Bank of America customers under phishing attack

Bank of America customers, beware – the old “account suspended” warning purportedly sent by your bank’s Cardmember Services is hitting inboxes once again.

“During our usual security enhancement protocol, we observed multiple login attempt error while login in to your online banking account,” the email says. “We have believed that someone other than you is trying to access your account for security reasons, we have temporarily suspend your account and your access to online banking and will be restricted if you fail to update.”

According to PhishTank, the offered link takes potential victims to a very realistically spoofed Bank of America login page:

The fake webpage was located on http://account.safe.bankofamerica.com.flipthisbod.com/home/sign-in/, but has since been made unavailable. Still, the URL in the email can be easily changed to point to another page, so be careful!

If you aren’t sure whether the email is legitimate or not, check your account but do not do it by following the link embedded in the email – type in the correct, legitimate URL in the browser’s address bar, or use already set up bookmars.