Patrons of Bank of America Hit by Phishing Campaign
Wwlp.com reported on 21st January, 2015 stating that customers of Bank of America (North Carolina, US) are being targeted once again by cyber-crooks with a phishing email campaign.
A very genuine-looking phony email is being delivered to many email accounts which is a bogus net-banking alert claiming to be from the Bank. It has the absolutely right logos, colors and says that your account has not been available temporarily due to updation of the system.
It is a classic "phishing scheme" because it contains a link which looks genuine and it even starts with "https" making it appear like a secure website but actually it is not.
Clicking on the this fake link, it will lead to a unprotected and vulnerable website leading to a set of questions demanding for your debit or credit card information along with protection questions under the pretext of upgrading your account information.
Bank of America clearly announces on its official website (https://www.bankofamerica.com) that it will never send emails asking for your personal information like ATM, PIN or Social Security Number.
Security experts have issued some simple tips in trying to minimize attacks of the above type. They are: firstly, we (referring to the Bank in this case) will never claim that your account has been closed. Secondly, never verify your personal information through email.
Moreover, offers sounding too good to be true. We (Bank out here) will never ask you to fill up a customer service survey in lieu of money or getting you to fill a questionnaire as has been done in the above case and then ask you to submit your account number to enable you to receive the money.
The Bank advises on their website that if you receive any suspicious emails using the name of Bank of America, forward the same to it immediately at firstname.lastname@example.org.
Just like Bank of America, a Co-operative Bank based at Wellington (New Zealand) was also attacked by a phishing scam during mid December 2014. It was reported that the phishing email asked customers to "kindly complete the verification process to avoid suspension of their account."