Recently, experts discovered a new form of phishing attackers use to trick consumers. They use the Bank of America notifications to inform users that someone used an invalid login to get access to their accounts. They then create an emergency narrative from this, indicating that the activity should result to the suspending of their account if they decide not to take any action. Obviously, there is a cause for alarm as these are phishing tactics that lure users to a website that attempts to steal their information.
Michael Brown, the Semalt Customer Success Manager, tells that in the past, hackers have used the same methods over and over again. It seems to be a phishing rule which involves a certain bank. The reason why they use these methods exhaustively is that they show results, and in most cases, to their benefit. With the right credentials, as well as the appropriate passwords, phishing hackers can clean out a person's bank account.
The email that they use resembles one that the bank would send. However, for an unknowing user, it could trick them into believing that it is indeed an email from the Bank of America. Inside the email, is a detailed account of how an invalid IP address attempts to log into an account illegally. It then suggests that the bank will consequently suspend the account as a security measure. For the user to access the billing information, there is an embedded URL, which asks the user to verify the user's details. Further, the email expires after 24 hours.
Looks believable, right?Phishing is an illegal activity, carried out by cyber crooks who try to disguise themselves as a trusted entity. From the example provided above, the cyber crook made it seem like they were the Bank of America. They claim to be a service team member working with the bank to help the account holder. Phishing emails have one common characteristic which is that it contains an attachment or an embedded link which urges users to download or click.
The link provided in the email redirects to a fake website that attempts to phish data from visitors. However, good news for users is that the site was recently taken down. From what people know about phishing sites, maybe from experts or personal experience, there is a high likelihood that when the site was alive, it asked users to part with the Bank Details such as the Bank of America's login and password. They may have gone ahead to ask more personal information in case the web portal required them.
Spam and phishing scam emails bombard the internet and account for the billions of messages sent to internet users in a day. As much as there is a reported decline in the number of spam emails sent globally, users need to know how to spot one and protect themselves. The golden rule here is always to remember not to give out any personal information from people working through sites that look suspicious. Next, if one receives an email similar to the one described above pretending to come from the Bank of America, it is imperative that they do not click on it.