Bank of America phishing attack hits customers

Phishers are once again targeting Bank of America customers, warns Malwarebytes’ Chris Boyd.

He doesn’t say it, but it’s likely that the potential victims are directed to the phishing site via spam email impersonating the bank and telling them their online banking option has been deactivated due to suspicious activity.

The link leads to a page containing instructions on how to verify account information:

More knowledgeable users might find if suspicious that the page’s URL has nothing to do with BoA, but many will surely download and open the offered verification file.

When they do, they will be taken to the actually phishing site (at Alertfb(dot)pw/site/IrregularActivityFile(dot)html), where they will be asked to fill out a few forms with personal information (name, date of birth, address, phone number, social security number, mother’s maiden name, driver license number), email address information (email address, password), and payment card information (number, expire [sic] date, CVV).

The phishers also ask for the answers to the three security questions the users set up during their initial registration with the bank.

Once again, the URL has nothing to fo with BoA, and some of the images on the site are broken, but unfortunately there are always some users that will not notice things like that and believe the request to be legitimate.

If you fall for a scheme like this, contact your bank as soon as possible and inform them of the matter, so that they can block any unauthorized transactions as soon as possible, change the information that can be changed (security questions), and issue you a new payment card.

You should also immediately go change your email password (and enable the 2-step verification feature, if possible), and be aware that with all that personal information the phishers managed to get out of you, you can be easily become a victim of identity theft in the future or be targeted by skillful scammers.