We want to warn you of a phishing message we’ve detected that is using the Navy Federal company to obtain users’ credentials to this service and other confidential information.

You receive an email message that seems to come from this company with a link. If you click the link, you’ll be redirected to a website similar to the original one.

Here you have the images of the websites; the first one belongs to the legitimate site and the second one to the false site:

Navy_federal_original_false

If you have a look at the address bar, you’ll see some differences with the original one, as it’s an https site and therefore has a lock and even the icon of the company is different, apart from the address itself, of course:

Phishing_navy_federal_false_address_bar

If you are not aware of this and log in the fake website, another page will be displayed informing you that your password has been locked and that you have to fill in the following form to unlock it:

Navy_federal_enter_data

Once this information is entered, you are redirected to the original home site, so you won’t probably be aware of the fraud.