October 4, 2008 1:39 pm GMT
Gone fishing … Sorry… phishing: Bank of America
by Gary IllyesI received a mail. Ok, I receive many but this was exciting:
Dear Bank Of America customer,
Protecting the security of our customers and the Bank Of America network, as a preventative measure, we have temporarily limited access to sensitive account features. To restore your account access, please take the following steps to ensure that your account has not been compromised:
After updates :
1.Login to your Bank Of America Online Banking account. In case you are not enrolled for Online Banking, you will have to fill in all the required information, including your name and you account number.
2. Review your recent account history for any unauthorized withdrawals or deposits, and check you account profile to make sure not changes have been made. If any unauthorized activity has taken place on your account, report this to Bank Of America staff immediately. To get started, please click the link below: http://update.Bankofamerica.comThis alert has been sent to you based on your preferences. If you would like to make any changes to your Online Banking Alerts service, please sign in to Online Banking and visit the Manage Alerts section. Because your reply will not be transmitted via secure e-mail, the e-mail address that generated this alert will not accept replies. If you would like to contact Bank of America with questions or comments, please sign in to Online Banking and visit the customer service section.
Bank of America, N.A. Member FDIC. Equal Housing Lender
©
2007 Bank of America Corporation. All rights reserved
Obviously, this is a phishing email. The link you see in the message body pointed to a webpage which looked like a Bank of America page, basically it was a form where I could fill in all my details then send to the hacker which set the page up.
What you don’t see, is the message header. The envelope address’s domain was a private website’s, much likely it was hacked. The domain was andyhefele.com, a really not offensive website, which consist of 3 pages, including the home page.
Another interesting thing is the sender’s IP. Guess what, it’s an IP from Ukraine from the 92.113.128.0 – 92.113.191.255 range, and is under UKRTELECOM’s management.
You can do anything you want with these messages, but don’t answer them and don’t click ANY link from within the message. Well, if you want to loose money or your personal data, then click…
Logi on Sat, 4th Oct 2008 8:55 pm
Thanks.It’s always good to know those kind of information.
methode on Sat, 4th Oct 2008 9:12 pm
Yeah, it’s very useful. I wish everyone would be smart enough to check everything before sending any personal data over the web or clicking links in emails.