Bank of America fraud attempt Heads Up

Go this today on Hotmail.


The sender of this message, notice@Bankofamerica.CoM, could not be verified by Sender ID. Learn more about Sender ID.

From : Bank Of America <notice@Bankofamerica.CoM>

Subject : Account Blocked

http://img89.imageshack.us/img89/9089/boa10bk.png

Went to hxxps://www.bankofamerica.com/cgi-bin/ias/GotoReset

http://img89.imageshack.us/img89/8757/boa23xw.png

What's unusual i find, is that the https from the official one is the exact same one which shows the error page !


StevieO

 

Here is an analysis of the email

"However, the link is the most interesting object here. It uses a weakness in the bankofamerica.com site. There is a page there, that would redirect to a URL passed to it. This enables scammers to form a link, which looks like it points to the legitimate site (and in fact, it does!), but passes the scam URL to the redirect page (practically pasteing the scam link after the legit one). To make the phish URL unrecognizable, the scammers have encoded it. This way, the link is functional, but the scam URL is unreadable to a human inspection."

Pretty clever!

Opera flagged the Security Certificate.

---

 

Hi Rmus,

Does this mean that the've started up again an exploit that's been dormant for a while, as the link shows the one on there from last year ?

Thanks for the explanation and info/link.


StevieO

 

Hello, SteviO,

I don't know - I was also surprised to see last year's date.