Issue 137 - August 2012 (2nd Edition) - Page 36
Wells Fargo 'Security Check' Phishing Scam
Outline
Email purporting to be from financial services company Wells Fargo claims that, in response to a recent security screen, the recipient's account has been limited until more information about the account holder is provided.
Brief Analysis
The email is not from Wells Fargo. In fact, the message is a phishing scam designed to trick Wells Fargo customers into divulging their account login details and other personal and financial information to Internet criminals.
Detailed analysis and references below example.
Scroll down to submit comments
Last updated: July 30, 2012
First published: July 30, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Example
Subject: Wells Fargo: Account Security Check !!,
Wells Fargo is constantly working to ensure security by regularly screening the accounts in our system.
We recently reviewed your account (error code : 00562), and we need more information to help.
How can I restore my account access ?
Click Here, login and complete the next step to "Remove Limitations."
Completing all of the informations required will automatically restore your account access.
You will be redirected to a secure, private Wells Fargo server on a random port due security
issues.
Wells Fargo, N.A. Member FDIC.
© Wells Fargo Corporation. All rights reserved.
Detailed Analysis
This email, which claims to be from large financial services company Wells Fargo, warns recipients that their Wells Fargo account has been limited. According to the message, the account was limited in response to a recent routine security check because more information is required from the account holder. Recipients are instructed to click a link in order to login to their Wells Fargo account and provide the necessary information so that the account limitations can be removed.
However, the email is not from Wells Fargo and the claim that recipient accounts have been limited is nothing more than a ruse to get them to follow the link in the message. The email is a
phishing scam designed to steal personal and financial information from Wells Fargo account holders. Those who fall for the ruse and click the "remove limitations" link in the email will be taken to a fraudulent "sign in" page designed to emulate the genuine Wells Fargo login:
If users enter their username and password on the fake page as instructed, they will then be taken to a second fake page where they will be asked to supply personal and financial information including address, contact details, ID and credit card numbers.
All information provided on the bogus website can be collected by the criminals responsible for the phishing scam. Once they have collected this information, the scammers can then login to the real accounts of their victims and commit further fraudulent activities and theft. They may also use the stolen information to steal the identities of their victims.
Such phishing attacks are
very common. Be wary of any email that claims that you must follow a link or open an attachment to avoid an account limitation, update account details or rectify errors. Rather than logging in to your online accounts by clicking email links, it is safer to type the account's website address into your browser's address bar.
Wells Fargo has
provided information about phishing scams on its website.
References
Phishing Scams - Anti-Phishing Information
Wells Fargo Online Bank Account Update Scam
Wells Fargo - Report Phish and Email Scams
Pages in this issue:
- Anti Text-Driving Message - Car Wedged Under Truck Image
- Nationwide Phishing Scam Emails
- Faux Image - Double Sunset on Mars
- Microsoft Cyber-Crime Department Phishing Scam
- Does A Photo Depict A Puppy Being Forced to Drink Vodka?
- Post Circulating Claims Hotel Made Disabled US Veteran Crawl Down Stairs
- AFL vs NRL - Wrongdoings of Australian Members of Parliament Hoax
- Three.co.uk Phishing Scam
- Another Facebook Sick Baby Hoax - Baby With Brain Cancer
- Circulating Opinion Piece - 'Democratic, Republican Liberal-Progressive's Worst Nightmare'
- Fake Three (Or Seven) Headed Snake Image
- Misleading Health Advice Email - 'Mayo Clinic on Aspirin and Heart Attacks'
- Facebook Survey Scam - Free Argos Gift Card
- 'Email Deactivation Warning' Phishing Scam
- Anti-Obama Youtube Video Compiles Multiple Conspiracy Theories
- Fake AT&T Bill Emails Point To Malware
- Messages Claim Coca Cola to be Banned In Bolivia
- 'Free Apple Product' Text Message Survey Scam
- Circulating Warning - Facebook May Close Down Animal Rescue Account'
- 2012 FIFA World Cup Online Lottery Advance Fee Scam
- Email Claiming US Gold Medal Gymnast Gabrielle Douglas Faces Lifetime Ban Used to Spread Malware
- Bigpond Security Service Phishing Scam
- Wrestling Star John Cena is NOT Dead
- Hoax - NASA Predicts Total Blackout of Planet in Dec 2012
- Wrestling Star Undertaker is NOT Dead
- Colin And Chris Weir Donation Programme Advance Fee Scam
- US EPA Regulations Force Power Plant Closures
- 'View Facebook Followers' Scam Targets Twitter Users
- Lloyds TSB 'New Banking Authentication' Phishing Scam
- Faux Image - Pilots Protesting Chemtrails
- Telstra Bill Account Update Phishing Scam
- McDonald's Signboard Supporting Chick-Fil-A
- ABSA 'Authorized EFT Payment Received' Phishing Scam
- Hoax Picture - Obama Holding Phone Upside Down
- 'eBay Item Not Received' Phishing Scam Email
- Wells Fargo 'Security Check' Phishing Scam
- False Warnings - 'Cleaning out Friends List' Questions on Facebook Contain Viruses or are Posted by Hackers
