According to Oliaz, a member of PandaLabs's research team, the phishing expedition starts when internet users receive an email – ostensibly from Navy Federal – inviting them to click through.
The bad news is that, whilst the phishing email looks genuine and the destination page also looks benign, it's actually a clone that requests users log in.
Comparing the two sites in his security blog, Oliaz said: "If you have a look at the address bar, you'll see some differences with the original one, as it's an https site and therefore has a lock."
In addition, Oliaz says that, even the icon of the company is different, apart from the address itself, of course.
The PandaLabs researcher adds that, if you are not aware of this and log in the fake website, another page will be displayed informing you that your password has been locked and that you have to fill in the following form to unlock it.
"Once this information is entered, you are redirected to the original home site, so you won't probably be aware of the fraud", he said.