Vincent Arnold

This just makes my blood boil and is the reason I am so interested in Information Security. My wife received an email alledgedly from Bank Of America stating that they had observed “Irregular Check Card Activity.”

Yeah, right…Being trained by her employers not click on any links in these emails and having that same training repeated incessantly by me, she knew not to click on any links in the email. I do ask her to send me the email whenever she gets one so I can examine it. The first thing you will notice is that the URL’s don’t point to anything closely related to Bank Of America. The URL, if you hover over it in the HTML email section shows:
http://pool-71-116-237-41.lsanca.dsl-w.verizon.net/redirect_boa.html

Not sure what is on the other end of this link but it is no doubt bad is part and partial the reason security professionals have jobs these days. If you compare this to a real alert from Bank Of America, it’s not even close. I don’t have time to detail all of what’s wrong with this phishing email but lets just say any user could compare this to a real alert from Bank Of America and they would notice the difference right away.

Oh and just remember, don’t try this at home.

This entry was posted on Monday, May 14th, 2007 at 7:40 pm and is filed under Scams.