Summary: Email claims that the recipient is required to update his or her Wells Fargo online bank account by clicking a link in the message (Full commentary below).
Status: False - Phishing scam
Example:(Submitted, July 2008)
Dear valued WellsFargo ® member:
Due to concerns, for the safety and integrity of the wellsfargo
account we have issued this warning message
We have noticed that your Wells Fargo online account needs to be updated once again, please enter your online account information, because we have to verify all of the online accounts after we have updated our Wells Fargo Online Banking site. To verify your online account and access your bank account, please click on the link below:
Continue to Stop Payment
This e-mail was sent to all of our Wells Fargo customers. Recently, we have found that many accounts were hacked.
For further information, please contact our Customer Services.
Sincerely, Wells Fargo Member Services Team
Thank You
About Wells Fargo | Employment | Report Email Fraud | Privacy, Security & Legal | Home
Commentary:
According to this unsolicited email, the recipient is required to update his or her Wells Fargo online bank account because "many accounts were hacked". The email instructs the recipient to click a link included in the message in order to access the online account and provide the required information. The message includes seemingly legitimate Wells Fargo graphics, links and formatting.
However, the email was not sent by Wells Fargo. Instead it is a phishing scam designed to steal financial information from Wells Fargo customers. Many thousands of such emails are randomly distributed to email lists in the hope that just a few Wells Fargo customers will fall for the ruse and provide the requested information. A great many recipients of this scam email will not even have Wells Fargo accounts. But, sending bulk emails is very easy and inexpensive and the criminals behind such phishing scams only have to steal financial information from a handful of victims to make the scheme worthwhile for them.
If a victim falls for the scam and clicks on the link provided, he or she will be taken to a bogus webpage designed to look like a genuine Wells Fargo login page. Once "logged in" to the bogus page, the victim is then presented with the following online form that requests a large amount of sensitive personal and financial information:
All of the information provided via this bogus website, including the account username and password, can be collected by the scammers and used for financial fraud and identity theft. Wells Fargo has published information about online fraud on its website.
Similar phishing scams targeting a range of financial institutions are continually distributed. In spite of widespread publicity and warnings about such scams, people all around the world continue to fall victim to them. Reputable banks and businesses are very unlikely to request personal information from their customers via an unsolicited email. Be very cautious of any unsolicited email that claims to be from your bank and requests you to provide personal information. Do not click on any links in such emails or open any attachments unless you have already verified that the message is legitimate.
