Bank of America

The Doctor

Administrator
Staff member
#1
Here's another example of a phishing email. Since I live in the UK, I'm not likely to have a Bank of America account. Thus, I know this email was completely fake. Especially the part about the "temporal hold".

If you get something like this, the best thing to do is just hit "Delete" and forget it. NEVER click on the links in such an email. At best, you could put some nasty cookies in one of your folders. At worst, you're going to give away you personal information to someone who does not wish you well.

(Bank of America using clickhost.net, a free email server? Not bloody likely!)

Bank 0f America <customerservice@bankofamerica.us.clickhost.net> wrote:
Your Online Banking is Blocked
We recently reviewed your account, and suspect that your Bank of America account may have been accessed by an unauthorized third party. Protecting the security of your account is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features.
To restore your account access, we need you to confirm your identity, to do so we need you to follow the link below and proceed to confirm your information:
text='http://www.bankofamerica.com/secure/update/ssl.cfm'. For more information on phishing click here.
Thank you for your patience as we work together to protect your account.
Sincerely,
Bank of America Customer Service
*Important*
Please update your records on or before 48 hours, a failure to update your records will result in a temporal hold on your funds.
Bank of America, N.A. Member FDIC. Equal Housing LenderLink opens Equal Housing Lender pop-up window
© 2006 Bank of America Corporation. All rights reserved.
 

Miyuki

Administratrix
Staff member
#3
This is what Bank of americ says, and it's good information to remember:
Stay safe from Phishing: Easy clues to help you keep your personal information secure.

The main goal of a phishing email is to get you to a site where you will provide your personal information. With these basic, but powerful, clues, you can easily recognize the threat and ensure the safety of your identity and finances.

1. Does the email ask you to go to a website and verify personal information? We won't ask you to verify your personal information in response to an email.
2. What is the tone of the mail? Most phish emails convey a sense of urgency by threatening discontinued service or information loss if you don't take immediate action.
3. What is the quality of the email? Many phish emails have misspellings, bad grammar, or poor punctuation.
4. Are the links in the email valid? Deceptive links in phishing emails look like they are to a valid site, but deliver you to a fraudulent one. Many times you can see if the link is legitimate by just moving your mouse over the link.
5. Is the email personalized with your name and applicable account information? Many phish emails use generic salutations and generic information (e.g. "Dear Customer" or "Dear Account Holder") instead of your name.
6. What is the sender's email address? Many phish emails come from an email address not from the company represented in the email.
7. When in doubt, type it out. If you suspect an email to be phishing, don't click on any links in the email. Type the valid address directly into your web browser.
 

Quark

Moderator
Staff member
#4
Not my bank

From Bank Of America Sun Sep 9 2007
Return path: <management@management.com>
Received: from 87.245.162.202 (HELO plesk4.inetcorp.ru) [Router]
Message-ID: <PXTRLBJCGYTHBJVJNTSCKSLS@yahoo.com>
From: "Bank Of America" <management@management.com>
Reply-to: "Bank Of America" <management@management.com>
To:
Subject: Renew Your Account.


Dear Bank of America Cardholder,

This is your official notification from Bank of America. Your online has expired. If you want to continue using our service you have to renew your online. If not, your online will be limited and deleted.

To continue click and complete the renew form with your current information.
http www siliana net www www bankofamerica com


Thank you,
Bank of America Online Banking Department
 

The Doctor

Administrator
Staff member
#6
Subject: $20 - Reward Survey

$20 won't be worth the trouble you'd get from this one.

From Bank Of America Mon Sep 17 2007
X-Originating-IP: [75.39.246.49]
Return-Path: <security@security.com>
Subject: $20 - Reward Survey

Dear Customer ,

The Bank of America Online department kindly asks you to take part in our quick and easy 5 questions survey. In return we will credit $20.00 to your account - Just for your time!

With the information collected we can decide to direct a number of changes to improve and expand our services. The information you provide us is all non-sensitive and anonymous - No part of it is handed down to any third party.

It will be stored in our secure database for maximum 7 days while we process the results of this nationwide survey. We kindly ask you to spare two minutes of your time and take part in our online survey.

To continue please click here
 

Gentle Giant

Giant Admin for a Day
Staff member
#7
Irregular Check Card Activity

Sandor got one of these and he doesn't have a Bank of America account. :) And it's not even written in good English.

X-Originating-IP: [80.12.242.97] France, abo.wanadoo.fr
Reply-To: <onlinebanking@alert.bankofamerica.com>
From: "Bank of America alert" <onlinebanking@alert.bankofamerica.com>
Subject: Bank of America alert: Irregular Check Card Activity
Date: Thu, 25 Oct 2007

Irregular Check Card Activity

We detected irregular activity on your Bank of America Check Card on 8/30/2007. For your protection, you must verify this activity before you can continue using your card.

Please visit Online Banking at [link disabled] For more information on phishing click here. to review your account activity, and then Verify Your Check Card Information . You will review the activity on your account and upon verification, if there is fraud restrictions placed on your account.

Want to get more alerts? Sign in to your online banking account at Bank of America and within the Accounts Overview page select the "Alerts" tab.

Because email is not a secure form of communication, please do not reply to this email.
If you have any questions about your account or need assistance, please call the phone number on your statement or go to Contact Us at [link removed]
 

Quark

Moderator
Staff member
#8
I'm like Sandor above. I got one of these and my account is with Wells Fargo. :confused:

From Bank of America Online
Return-Path: <nobody@contact.valisinternational.com>
Received: from 207.210.83.34 , USA, Illinois, Global Net Access LLC
Subject: Announcements : New Alerts# Verication and Maintaince Bank of America .
From: "Bank of America Online" <customers.alerts@bankofamerica.com>
lisinternational.com>
Sender: Nobody <nobody@contact.valisinternational.com>
Date: Mon, 19 Nov 2007


Bank of America Higher Standards

Online Banking Alert

Need additional up to the minute account information? Sign in


Your Online Banking is Blocked

Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account. So we have decided to put an extra verification process to ensure your identity and your account security. Please click on sign in to Online Banking to continue to the verification process and ensure your account security. It is all about your security. Thank you. and visit the customer service section.
 

Naruto

Administrator
Staff member
#9
From Bank Of America
Return-Path: <online@secure.bankofamerica.com>
Received: from 211.0.147.226, Japan, FBIT Communications Corporation
Reply-to: <online@secure.bankofamerica.com>
From: "Bank Of America" <online@secure.bankofamerica.com>
Subject: Scheduled accounts maintenance and verification.
Date: Fri, 29 Feb 2008


Customer ID : 000-5432-654386-PSI

Dear Bank of America customer,

During our regualry scheduled accounts maintenance and verification procedures, we have detected a slight error regarding your account.

This might be due to one of the following reasons:

1. A recent change in your personal information (i.e. address changing)
2. Submitting invalid information during the initial sign up process.
4. Multiple failed logins in your personal account.
3. An inabillity to accurately verify your selected option of payment due to an internal error within our system.

Please update and verify your information by clicking the following link:

Verify My Account Information

*If you account information is not updated within 48 hours then your ability to access your account will be restricted.

Thank you,
Billing Department, Bank of America

You can help us provide you with the most relevant information by taking a moment to tell us your e-mail preferences.
And of course you can unsubscribe at any time.

Remember, Bank of America is committed to your security and protection.

To find out more, take a look at our Information Security section

under Privacy and Security on the Web site.B

Bank of America, N.A. Member FDIC. Equal Housing Lender
© 2007 Bank of America Corporation. All rights reserved..................................
 
#10
online banking

Remember:
You are expected to complete this update not later than 2 working days from the receipt of this mail. Verification of your current details.
Date: 25-03-2008


Dear Valued Customer :

During our regular update and verification of the Bank of America Online Banking Service, we could not verify your current information. Either your information has been changed or incomplete, as a result your access to use our services has been limited. Please update your information.

To restore your online banking access, kindly update your information. You can update your online banking details by following the link below.

Click here to update your account!

Thank you for banking with Bank of America, the industry leader in safe and secure online banking

Sincerely,
Bank of America Customer Service


Return-Path: <onlinebanking@alerts.bankofamerica.com>
Received: from smtp23.orange.fr (smtp23.orange.fr [80.12.242.50]) France, PROJET MAIL ESSENTIALS
Reply-To: <onlinebanking@alerts.bankofamerica.com>
From: "Bank Of America" <onlinebanking@alerts.bankofamerica.com>
Subject: Bank of America Unauthorized Account(s) Access (Secure Code: UB05-C0B1-A-1)
Date: Tue, 25 Mar 2008
 

Miyuki

Administratrix
Staff member
#11
From Bank Of America
X-Originating-IP: 68.162.91.40, USA, Philadephia, versizon.net
Return-Path: <norply@boa.com>
From: "Bank Of America" ~norply@boa.com>
Subject: Bank of America Unauthorized Account(s) Access (Secure Code: UB05-C0B1-A-1)
Date: Mon, 14 Apr 2008


Dear Bank Of America Customer,

This is your official notification from Bank Of America. Your online account has expired. If you want to continue using our service you have to renew your online account. If not, your online account will be deactivated and deleted.

To continue click here, complete the renew form with your current
information.

Many Thanks and Kind Regards - Bank Of America Bank - Update Department
 

kanga

New Member
#12
I got one of these last week. I called the most local bank of america (nearly 200miles). I was given a tollfree # to report it, on that call I was asked to sent them the e-mail with headers. As to Quark I don't think Wells Fargo is doing any better at controlling these I got on of those today allong with this:

X-YahooFilteredBulk: 75.126.36.234
X-Originating-IP: [75.126.36.234]
Return-Path: <nobody@www1.ppcomputers.com>
Authentication-Results: mta454.mail.mud.yahoo.com from=bankofamerica.com; domainkeys=neutral (no sig)
Received: from 75.126.36.234 (EHLO www1.ppcomputers.com) (75.126.36.234) by mta454.mail.mud.yahoo.com with SMTP; Sun, 20 Apr 2008 21:02:22 -0700
Received: from nobody by www1.ppcomputers.com with local (Exim 4.68) (envelope-from <nobody@www1.ppcomputers.com>) id 1JnnCx-0005mu-Ia
Subject: IMPORTANT - Verification of Your Current Details
From: "Bank of America" <6453820.alert@bankofamerica.com> Add Mobile Alert
Reply-to:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1JnnCx-0005mu-Ia@www1.ppcomputers.com>
Date: Sun, 20 Apr 2008 23:00:47 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - www1.ppcomputers.com
X-AntiAbuse: Original Domain - yahoo.com
X-AntiAbuse: Originator/Caller UID/GID - [99 32002] / [47 12]
X-AntiAbuse: Sender Address Domain - www1.ppcomputers.com
X-Source:
X-Source-Args: /usr/local/apache/bin/httpd -DSSL
X-Source-Dir: filetap.info:/public_html/kfi/includes
Content-Length: 8786



Remember:
You are expected to complete this update not later than 2 working days from the receipt of this mail. Verification of your current details.
Date: 17/04/2008


Dear Valued Customer :

During our regular update and verification of the Bank of America Online Banking Service, we could not verify your current information. Either your information has been changed or incomplete, as a result your access to use our services has been limited. Please update your information.

To restore your online banking access, kindly update your information. You can update your online banking details by following the link below.



Thank you for banking with Bank of America, the industry leader in safe and secure online banking

Sincerely,
Bank of America Customer Service


Our paperless statements securely store your statements online for you to view up to 18 months of activity. Learn more.


--------------------------------------------------------------------------------

*Important*
Because E-Mail Is Not A Secure Form Of Communication, This E-Mail Box Is Not Equipped To Handle Replies.
If you are a Bank of America customer and have sensitive account-related questions, please call the phone number provided on your account statement or the appropriate phone number indicated in the following "Contact Us" link so we can properly verify your identity. For all other questions or comments, please use the Web forms available via Contact Us. We respect your privacy, and you can rest assured that we protect your information, including your email address, and will never sell or share it with marketers outside Bank of America.
To find out more, please read our Privacy Policy. Bank of America E-mail, 6th Floor, 101 North Tryon Street, Charlotte, NC 28255-0001
 
Last edited:

Garreg Ddu

Gweinyddwr
Staff member
#13
TWO Phish traps in one email

Scammer has tried to get this one to work even if one site is removed, as there are two different URLs in the email. Used a UK ISP service to link to an "Orange France" email account:

Received: from smtp20.orange.fr (mwinf2028 [172.22.130.128])
by mwinf2020.orange.fr (SMTP Server) with ESMTP id 59A391DC3F7A;
Mon, 2 Jun 2008 03:21:59 +0200 (CEST)
IP address: 80.12.242.146 - smtp2b.orange.fr. (France Telecom Transpac) France
Received: from User (unknown [82.152.39.239])
by mwinf2028.orange.fr (SMTP Server) with ESMTP id 5F5A51C000B8;
Eclipse Internet, Portland House, Longbrook Street,
Exeter, Devon EX4 6AB. GB


From: Bank of America
Sent: Monday, June 02, 2008 2:22 AM
To: undisclosed-recipients:
Subject: Bank of America Alert: Message from Customer Service


Dear Valued Customer :

We recently have determined that different computers have logged in your Bank of America Online Banking account, and multiple password failures were present before the logons. We now need you to re-confirm your account information to us. If this is not completed by may 30, 2008, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner. In order to confirm your Online Bank records, we may require some specific information from you.

To restore your account, please Sign in to Online Banking.

thank you for using Bank Of America Online Service.

--------------------------------------------------------------------------------

Your account might be place on restricted status. Restricted accounts continue to receive payments, but they are limited in their ability to send or withdraw funds. To lift up this restriction, you need to login into your account (with your username or SSN and your password), then you have to complete our verification process. You must confirm your credit card details and your billing information as well. All restricted accounts have their billing information unconfirmed, meaning that you may no longer send money from your account until you have reactive your billing information on file. Sign in to Online Banking
Thank You.


Please do not reply to this message. If you have any questions about the information in this e-Bill, please contact your biller. For all other questions, call us at 800-887-5749.

--------------------------------------------------------------------------------

Bank of America, N.A. Member FDIC. Equal Housing Lender
2008 Bank of America Corporation. All rights reserved

The second link has been found and removed already. The first link is flagged by McAfee SiteAdvisor as a site designed to steal your identity or personal information.
 

Quark

Moderator
Staff member
#14
Received: from User ([76.227.39.114]) by fijicare.com.fj
From: "Bank of America"<alert@boa-system-message.com>
Subject: New ALERT Message
Date: Wed, 18 Jun 2008
X-Return-Path: [alert@boa-system-message.com]
Return-Path: [alert@boa-system-message.com]


Dear Member,

Please login to your Bank of America Account and visit the Message Center section in order to read the message.

To Login, please click the link below:

Bank of America Online Banking [Link says Reported Web Forgery! and is blocked]

©2008 Bank of America. All rights reserved.
 

Ted

Emeritus
#15
Bank of America...

Banking Day!! Hmmm... Time for a loan?


Return-Path: <support@bankofamerica.com>
Received: from User (unknown [78.153.208.135]) Ireland, Blacknight Pem Infrastructure
From: "Bank of America" <support@bankofamerica.com>
Subject: Update Your Bank of America Account Information
Date: Sun, 6 Jul 2008


Verify Your Account Information

Due to the recent upgrade of our servers, we have issued this message:

It has come to our attention that some of our customers no longer have access to their banking online. So, we have issued that all customers verify their online banking accesses.

Please click on Verify Your Online Banking Access to continue to the verification process and ensure your account security. It is all about your security.

Thank you.

--------------------------------------------------------------------------------

Bank of America, N.A. Member FDIC. Equal Housing Lender
2008 Bank of America Corporation. All rights reserved
 
#16
From: [service@mail.com]
Sent: 7/11/2008
Subj: Protect Your Account

Bank of America Internal Mail Box Notification
Bank of America Higher Standards
Online Banking Alert


Dear VALUED CUSTOMER,

We recently noticed some changes in your your BANK OF AMERICA Account Information's. However, we will like you to log into your account to confirm the change. By so doing this, normal transaction will continue within your accounts.

This might be due to either of the following reasons:

1. A recent change in your personal information ( i.e. change of address).
2. Submitting invalid information during the initial sign up process.
3. An inability to accurately verify your selected option of payment due to an internal error within our processors.

Due to this, we require you to confirm and verify your account information by clicking the link below:

[Link removed]

If your account information is not confirmed and verified within a certain period of time then your ability to access your account would become restricted.

Thank you

Bank of America Account Management Department .

Bank of America, N. A. Member FDIC. Equal Housing LenderEqual Housing Lender

(c) 2008 Bank of America Corporation. All rights reserved.
Designated trademarks and brands are the property of their respective owner
 
#17
There is a link but it shows a "404 error"

From: [onlinebanking@bankofamerica.com]
Sent: 7/19/2008
Subj: Account Update

Bank of America Higher Standards


Online Banking Alert
Online Banking Update Notification

Dear Valued Customer,

We have just completed a scheduled maintenance of our Online Banking SSL Server. You are therefore required to complete the "Update Account" feature which will enable your account (s) held at Bank of America to be Updated and properly secured.

In order to complete this Update, kindly click on the "Update Now" button below:

Update Now

Thank you for choosing Bank of America.

Because email is not a secure form of communication, please do not reply to this email.

If you have any questions about your account or need assistance, please call the phone number on your statement or go to Contact Us at www.bankofamerica.com

Bank of America, Member FDIC.
? 2006 Bank of America Corporation. All Rights Reserved.


Return-Path: <onlinebanking@bankofamerica.com>
Received: from 80.12.242.49, France, Mail Essentials Project
abuse report to <abuse@orange.fr>
From: "Bank of America" <onlinebanking@bankofamerica.com>
Subject: Account Update
Date: Sat, 19 Jul 2008
 

Garreg Ddu

Gweinyddwr
Staff member
#18
Site seems to have died.

The "Phishing" site in post #16 seems to have died! :(

Thank you very much for the information to DragonFire. :) (We had a private note of the URL).

Thanks are due to the hosts at MD Webhosting in South Yarra, Melbourne, Victoria, Australia, who found and removed the site.;)
 
#19
X-Originating-IP: [190.21.61.156] Chile, Terra Networks Chile S.A.
Send abuse report to [technical@corp.terra.cl]
Return-Path: <customer-support_num_418ydt@bankofamerica.com>
From: "Bank of America US" <customer-support_num_418ydt@bankofamerica.com>
Subject: Bank of America: Verify Your Login Data
Date: Sat, 02 Aug 2008


Dear Bank of America customer,

Security and confidentiality are at the heart of the Bank of America. Your details (and your money) is protected by a number of technologies, including Secure Sockets Layer (SSL) encryption.

We would like to notify you that Bank of America carries out customer details confirmation procedure that is compulsory for all our customers. This procedure is attributed to a routine banking software update. Please visit our Customer Verification Form using the link below and follow the instructions on the screen.

http www6 bankofamerica com confirmdetails jsp taskid 19kAbFCDefkayhfcyOrdn (It's dead)
Bank of America Customer Service
 
#20
X-Originating-IP: [59.95.26.42] India, New Delhi, NIB (National Internet Backbone), Bharat Sanchar Nigam Limited
Return-Path: <customer_support_num_50ynb@bankofamerica.com>
From: "Bank of America USA" <customer_support_num_50ynb@bankofamerica.com>
Subject: Bank of America: Details Activation
Date: Wed, 13 Aug 2008


Dear Bank of America customer,
Security and confidentiality are at the heart of the Bank of America. Your details (and your money) is protected by a number of technologies, including Secure Sockets Layer (SSL) encryption.

We would like to notify you that Bank of America carries out customer details confirmation procedure that is compulsory for all our customers. This procedure is attributed to a routine banking software update.

Please visit our Customer Verification Form using the link below and follow the instructions on the screen.

http www0 bankofamerica com confirmdetails jsp pid 19kAbFCDefkayhfcyOrdn

Bank of America Customer Service