Our catch of phriday phish featured a particularly well-crafted email alleging to come from Bank of America. At first glance it looks authentic: official Bank of America graphics and text. The scammers even included warnings about identity theft and fraud in this message. (Click on the graphic below to see the full message text.)
Body of phishing scam allegedly from Bank of America
But if you look more closely, there are two tell-tale signs that this message is a scam.
- No reputable bank is going to send customers email that reveals other customers’ email or contact information. Take a look at the way this message was addressed: (Click on the graphic below to see a larger image.)
"Confidential" information sent to multiple addresses. A sure sign of a scam!
- Hover your mouse over one of the links. I doubt that Bank of America wants you to go to a server in Sweden (.se) to enter your personal information. Don’t follow any of the links in this message. Just delete it. (Click on the graphic below to see a larger image.)
Hover your computer mouse to see where the link really goes.
Are you a Bank of America customer who wants to check on your account? Don’t follow any of the links in this phish; instead, log in to the Bank of America site as you ordinarily would and look for security messages.
See a message like this one? Delete it.
PNC Bank has cautioned us about a scam they are seeing at branches near college campuses. The scam takes advantage of college students’ naivete and desire for part-time work. In one case, the scam job advertisement was listed at a college’s official placement office.
Here’s how it works:
- A student responds to an online ad or to email inviting applications for personal assistants, secret shoppers, that sort of thing.
- The student receives email saying, “You have the job!”
- The “employer” gives the student a task: “Help me transfer some money between my bank accounts.”
- The scammer sends the student one or more money grams, money orders, or other commercial wire transfers.
- The instructions are, “Deposit the money orders in your account, then have your bank wire me the money, but keep $XX for yourself.” ($XX could be $25, $35, $100 — some small fraction of the amount being sent.)
What the student doesn’t know is that he or she has received a fraudulent or stolen money gram or money order and that he or she could be liable for the entire amount of the transaction.
Never accept money from unknown persons who want to give you a sum of money to hold then transfer back to them.
Below is an excerpt from the notification we received from PNC:
Subject: Fraud Attempts
- A female student deposited two $925 money grams yesterday at the Ben Franklin office of PNC. During the conversation with the Head Teller, she said she found a job as a personal assistant. When she came in today, the Branch Manager had a further conversation with the student. She said she found the job through her college placement office, and that the person lived somewhere else. The Branch Manager asked if she had to send money back. The student initially said no, but then told her that money was supposed to be transferred to another account.
- Today, a student presented two Money Gram money orders, each for $925.00, for deposit at the Farmers office of PNC. The teller began to question her as to where the money orders came from, and if she knew the person who sent them to her. She told the Teller they were from her employer, who travels extensively, and that she was to run some errands for him. In response to further questioning, she told the Teller that she was to keep a small portion of the funds, and send the remainder via Western Union to the Philippines. The Teller explained that this was a scam, and that the student would be personally responsible in the event that these money orders were returned. The Teller then placed a call to our Loss Prevention Department, who also confirmed that it was fraud.
Scammers are targeting students who are looking for employment. The scammers have been placing ads looking for personal assistants, secret shoppers, nannies, etc. Please, let’s make the students aware that they must be VERY cautious of online job offers, and of any individual asking a student to send monies back to them after depositing a check or money order.
Brian E. Tymon
Vice President, University Banking
Oh, no, I’ve received email that my Wachovia Bank account has been suspended!
This phish would be moderately effective if it didn’t refer to a bank that no longer exists! Wachovia was bought by Wells Fargo over a year ago. Besides, as the screen shot below indicates, the link in the email message does not go to a Wells Fargo (or Wachovia!) address.
Just delete it.
Phishing scam allegedly from a bank that no longer exists!
Verizon recently sent out a phishing warning to many of its customers.
Recent phishing email has gone out with the Verizon logo and a link that LOOKS like a legitimate link. However, when you follow the link you go to a “pharming” site–a web site designed to harvest your personal information for criminal purposes–in this case, your bank account or credit card information.
After including an image of one of the recent scams, Verizon provided some very sound advice and announced a change in their policy (Emphasis added.):
To avoid getting hooked by such bogus emails, here are some tips to help safeguard your personal information:
- Do not open suspicious emails. Look for misspellings, awkward requests or inconsistent grammar.
- A Web site link included in an email can make getting to a Web site easy, but it can also be used to send you to a malicious Web site.
- If you have doubts about the authenticity of an email, do not click on any links in the email – instead, type the Web site or Web page address into the ‘address bar’ of your browser.
- Never type sensitive personal information, such as social security and/or driver license numbers or account numbers and/or passwords, in a reply email.
- Use spam filters to block suspicious emails.
- Use anti-virus and anti-malware software to automatically detect and eliminate malicious software.
- The best practice when you find a phishing email is to either immediately delete it or report it to the company or organization being impersonated. Like Verizon’s firstname.lastname@example.org mailbox, many companies have set up an ‘abuse’ or ‘security’ mailbox to receive those reports and provide customer assistance.
Finally, in order to provide you with additional confidence in Verizon alert messages going forward, Verizon will be removing live ‘clickable’ links from any alert messages we send you regarding payment processing problems or credit card and/or bank account issues. You can continue to access and make changes to your account any time of the day or night at www.verizon.com.
We quote the Verizon email at length because it provides such good advice and because it announces Verizon’s new policy NOT to include links in a variety of different billing and customer service email messages.
Stay safe. Keep deleting those phishing scams.
Last month, we talked about fake notices that an electronic payment has failed. Well, these phish are really multiplying. One IT staff member received 43 (!) messages like that in the past week.
Even if they have the NACHA logo and are formatted appropriately, they’re still phish. In the sample below, note how the alleged link to a Word file really takes you to a suspect Web site.
If you think there’s an issue with an electronic payment to your bank account or from your bank account, contact your bank directly.
If you get email like this message, just delete it.
Fake ACH notification: Another Phish!