Bank of America

Discussion in 'Phishing' started by The Doctor, Feb 21, 2007.

  1. The Doctor

    The Doctor Administrator Staff Member

    Here's another example of a phishing email. Since I live in the UK, I'm not likely to have a Bank of America account. Thus, I know this email was completely fake. Especially the part about the "temporal hold".

    If you get something like this, the best thing to do is just hit "Delete" and forget it. NEVER click on the links in such an email. At best, you could put some nasty cookies in one of your folders. At worst, you're going to give away you personal information to someone who does not wish you well.

    (Bank of America using clickhost.net, a free email server? Not bloody likely!)

     
  2. Spanish Administrator

    Spanish Administrator THE Spanish Administrator Staff Member

  3. Miyuki

    Miyuki Administratrix Staff Member

    This is what Bank of americ says, and it's good information to remember:
     
  4. Quark

    Quark Moderator Staff Member

    Not my bank

    From Bank Of America Sun Sep 9 2007
    Return path: <management@management.com>
    Received: from 87.245.162.202 (HELO plesk4.inetcorp.ru) [Router]
    Message-ID: <PXTRLBJCGYTHBJVJNTSCKSLS@yahoo.com>
    From: "Bank Of America" <management@management.com>
    Reply-to: "Bank Of America" <management@management.com>
    To:
    Subject: Renew Your Account.


    Dear Bank of America Cardholder,

    This is your official notification from Bank of America. Your online has expired. If you want to continue using our service you have to renew your online. If not, your online will be limited and deleted.

    To continue click and complete the renew form with your current information.
    http www siliana net www www bankofamerica com


    Thank you,
    Bank of America Online Banking Department
     
  5. Nanook

    Nanook Administrator Staff Member

    I've gotten about 6 of these things in the last 2 days. I wonder if Bank of America is aware of this?
     
  6. The Doctor

    The Doctor Administrator Staff Member

    Subject: $20 - Reward Survey

    $20 won't be worth the trouble you'd get from this one.

    From Bank Of America Mon Sep 17 2007
    X-Originating-IP: [75.39.246.49]
    Return-Path: <security@security.com>
    Subject: $20 - Reward Survey

    Dear Customer ,

    The Bank of America Online department kindly asks you to take part in our quick and easy 5 questions survey. In return we will credit $20.00 to your account - Just for your time!

    With the information collected we can decide to direct a number of changes to improve and expand our services. The information you provide us is all non-sensitive and anonymous - No part of it is handed down to any third party.

    It will be stored in our secure database for maximum 7 days while we process the results of this nationwide survey. We kindly ask you to spare two minutes of your time and take part in our online survey.

    To continue please click here
     
  7. Gentle Giant

    Gentle Giant Giant Admin for a Day Staff Member

    Irregular Check Card Activity

    Sandor got one of these and he doesn't have a Bank of America account. :) And it's not even written in good English.

    X-Originating-IP: [80.12.242.97] France, abo.wanadoo.fr
    Reply-To: <onlinebanking@alert.bankofamerica.com>
    From: "Bank of America alert" <onlinebanking@alert.bankofamerica.com>
    Subject: Bank of America alert: Irregular Check Card Activity
    Date: Thu, 25 Oct 2007

    Irregular Check Card Activity

    We detected irregular activity on your Bank of America Check Card on 8/30/2007. For your protection, you must verify this activity before you can continue using your card.

    Please visit Online Banking at [link disabled] For more information on phishing click here. to review your account activity, and then Verify Your Check Card Information . You will review the activity on your account and upon verification, if there is fraud restrictions placed on your account.

    Want to get more alerts? Sign in to your online banking account at Bank of America and within the Accounts Overview page select the "Alerts" tab.

    Because email is not a secure form of communication, please do not reply to this email.
    If you have any questions about your account or need assistance, please call the phone number on your statement or go to Contact Us at [link removed]
     
  8. Quark

    Quark Moderator Staff Member

    I'm like Sandor above. I got one of these and my account is with Wells Fargo. :confused:

    From Bank of America Online
    Return-Path: <nobody@contact.valisinternational.com>
    Received: from 207.210.83.34 , USA, Illinois, Global Net Access LLC
    Subject: Announcements : New Alerts# Verication and Maintaince Bank of America .
    From: "Bank of America Online" <customers.alerts@bankofamerica.com>
    lisinternational.com>
    Sender: Nobody <nobody@contact.valisinternational.com>
    Date: Mon, 19 Nov 2007


    Bank of America Higher Standards

    Online Banking Alert

    Need additional up to the minute account information? Sign in


    Your Online Banking is Blocked

    Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account. So we have decided to put an extra verification process to ensure your identity and your account security. Please click on sign in to Online Banking to continue to the verification process and ensure your account security. It is all about your security. Thank you. and visit the customer service section.
     
  9. Naruto

    Naruto Administrator Staff Member

    From Bank Of America
    Return-Path: <online@secure.bankofamerica.com>
    Received: from 211.0.147.226, Japan, FBIT Communications Corporation
    Reply-to: <online@secure.bankofamerica.com>
    From: "Bank Of America" <online@secure.bankofamerica.com>
    Subject: Scheduled accounts maintenance and verification.
    Date: Fri, 29 Feb 2008


    Customer ID : 000-5432-654386-PSI

    Dear Bank of America customer,

    During our regualry scheduled accounts maintenance and verification procedures, we have detected a slight error regarding your account.

    This might be due to one of the following reasons:

    1. A recent change in your personal information (i.e. address changing)
    2. Submitting invalid information during the initial sign up process.
    4. Multiple failed logins in your personal account.
    3. An inabillity to accurately verify your selected option of payment due to an internal error within our system.

    Please update and verify your information by clicking the following link:

    Verify My Account Information

    *If you account information is not updated within 48 hours then your ability to access your account will be restricted.

    Thank you,
    Billing Department, Bank of America

    You can help us provide you with the most relevant information by taking a moment to tell us your e-mail preferences.
    And of course you can unsubscribe at any time.

    Remember, Bank of America is committed to your security and protection.

    To find out more, take a look at our Information Security section

    under Privacy and Security on the Web site.B

    Bank of America, N.A. Member FDIC. Equal Housing Lender
    © 2007 Bank of America Corporation. All rights reserved..................................
     
  10. dragonfire

    dragonfire Member

    online banking

    Remember:
    You are expected to complete this update not later than 2 working days from the receipt of this mail. Verification of your current details.
    Date: 25-03-2008


    Dear Valued Customer :

    During our regular update and verification of the Bank of America Online Banking Service, we could not verify your current information. Either your information has been changed or incomplete, as a result your access to use our services has been limited. Please update your information.

    To restore your online banking access, kindly update your information. You can update your online banking details by following the link below.

    Click here to update your account!

    Thank you for banking with Bank of America, the industry leader in safe and secure online banking

    Sincerely,
    Bank of America Customer Service


    Return-Path: <onlinebanking@alerts.bankofamerica.com>
    Received: from smtp23.orange.fr (smtp23.orange.fr [80.12.242.50]) France, PROJET MAIL ESSENTIALS
    Reply-To: <onlinebanking@alerts.bankofamerica.com>
    From: "Bank Of America" <onlinebanking@alerts.bankofamerica.com>
    Subject: Bank of America Unauthorized Account(s) Access (Secure Code: UB05-C0B1-A-1)
    Date: Tue, 25 Mar 2008
     
  11. Miyuki

    Miyuki Administratrix Staff Member

    From Bank Of America
    X-Originating-IP: 68.162.91.40, USA, Philadephia, versizon.net
    Return-Path: <norply@boa.com>
    From: "Bank Of America" ~norply@boa.com>
    Subject: Bank of America Unauthorized Account(s) Access (Secure Code: UB05-C0B1-A-1)
    Date: Mon, 14 Apr 2008


    Dear Bank Of America Customer,

    This is your official notification from Bank Of America. Your online account has expired. If you want to continue using our service you have to renew your online account. If not, your online account will be deactivated and deleted.

    To continue click here, complete the renew form with your current
    information.

    Many Thanks and Kind Regards - Bank Of America Bank - Update Department
     
  12. kanga

    kanga New Member

    I got one of these last week. I called the most local bank of america (nearly 200miles). I was given a tollfree # to report it, on that call I was asked to sent them the e-mail with headers. As to Quark I don't think Wells Fargo is doing any better at controlling these I got on of those today allong with this:

    X-YahooFilteredBulk: 75.126.36.234
    X-Originating-IP: [75.126.36.234]
    Return-Path: <nobody@www1.ppcomputers.com>
    Authentication-Results: mta454.mail.mud.yahoo.com from=bankofamerica.com; domainkeys=neutral (no sig)
    Received: from 75.126.36.234 (EHLO www1.ppcomputers.com) (75.126.36.234) by mta454.mail.mud.yahoo.com with SMTP; Sun, 20 Apr 2008 21:02:22 -0700
    Received: from nobody by www1.ppcomputers.com with local (Exim 4.68) (envelope-from <nobody@www1.ppcomputers.com>) id 1JnnCx-0005mu-Ia
    Subject: IMPORTANT - Verification of Your Current Details
    From: "Bank of America" <6453820.alert@bankofamerica.com> Add Mobile Alert
    Reply-to:
    MIME-Version: 1.0
    Content-Type: text/html
    Content-Transfer-Encoding: 8bit
    Message-Id: <E1JnnCx-0005mu-Ia@www1.ppcomputers.com>
    Date: Sun, 20 Apr 2008 23:00:47 -0500
    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - www1.ppcomputers.com
    X-AntiAbuse: Original Domain - yahoo.com
    X-AntiAbuse: Originator/Caller UID/GID - [99 32002] / [47 12]
    X-AntiAbuse: Sender Address Domain - www1.ppcomputers.com
    X-Source:
    X-Source-Args: /usr/local/apache/bin/httpd -DSSL
    X-Source-Dir: filetap.info:/public_html/kfi/includes
    Content-Length: 8786



    Remember:
    You are expected to complete this update not later than 2 working days from the receipt of this mail. Verification of your current details.
    Date: 17/04/2008


    Dear Valued Customer :

    During our regular update and verification of the Bank of America Online Banking Service, we could not verify your current information. Either your information has been changed or incomplete, as a result your access to use our services has been limited. Please update your information.

    To restore your online banking access, kindly update your information. You can update your online banking details by following the link below.



    Thank you for banking with Bank of America, the industry leader in safe and secure online banking

    Sincerely,
    Bank of America Customer Service


    Our paperless statements securely store your statements online for you to view up to 18 months of activity. Learn more.


    --------------------------------------------------------------------------------

    *Important*
    Because E-Mail Is Not A Secure Form Of Communication, This E-Mail Box Is Not Equipped To Handle Replies.
    If you are a Bank of America customer and have sensitive account-related questions, please call the phone number provided on your account statement or the appropriate phone number indicated in the following "Contact Us" link so we can properly verify your identity. For all other questions or comments, please use the Web forms available via Contact Us. We respect your privacy, and you can rest assured that we protect your information, including your email address, and will never sell or share it with marketers outside Bank of America.
    To find out more, please read our Privacy Policy. Bank of America E-mail, 6th Floor, 101 North Tryon Street, Charlotte, NC 28255-0001
     
    Last edited: Apr 21, 2008
  13. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    TWO Phish traps in one email

    Scammer has tried to get this one to work even if one site is removed, as there are two different URLs in the email. Used a UK ISP service to link to an "Orange France" email account:

    Received: from smtp20.orange.fr (mwinf2028 [172.22.130.128])
    by mwinf2020.orange.fr (SMTP Server) with ESMTP id 59A391DC3F7A;
    Mon, 2 Jun 2008 03:21:59 +0200 (CEST)
    IP address: 80.12.242.146 - smtp2b.orange.fr. (France Telecom Transpac) France
    Received: from User (unknown [82.152.39.239])
    by mwinf2028.orange.fr (SMTP Server) with ESMTP id 5F5A51C000B8;
    Eclipse Internet, Portland House, Longbrook Street,
    Exeter, Devon EX4 6AB. GB


    From: Bank of America
    Sent: Monday, June 02, 2008 2:22 AM
    To: undisclosed-recipients:
    Subject: Bank of America Alert: Message from Customer Service


    Dear Valued Customer :

    We recently have determined that different computers have logged in your Bank of America Online Banking account, and multiple password failures were present before the logons. We now need you to re-confirm your account information to us. If this is not completed by may 30, 2008, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner. In order to confirm your Online Bank records, we may require some specific information from you.

    To restore your account, please Sign in to Online Banking.

    thank you for using Bank Of America Online Service.

    --------------------------------------------------------------------------------

    Your account might be place on restricted status. Restricted accounts continue to receive payments, but they are limited in their ability to send or withdraw funds. To lift up this restriction, you need to login into your account (with your username or SSN and your password), then you have to complete our verification process. You must confirm your credit card details and your billing information as well. All restricted accounts have their billing information unconfirmed, meaning that you may no longer send money from your account until you have reactive your billing information on file. Sign in to Online Banking
    Thank You.


    Please do not reply to this message. If you have any questions about the information in this e-Bill, please contact your biller. For all other questions, call us at 800-887-5749.

    --------------------------------------------------------------------------------

    Bank of America, N.A. Member FDIC. Equal Housing Lender
    2008 Bank of America Corporation. All rights reserved

    The second link has been found and removed already. The first link is flagged by McAfee SiteAdvisor as a site designed to steal your identity or personal information.
     
  14. Quark

    Quark Moderator Staff Member

    Received: from User ([76.227.39.114]) by fijicare.com.fj
    From: "Bank of America"<alert@boa-system-message.com>
    Subject: New ALERT Message
    Date: Wed, 18 Jun 2008
    X-Return-Path: [alert@boa-system-message.com]
    Return-Path: [alert@boa-system-message.com]


    Dear Member,

    Please login to your Bank of America Account and visit the Message Center section in order to read the message.

    To Login, please click the link below:

    Bank of America Online Banking [Link says Reported Web Forgery! and is blocked]

    ©2008 Bank of America. All rights reserved.
     
  15. Ted

    Ted Emeritus

    Bank of America...

    Banking Day!! Hmmm... Time for a loan?


    Return-Path: <support@bankofamerica.com>
    Received: from User (unknown [78.153.208.135]) Ireland, Blacknight Pem Infrastructure
    From: "Bank of America" <support@bankofamerica.com>
    Subject: Update Your Bank of America Account Information
    Date: Sun, 6 Jul 2008


    Verify Your Account Information

    Due to the recent upgrade of our servers, we have issued this message:

    It has come to our attention that some of our customers no longer have access to their banking online. So, we have issued that all customers verify their online banking accesses.

    Please click on Verify Your Online Banking Access to continue to the verification process and ensure your account security. It is all about your security.

    Thank you.

    --------------------------------------------------------------------------------

    Bank of America, N.A. Member FDIC. Equal Housing Lender
    2008 Bank of America Corporation. All rights reserved
     
  16. dragonfire

    dragonfire Member

    From: [service@mail.com]
    Sent: 7/11/2008
    Subj: Protect Your Account

    Bank of America Internal Mail Box Notification
    Bank of America Higher Standards
    Online Banking Alert


    Dear VALUED CUSTOMER,

    We recently noticed some changes in your your BANK OF AMERICA Account Information's. However, we will like you to log into your account to confirm the change. By so doing this, normal transaction will continue within your accounts.

    This might be due to either of the following reasons:

    1. A recent change in your personal information ( i.e. change of address).
    2. Submitting invalid information during the initial sign up process.
    3. An inability to accurately verify your selected option of payment due to an internal error within our processors.

    Due to this, we require you to confirm and verify your account information by clicking the link below:

    [Link removed]

    If your account information is not confirmed and verified within a certain period of time then your ability to access your account would become restricted.

    Thank you

    Bank of America Account Management Department .

    Bank of America, N. A. Member FDIC. Equal Housing LenderEqual Housing Lender

    (c) 2008 Bank of America Corporation. All rights reserved.
    Designated trademarks and brands are the property of their respective owner
     
  17. dragonfire

    dragonfire Member

    There is a link but it shows a "404 error"

    From: [onlinebanking@bankofamerica.com]
    Sent: 7/19/2008
    Subj: Account Update

    Bank of America Higher Standards


    Online Banking Alert
    Online Banking Update Notification

    Dear Valued Customer,

    We have just completed a scheduled maintenance of our Online Banking SSL Server. You are therefore required to complete the "Update Account" feature which will enable your account (s) held at Bank of America to be Updated and properly secured.

    In order to complete this Update, kindly click on the "Update Now" button below:

    Update Now

    Thank you for choosing Bank of America.

    Because email is not a secure form of communication, please do not reply to this email.

    If you have any questions about your account or need assistance, please call the phone number on your statement or go to Contact Us at www.bankofamerica.com

    Bank of America, Member FDIC.
    ? 2006 Bank of America Corporation. All Rights Reserved.


    Return-Path: <onlinebanking@bankofamerica.com>
    Received: from 80.12.242.49, France, Mail Essentials Project
    abuse report to <abuse@orange.fr>
    From: "Bank of America" <onlinebanking@bankofamerica.com>
    Subject: Account Update
    Date: Sat, 19 Jul 2008
     
  18. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Site seems to have died.

    The "Phishing" site in post #16 seems to have died! :(

    Thank you very much for the information to DragonFire. :) (We had a private note of the URL).

    Thanks are due to the hosts at MD Webhosting in South Yarra, Melbourne, Victoria, Australia, who found and removed the site.;)
     
  19. dragonfire

    dragonfire Member

    X-Originating-IP: [190.21.61.156] Chile, Terra Networks Chile S.A.
    Send abuse report to [technical@corp.terra.cl]
    Return-Path: <customer-support_num_418ydt@bankofamerica.com>
    From: "Bank of America US" <customer-support_num_418ydt@bankofamerica.com>
    Subject: Bank of America: Verify Your Login Data
    Date: Sat, 02 Aug 2008


    Dear Bank of America customer,

    Security and confidentiality are at the heart of the Bank of America. Your details (and your money) is protected by a number of technologies, including Secure Sockets Layer (SSL) encryption.

    We would like to notify you that Bank of America carries out customer details confirmation procedure that is compulsory for all our customers. This procedure is attributed to a routine banking software update. Please visit our Customer Verification Form using the link below and follow the instructions on the screen.

    http www6 bankofamerica com confirmdetails jsp taskid 19kAbFCDefkayhfcyOrdn (It's dead)
    Bank of America Customer Service
     
  20. dragonfire

    dragonfire Member

    X-Originating-IP: [59.95.26.42] India, New Delhi, NIB (National Internet Backbone), Bharat Sanchar Nigam Limited
    Return-Path: <customer_support_num_50ynb@bankofamerica.com>
    From: "Bank of America USA" <customer_support_num_50ynb@bankofamerica.com>
    Subject: Bank of America: Details Activation
    Date: Wed, 13 Aug 2008


    Dear Bank of America customer,
    Security and confidentiality are at the heart of the Bank of America. Your details (and your money) is protected by a number of technologies, including Secure Sockets Layer (SSL) encryption.

    We would like to notify you that Bank of America carries out customer details confirmation procedure that is compulsory for all our customers. This procedure is attributed to a routine banking software update.

    Please visit our Customer Verification Form using the link below and follow the instructions on the screen.

    http www0 bankofamerica com confirmdetails jsp pid 19kAbFCDefkayhfcyOrdn

    Bank of America Customer Service
     

Share This Page