Phishing E-mail Hits Bank of America Customers

Latest news
Facebook Targeted with Valentine Attack Results in Malware FBI Likely Deployed Spyware for Surveillance on MegaUpload Cidrex Trojan Opens E-mail ids in ‘Yahoo,’ Uses CAPTCHA to secure them E-mail Supposedly Inviting to Conference, Serves Trojan Collaborated Effort towards Evading Spam

Support our Sponsors

uClip Clipping Path Service

Main Menu

Resources

Login
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Syndicate

Popular
Amazon Accountholders get Fresh Phishing E-mail Enterprises Facilitated through Malware Circulation in Government Cyber-criminals Execute e-Payment Malware Assault Eleven Survey Rated Spam the Biggest E-mail Security Threat in Ten Years Websites Diverting End-users onto ‘Blackhole’ Increasing Within Russia: ESET

Trampolines usa

Phishing E-mail Hits Bank of America Customers

Written by Administrator

Friday, 30 July 2010 09:00

Security researchers at ScanSafe report that phishers are targeting the customers of BofA (Bank of America) through a fresh e-mail fraud.

The fake electronic mail, posing as a message from the BofA and entering customers' inbox apparently, tells the recipient (customer) that the Bank has found a number of PCs logged into his banking account. Before the account login, several password failures occurred, said the fake e-mail.

It then states that the recipient should now re-validate his BofA account details to the Bank. This should be done before or on July 31, 2010 otherwise the BofA will be compelled to deactivate his account indefinitely to prevent any fraudulent activity through it.

Thereafter, the e-mail ends formally. It asks the recipient to log into his Internet Banking account by clicking on a given web-link, which will help him get back his account as operational.

According to ScanSafe, the link takes the user to a gramsbbq.org/bain (a website of a Californian barbecue establishment). From there, the user is then auto-diverted to a phishing website hosted on chasingarcadia.com, one more genuine, but hijacked website of certain Canadian band.

The security firm ScanSafe further states that scammers have been successfully employing this technique of hijacked websites for many years to divert and support spoofed or phishing sites. This is because it allows phishing messages to pass through well-known filters as well as community-based reliable coverage.

Mary Landesman, Senior Security Researcher at ScanSafe, states that this method raises the collateral destruction because in case the hijacked websites are banned, their owners may suffer business loss, as reported by Blog.scansafe during the 2nd week of July 2010.

As per the security researchers, it is easy to spot these scams, provided the user is aware of what he needs for finding. In the current instance, brushing the computer mouse over the web-link discloses a domain name that instead of connecting with the Bank's authorized domain, leads to somewhere else. Moreover, in case the user clicks on the web-link, he will again find from the URL inside his browser that it doesn't connect with the right site.

Read full article...