Wells Fargo Online Fraud Prevention – Spam – Fraud

One of the “better” Wells Fargo Phishing frauds we’ve seen lately (and there are a lot to choose from) arrives as:

Subject:     Wells Fargo Online Fraud Prevention.
From:     “Wells Fargo Online”<wellsfargo@wellsconnect.wellsfargo.com>

The basic pitch:

Wells Fargo’s Internet Services Group Fraud Operations would like to verify some recent activity on your account.

Here’s a complete copy of the fraudulent spam email:


Wells Fargo Online Fraud Prevention - Spam

Click for Larger Image

Not only is the email reasonably compelling but what we really appreciate (using the term loosely) is the very well designed Phish Bait page where visitors are supposed to “log in” such as:


Wells Fargo Online Fraud Prevention - Phishing Page

Click for Larger Image

This particular campaign spoof the “wellsfargo@wellsconnect.wellsfargo.com” address and are instead sent via Yahoo’s vast email network taking advantage of their apparently ineffective security policies.

Delivery headers show such messages originating from, and passing through multiple Yahoo servers, for instance:

  • [0]: ‘from nm28-vm1.bullet.mail.ac4.yahoo.com ([]) by MailFilter1.onlymyemail.com with smtp (Exim 4.76) (envelope-from <wellsfargo@wellsconnect.wellsfargo.com>) id 1QOU8f-0000Vd-F6 for webmaster@internetfrontiers.com; Mon, 23 May 2011 08:21:37 -0400’
  • [1]: ‘from [] by nm28.bullet.mail.ac4.yahoo.com with NNFMP; 23 May 2011 12:21:37 -0000’
  • [2]: ‘from [] by tm9.bullet.mail.ac4.yahoo.com with NNFMP; 23 May 2011 12:21:37 -0000’
  • [3]: ‘from [] by smtp105.biz.mail.bf1.yahoo.com with NNFMP; 23 May 2011 12:21:37 -0000’
  • [4]: ‘from User (wellsfargo@ with login) by smtp105.biz.mail.bf1.yahoo.com with SMTP; 23 May 2011 05:21:36 -0700 PDT’


- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: , , ,

Comments are closed.