Bank of America Phishing Scam
Home ScamsPhishing Scams Bank Of America ‘General Account Update’ Phishing Scam

Bank Of America ‘General Account Update’ Phishing Scam

by Brett M. Christensen

Outline:
Email purporting to be from Bank of America claims that the recipient’s account has shown unusual activity and that he or she must sign in to verify bank login details.

Note: The particular scam discussed here took place back in 2012. However, similar scam emails have continued to hit inboxes in the years since.




Brief Analysis:
The email is not from Bank of America. In fact, the message is a phishing scam designed to steal bank login details and other personal information from Bank of America customers.

Example:
Subject: Bank of America Warning : Error StatementGeneral Account Update from Bank of America
Sign in nowYour Bank of America account showed unusual activities this morning.What to do next?
Sign in now to verify your logon details.
If you feel this message has been sent to you in error.Go to your online account and check your current balance(s) for your account(s)We appreciate your business. It’s truly our pleasure to serve you. Bank of America Message Center.
Forgot your Online ID and/or Passcode?

Bank of America Phishing Scam





Detailed Analysis:
According to this “error statement” email, which purports to be from Bank Of America and arrives complete with seemingly official Bank Of America graphics and formatting, “unusual activities” have been detected on the customer’s account. The customer is instructed to follow a link in the message to sign in and verify account login details.

However, the email is not from Bank of America and the supposed account problems outlined are just a ruse designed to trick recipients into clicking one of the links in the message. In fact, all links in the email lead to a bogus website designed to emulate the real Bank of America website. Once on the bogus website, victims will be instructed to sign in by entering their banking login details. After they have “logged in” on the bogus site, they may then be asked to provide further personal and financial information, ostensibly as a means of verifying their account and resolving the errors. Login details and any other personal information provided will be collected by Internet criminals and subsequently used to hijack real Bank of America accounts and use them for fraudulent activities and identity theft.

The care and detail with which the scam email has been created makes this phishing scam attempt a little more sophisticated than some other such attacks and may fool at least a few bank customers into supplying the requested details.

Like many other institutions, Bank of America has been repeatedly targeted by cybercriminals and further such phishing attacks are likely. Be very wary of any email that purports to be from your bank and claims that you must click a link or open an attachment to supply login details and other private information. Banks and other types of financial institutions are very unlikely to ask customers to provide such information via an unsolicited email. Always log in to your bank’s website by entering its web address into your browser’s address bar rather than by clicking a link in an email.

The Bank of America website has information about recognising and reporting any fraudulent emails that you may receive.




Last updated: November 6, 2016
First published: April 23, 2012
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams – Anti-Phishing Information
Bank of America – Report a Suspicious Email
Bank Of America “Access Suspended” Phishing Scam Email

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer