09.09
I usually don’t see many phishing attempts in my inbox as I am make heavy use of GMail’s “Report Spam” feature. If I receive anything I don’t want and it was unsolicited, it’s marked as spam, end of story. Today, I received a rather pathetic attempt at phishing for a bank account.
From: Bank of America Security Center
Subject: Unauthorized ActivityDear Bank of America client,
You have received this email because you or someone had used your account from different locations.For security purpose, we are required to open an investigation into this matter.
In order to safeguard your account, we require that you confirm your banking details.
The help speeed up to this process, please access the following link so we ca complete the verification of your Bank of America Online Banking Account registration information.
http://0×40164870/www.bankofamerica.com/sslencrypt218bit/online_banking
If we do no receive the appropriate account verification within 48 hours, then we will assume this Bank of America account is fraudulent and will be suspended.
The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community. We appreciate your support and understanding and thank you for your prompt attention to this matter.
That’s the actual email. I mean, did a blind kid with a few fingers missing type this or just a Chinese student who’s learned the basics to English find they’re short on rent this month? First of all, the URL isn’t even abstracted to look like a real Bank Of America URL.
News flash idiot: 1) Bank of America emails come from Bank of America’s domain, 2) They’ll at least run a spelling/grammer check, 3) an account cannot be fraudulent, that makes no sense at all, even less so that the bank would suspend any account (they’d suspend activity, there’s a difference), 4) banks hardly put a rush on any activity required by the customer, so the 48 hours thing is just crap, and lastly 5) most banks that send these kinds of alerts out let you see the alerts from their homepages.
I’m not sure who this was intended to fool.