« Salin Bank Account Phishing Attempt- with a Twist!
Phishing for Google Adwords Accounts »

Bank of America Phishing Attempt

++++++++++++++++++++++++++++++++++++++++++

From: confirm@bankofamerica.com
Sent: 7/22/2008 11:53:43 AM Central Daylight Time
Subj: Confirm Your Personal Information !

We recently have determined that different computers have logged onto your account Banking, and multiple password failures were present before the logins. We now need you to re-confirm your account information to us. If this is not completed by July 23, 2008, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner. To confirm your Account Bank Of America records click on the following link:

>>> https://www.bankofamerica.com/index.jsp <<<

Thank you for your patience in this matter. Bank Of America Online Customer Service. Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered. 1999-2008 Bank Of America. All rights reserved.

++++++++++++++++++++++++++++++++++++++++++

Investigator Notes:

1.  The email was sent without a “To” field so that additional recipients could not be identified.  Most legitimate emails to account holders and customers are sent directly to the recipient’s email address and are often personalized with the account holder’s name in the email.

2.  The included link, bankofamerica.com/index.jsp, points to a website which is obviously not a Bank of America website:

sg-php.com/Scripts/400.htm.

3.  Bank of America is the largest bank in the United States and is one of the most phished websites on the Internet.  Extra precaution should always be taken when receiving suspicious emails ragarding Bank of America accounts.

4.  Spelling and/or grammatical errors.

5.  Threats of account termination are very common in phishing attempts while a legitimate company would not risk losing a customer over something that could be taken care of with a phone call.

Tags: ,

This entry was posted on Sunday, August 3rd, 2008 at 9:35 am and is filed under Phish Bait (Scam Emails). You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Bank of America Phishing Attempt”

  1. peg Says:
    August 6th, 2008 at 11:19 pm

    here is my “Bank of America” email i received 8/6/08:

    This is not a promotional e-mail. Please call us immediately at 1-800-681-1364 regarding recent resctriction on your Bank of America Card Account. We’re available 24/7 to take your call.
    Please disregard this e-mail if you’ve already call us since the date this e-mail was sent.
    We appreciate your prompt attention to this matter.
    Thank you
    Bank of America Fraud Prevention Security Department

    I DON’T HAVE AN ACCOUNT @ Bank of America! Phishy, indeed!!
    i googled “Bank of America” “Fraud Prevention Security Department ” and came here.
    thanks for the info here!

  2. Paul Says:
    August 12th, 2008 at 2:23 pm

    1-800-681-1364 which was answered by an automated “man” stating “Bank of America Fraud Dep.” The automated man listed choices, wanted an account number entered, etc.. Most alarming, they wanted the full SSN entered. I called the “actual” fraud number for Bank of America and I gave them the 1-800 number and they told me that the number is not a Bank of America number and it was a scam.

Leave a Reply