Issue 112 - March 2011 - Page 20
AOL 'Billing Update Must be Performed' Phishing Scam
Email purporting to be from AOL claims that the recipient must follow a link to update account information or limitations will be placed on his or her AOL service.
The message is not from AOL. In fact, the email is a phishing scam designed to trick recipients into providing personal and financial details to Internet criminals. The link in the email points to a bogus website that asks users to submit information via an online form.
Detailed analysis and references below example.
Last updated: 22nd February 2011
First published: 22nd February 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Billing Update Must be Performed
Billing update must be performed
Dear AOL Member,
Our records indicate that your account hasn't been updated
as a part of our regular account maintenance. Our new SSL
servers check each account for activity and your information has
been randomly chosen for verification. AOL Member Services strives
to serve their customers with better and secure banking service.
Notification: Failure to update your account information may
result in account limitation at shopping on our portal.
Update your information
To re-secure your account, just confirm your personal information.
AOL Member Services
Please note that this email address cannot accept replies.
This email, which claims to be from Internet service provider AOL, informs the recipient that he or she must update AOL account details or risk a subsequent limitation of services. The message claims that the account has been randomly chosen for verification by AOL's "new SSL servers". It warns that the account has not been updated as part of AOL's regular account maintenance procedure and urges the recipient to click the "update your information" link in order to "re-secure" the account.
However, the email is not from AOL. In fact, the message is a phishing scam designed to steal personal and financial information from AOL customers. Those who fall for the ruse and click the "Update" button will be taken to a fraudulent website designed to closely resemble a genuine AOL page. As shown in the screenshot below, the fake site asks users to provide a significant amount of private information, including credit card numbers and social security numbers:
All information on the bogus website will be sent to criminals who can subsequently use it to commit credit card fraud and identity theft. To further the illusion, secondary links on the fake site actually open genuine AOL web pages. Moreover, when a victim has finished filling in the information on the bogus form and clicked the "Submit" button, he or she will be automatically redirected to the genuine AOL website.
The phishing email itself is also designed to resemble a genuine AOL message.
AOL customers are regularly targeted
by phishing scammers. AOL will not send out unsolicited emails warning customers that their account will be limited or suspended if they do not follow a link and provide personal information. In fact, any message that claims that you must update information for a bank, government department or online service by following a link or opening an attachment should be treated with suspicion.
AOL Update Billing Information Phishing Scam
Phishing Scams - Anti-Phishing Information
Pages in this month's issue:
- Money Laundering Scam - Christchurch Earthquake Charity Support Job
- False Claim - Viral Video Shows 92 Year Old Ginger Rogers Dancing With Her Great Grandson
- Flu Remedy Myth - Onions Absorb Viruses and Bacteria From a Room
- False Claim - Onions are Magnets for Bacteria
- The Fly in the Urinal - Schiphol Airport Toilet Aim Improvement Technique
- Blackberry Award Advance Fee Scam
- Overblown Warning - Phone Numbers Now On Facebook
- UK Post Office Online Reward Program Phishing Scam
- Amber Alert Hoax - Mitsubishi Eclipse With Plate Number 98B351
- Hitman Payoff Scam Email
- Facebook 'See Who Viewed Your Profile' Scams - Rogue 'Stalker' Apps
- Analysis of a Hijacked Account Overpayment Scam - Boat and Trailer For Sale
- Tick Removal Advice - Liquid Soap Technique
- Does Rubbing Vicks VapourRub on Your Feet Relieve Coughing?
- Mike The Hacker Scam Emails
- DVLA Update Driver's Licence Phishing Scam
- Plea to Help Find Homes for 52 Thoroughbred Horses
- Prime Minister Howard - Muslims Out Of Australia
- Unsubstantiated Rumours Claim Michelle Obama is Pregnant
- AOL 'Billing Update Must be Performed' Phishing Scam
- Health Canada Warning - Over The Counter Drug Recall
- Do Not Call - Mobile Phones Going Public Hoax
- Facebook Grant Award Advance Fee Scam
- Post Express 'Incorrect Delivery Address' Malware Emails
- Adobe Acrobat Upgrade Phishing Scam Emails
- Mobile Phone Tips - Things You Never Knew Your Mobile Phone Could Do
- Telstra Bill Account Update Phishing Scam