Issue 130 - May 2012 (1st Edition) - Page 10
Bank Of America 'General Account Update' Phishing Scam
Email purporting to be from Bank of America claims that the recipient's account has shown unusual activity and that he or she must sign in to verify bank login details.
The email is not from Bank of America. In fact, the message is a phishing scam designed to steal bank login details and other personal information from Bank of America customers.
Detailed analysis and references below example.
Last updated: 23rd April 2012
First published: 23rd April 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Bank of America Warning : Error Statement
General Account Update from Bank of America
Sign in now
Your Bank of America account showed unusual activities this morning.
What to do next?
Sign in now to verify your logon details.
If you feel this message has been sent to you in error.
Go to your online account and check your current balance(s) for your account(s)
We appreciate your business. It's truly our pleasure to serve you.
Bank of America Message Center.
Forgot your Online ID and/or Passcode?
According to this "error statement" email, which purports to be from Bank Of America and arrives complete with seemingly official Bank Of America graphics and formatting, "unusual activities" have been detected on the customer's account. The customer is instructed to follow a link in the message to sign in and verify account login details.
However, the email is not from Bank of America and the supposed account problems outlined are just a ruse designed to trick recipients into clicking one of the links in the message. In fact, all links in the email lead to a bogus website designed to emulate the real Bank of America website. Once on the bogus website, victims will be instructed to sign in by entering their banking login details. After they have "logged in" on the bogus site, they may then be asked to provide further personal and financial information, ostensibly as a means of verifying their account and resolving the errors. Login details and any other personal information provided will be collected by Internet criminals and subsequently used to hijack real Bank of America accounts and use them for fraudulent activities and identity theft.
The care and detail with which the scam email has been created makes this phishing scam attempt
a little more sophisticated than some other such attacks and may fool at least a few bank customers into supplying the requested details.
Like many other institutions, Bank of America has been repeatedly targeted
by cybercriminals and further such phishing attacks are likely. Be very wary of any email that purports to be from your bank and claims that you must click a link or open an attachment to supply login details and other private information. Banks and other types of financial institutions are very unlikely to ask customers to provide such information via an unsolicited email. Always log in to your bank's website by entering its web address into your browser's address bar rather than by clicking a link in an email.
Bank of America discusses online fraud
of this nature on its website.
Phishing Scams - Anti-Phishing Information
Bank of America Software Upgrade Phishing Scam
Fraud Prevention and Identity Theft
Pages in this issue:
- Fake Microsoft "Anti-spoofing Update" Notification Email
- Facebook Survey Scam - Free Pair of Ray-Bans
- New US Presidential Coins Omit "In God We Trust"?
- Warnings Claim Thousands May Lose Internet In July 2012
- Facebook Sweepstakes Advance Fee Scam
- Facebook Message Asks For Boycott Of Subway Store Due to Staff Treatment Of Autistic Child
- Hoax: HIV Infected Blood In Pepsi
- '22 Foot 2500 Pound' Crocodile Photo
- 'DGTFX Virus' Email Account Phishing Scam
- Bank Of America 'General Account Update' Phishing Scam
- Photos of Elephants Inside the Mfuwe Lodge in Zambia
- Miracle in Egypt - Buried Children Saved By Jesus
- Bogus Verizon Wireless Bill Email Points to Malware
- Boeing 797 Hoax
- 'Switch To Green' Facebook Survey Scam
- Phishing, Malware and Survey Scam Campaign - 'Click Here To See Attached Photos'
- Yahoo 'E-Mail Account Exceeded' Phishing Scam
- Hoax - June 2012 - 5 Fridays, 5 Saturdays and 5 Sundays