A surprisingly well done spoof of a Bank of America notice is making the rounds and is convincing enough to trick a number of email recipients:
Subject: IMPORTANT – Account Deactivation Notice
From: Bank of America Alert <firstname.lastname@example.org>
The email, actually sent from foreign servers, warns:
We have noticed that you need to resolve important security issues on your account to prevent temporal deactivation. It is therefore recommended that you complete this process. Your security is important to us.
Please click on the link below to resolve this issue:
Here’s a copy of the full message:
The email itself is very well designed and the trick is that the actual hyper-link is not what is displayed in the message, but instead leads to sites such as:
Which are used to redirect to sites such as:
Once the visitor has been drawn to the redirected and spoofed Phishing site, they are presented with a very realistic looking Bank of America login page:
While most of the hyper-links on this page actually do lead to the real Bank of America web site, the login process will instead provide your credentials to the spammers behind this email con campaign.
You will then be presented with a form that asks for pretty much all of your financial data, including account numbers, passwords, address, credit cards and practically everything else needed to effectively steal your identity.
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.