The Bank of America is the 2nd largest bank in the United States by assets which makes it a lucrative target for cyber criminals. Today, HackRead has identified a phishing scam targeting the Bank of America customers.
Cyber criminals are sending emails to unsuspecting users pretending to be representatives of the Bank of America. In the email, the sender is informing users that for their security, the bank has put limits on their account and the only way to get rid of limits is to confirm that they own the account.
Whoever has sent the email has a terrible grammar, but it’s our responsibility to inform users therefore here’s the full preview of the phishing email.
“Dear User: You have “same” usage limits in order to protect your “priority.” The limits will be lifted after confirming your “informations.” You “need just” to confirm your information by “follow” the next steps: Click the link below to open a secure browser window. Confirm that you’re the owner of the account, and then follow the instructions.”
The supposed confirmation can only be done when the victim clicks on the link given in the email to sign in. However, in reality, clicking on the link will redirect the victim to another fake page asking them to sign in with their Online ID and passcode.
Once signed in, the cyber criminals already have victim’s login credentials, but they want more, therefore, the victim has to fill a form with their personal and financial information and click continue.
The details a victim needs to enter include first and last name, address, city, zip code, mobile number, email address, credit card number, card expiry date and CVV number.
Upon clicking the continue tab, the victim is taken to yet another fake page which shows a message stating that “Please synchronize your BOA account with your email to secure every transaction by card.”
In reality clicking the Synchronize tab is the second part of this phishing scam in which cyber criminals aim to steal the victim’s email account credentials
Although, this is enough to identify that it’s a phishing scam if an unsuspecting user decides to “Synchronize” their account and log in with their email it will result in losing their account. But to make things look real, the cyber criminals have designed the Hotmail page in a way that by clicking the “Login” tab they will be taken to the official Outlook page.
HackRead has identified that this scam is being run through a Russian hosting provider “Beget.” The scammers are using [http://sgfreef7.beget.tech] domain to host the scam.
We have informed the hosting provider about the scam and hopefully, it will soon be shut down. However, one has to give credit to scammers who, despite their terrible grammar, did an excellent job in designing these fake login pages.
The login and security page looks like the official BOA page, and without any doubt, if correct English grammar was used the scam would have tricked a lot of unsuspecting users since the email is delivered directly to the inbox and not the spam folder.