WARNING E-mail scammers have recently
launched two nearly identical campaigns to dupe users into
divulging their bank account information and other personal
data, and they're meeting with some success.
The two scams, both of which started in the
past two weeks, take the form of e-mail messages that tell
recipients that there is a problem with their online banking
account.
The messages include links to Web sites where
the recipient is asked to enter either his online banking user
name and password or some other sensitive information.
In the most recent instance, customers and
noncustomers alike receive an e-mail that appears to come from
the Bank of America customer support department.
There are several misspellings and
grammatical errors, however, that make it easy to identify the
message as a fake.
The message arrives from custommersupport@
bankofamerica.com with a subject line reading: "Security
Server Update." The text of the message includes a graphic
header taken from the bank's home page.
The message reads, in part:
"Dear Valued Customer, Our new security
system will help you to avoid frequently fraud transactions
and to keep your deposited funds in safety.
CAVEAT E-MAIL
-
Internet bank scams typically: Ask
for confidential information via e-mail or a Web site Appear
to originate from a legitimate bank e-mail address Usually
contain spelling or grammatical errors Come from banks that
recipients don't use
-
Due to technical update we recommend you to
reactivate your account. Click on the link below to login
and begin using your updated Bank of America account."
-
The URL in the message points to a page
that has been disabled. The IP address for the URL is
registered to ISP Verio Inc.
-
Bank officials contacted the Secret Service
to help in the investigation. "We're working diligently with
the authorities to try and identify the person or people
behind this," said a spokeswoman at Bank of America, in San
Francisco. More than 75 customers have apparently responded
to the scam, and bank officials are working to change their
passwords.
-
The Bank of America scam comes a week after
news of a similar hoax involving First Union Bank came to
light.
-
The First Union scam involves an e-mail
that asks recipients to go to a Web site and enter some
personal information. The site, which has been taken down,
also automatically downloaded a Trojan horse application
onto visitors' PCs.
-
The First Union and Bank of America e-mails
seem to be sent to random e-mail addresses, similar to
spam.
