE NOT legitimate Visa messages and should be ignored. Any reports of this type of activity can be reported to the Visa at and/or the CCSC at

GSA’s Office of Charge Card Management contacted Visa and received the following information with regard to informing your cardholders of this scam:

This email claims to be from credit card provider, Visa and instructs recipients to follow a link to activate “Verified by Visa” security protection on their card. However, in spite of the seemingly genuine logos and formatting in the message, it does not originate from Visa.

Instead it is a phishing scam intended to steal financial information. Those who do click on the link in the message will be directed to a fake website designed to closely resemble a genuine Visa web page. The fake site will request details about the cardholder’s account which can then be harvested by the scammers running the phishing operation.
In this way the scammers can gain all the data they require to use the compromised card for fraudulent transactions. Phishing scam attacks that use very similar tactics have been launched a number of times over the last few years.

Ironically, “Verified by Visa” is a genuine security program designed to protect consumers from credit card fraud. Cardholders are able to activate the security program by providing a credit card number on a secure Visa web page. The scammers have capitalized on this genuine program by diverting victims to a totally bogus activation process. Visa has published information about phishing and other scams on its website.

If you receive an email that appears to be from your card issuer requesting financial information or any other personal data:
• Treat the email with suspicion.
• Do not reply to the email or respond by clicking on a link within the email message.
• Contact your card issuer as soon as possible to report the suspicious email. Use the number or Web site address on the back of your card or on your monthly statement.
• Do not give out ANY personal information over the phone, Internet or mail.
• If you think the request is valid, always contact the bank using the number on the back of your card.
• If anyone ever gives out information, they should immediately call their bank.
In fact, you should be suspicious of any unsolicited email that asks you to click a link and provide personal or financial information. Phishing scammers continually target many financial institutions such as banks and credit card providers.

Please email any questions to the CCSC at Thank you!

John T. McCain
Program Manager
USDA Charge Card Service Center
Office of Procurement and Property Management

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: