Exclusive: The Bank of America is the 2nd largest bank in the United States by assets which makes it a lucrative target for cyber criminals. Today, HackRead has identified a phishing scam targeting the Bank of America customers.
Cyber criminals are sending emails to unsuspecting users pretending to be representatives of the Bank of America. In the email, the sender is informing users that for their security, the bank has put limits on their account and the only way to get rid of limits is to confirm that they own the account.
[irp posts=”53215″ name=”New iCloud Phishing Scam steals credit card data, access device’ camera”]
Whoever has sent the email has a terrible grammar, but it’s our responsibility to inform users therefore here’s the full preview of the phishing email.
“Dear User: You have “same” usage limits in order to protect your “priority.” The limits will be lifted after confirming your “informations.” You “need just” to confirm your information by “follow” the next steps: Click the link below to open a secure browser window. Confirm that you’re the owner of the account, and then follow the instructions.”
Screenshot of the phishing email
The supposed confirmation can only be done when the victim clicks on the link given in the email to sign in. However, in reality, clicking on the link will redirect the victim to another fake page asking them to sign in with their Online ID and passcode.
Screenshot of the bank of America’s fake login page
Once signed in, the cyber criminals already have victim’s login credentials, but they want more, therefore, the victim has to fill a form with their personal and financial information and click continue.
The details a victim needs to enter include first and last name, address, city, zip code, mobile number, email address, credit card number, card expiry date and CVV number.
Screenshot of the fake page asking users to enter their personal and banking details
[irp posts=”51338″ name=”New Phishing Scam Targets Digital Payment and Online Banking Users”]
Upon clicking the continue tab, the victim is taken to yet another fake page which shows a message stating that “Please synchronize your BOA account with your email to secure every transaction by card.”
In reality clicking the Synchronize tab is the second part of this phishing scam in which cyber criminals aim to steal the victim’s email account credentials
Screenshot of the fake Hotmail phishing page
Although, this is enough to identify that it’s a phishing scam if an unsuspecting user decides to “Synchronize” their account and log in with their email it will result in losing their account. But to make things look real, the cyber criminals have designed the Hotmail page in a way that by clicking the “Login” tab they will be taken to the official Outlook page.
Original Outlook page where victims are diverted
HackRead has identified that this scam is being run through a Russian hosting provider “Beget.” The scammers are using [http://sgfreef7.beget.tech] domain to host the scam.
We have informed the hosting provider about the scam and hopefully, it will soon be shut down. However, one has to give credit to scammers who, despite their terrible grammar, did an excellent job in designing these fake login pages.
The login and security page looks like the official BOA page, and without any doubt, if correct English grammar was used the scam would have tricked a lot of unsuspecting users since the email is delivered directly to the inbox and not the spam folder.
[irp posts=”52731″ name=”Beware; Sophisticated Phishing Attacks Using Unicode Characters”]
Sponsored: DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.
