Scam of the day – October 1, 2017 – Secure bank message phishing scam

According to a recent report by the security company, Barracuda, scammers are emailing what appear to be secure messages from your bank that require you to download what appear to be important secure documents, but in truth are malware programs such as ransomware.  The messages appear to come from different banks such as Bank of America or, in the case of the email message copied below, TD Bank.

In many instances, the people being targeted by these emails may be people using the private bank services of many banks reserved for wealthier customers, who may be more susceptible to downloading the attachments under the false impression that they are secure.

TIPS

You can never be sure when you receive an email who is really sending it.  These particular phishing emails are quite sophisticated with real looking logos (which are easy to counterfeit) legitimate appearing email addresses that appear to be sending the emails and the message is well written with proper grammar.  But as I always warn you, “trust me, you can’t trust anyone.”  Along with making sure that you have installed the most updated version of your security software, you should never click on a link or download an attachment until you have independently confirmed that the message sending it is legitimate.  In this case, a simple phone call to your bank would let you know that this is a scam.

Scam of the day – November 15, 2015 – Bank of America phishing email

Here is another good example of a phishing email.   It makes for compelling reading, but it is a scam.  Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.  They are a staple of identity thieves and scammers and with good reason because they work.  As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur.  Here is a copy of a new phishing email that appears to come from Bank of America that is presently circulating.  This particular one came with particularly good looking graphics and a Bank of America logo, but it is a scam.

Security Alert
BankAmerica account ending in ****
Unusual account activity detected
Dear Customer,
We detected unusual activity on your Bank of America account on 11/07/2015. For your protection, please verify this activity so you can continue making transactions without interruption.
Please sign in to Online Banking or visit Online Banking at www.bankofamerica.com to review and verify your account activity, or you can call us immediately at 1.800.383.0618in the U.S.; international customers please call collect via the international operator at757.677.4701. After verifying your credit card transactions, we’ll take the necessary steps to protect your account from fraud.
If we don’t hear from you, unfortunately certain limitations may be placed on your account.
Please disregard this notice if you have already taken the required action.

Security Icon Your last sign-in was 11/07/2015
To verify that this email is from Bank of America, confirm your last sign-in date is correct. To access Online or Mobile Banking, go directly to bankofamerica.com or use our Mobile Banking App.
Remember: We never ask for private information such as an account number, card PIN, or Social Security or Tax ID number in email messages. If you think an email is suspicious, don’t click on any links. Instead, forward it to abusee@bankofamerica.com and delete it.

This is a service email from Bank of America. Please note that you may receive service emails in accordance with your Bank of America service agreements, whether or not you elect to receive promotional email.
Read our Privacy Notice.
Please don’t reply directly to this automatically generated email message.
Bank of America Email, NC1-028-09-01, 150 N College St., Charlotte, NC 28255
Bank of America, N.A. Member FDIC. Equal Housing Lender http://www.bankofamerica.com/help/equalhousing.cfm
В© 2015 Bank of America Corporation. All rights reserved

TIPS

Some indications that this is a phishing email is that the email address from which it was sent had nothing to do with Bank of America, but most likely was from a computer that was part of a botnet of computers controlled remotely by the scammer.  In addition, legitimate emails from your bank would include the last four digits of your account rather than just **** as appears in this email.  They also would not use the generic “Dear Customer,” but would rather specifically direct the email to you by your name.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call your bank at a telephone number that you know is accurate and you will be able to confirm that it is a scam.

Scam of the day – August 26, 2015 – Bank of America security message scam

This is another phishing scam that is making the rounds these days.  It appears to be a legitimate email from Bank of America informing you that due to upgrades being done to the Bank of America computer systems, it is necessary for you to confirm personal account information in order to maintain your account.  Of course, if you click on the link contained in the email, you will only succeed in either unwittingly downloading keystroke logging malware that will steal your personal information from your computer and use it to make you a victim of identity theft or you will be sent to another website that prompts you to provide your personal information directly, which then wil be used to make you a victim of identity theft.  Either way you lose.  Here is a copy of the email presently being circulated:

“Member:

We need you to confirm your Bank of America account due to our new upgrading. It is mandatory that you confirm your details through our secure link below.

CONNECT
Thank you for your co-operation.
Bank of America Admin
Copyright © 2015 BOA Inc.”

TIPS

There are a number of ways to know that this is a phishing scam.  First of all, if you are not an account holder at Bank of America, you can rest assured that the email is a scam.  Unfortunately, there are so many people that are account holders at Bank of America, the scammers just send out the email in large numbers hoping to reach Bank of America account holders among the random people being sent the email.  The email address from which it is sent was not that of Bank of America, but rather that of a private individual whose email account was hacked, taken over and made part of a botnet to send these emails in large numbers.  Because you can never be sure whenever you receive an email that asks you to provide personal information whether it is legitimate or not, the best thing to do is to remember my motto, “trust me, you can’t trust anyone” and confirm whether it is legitimate or not by calling the real company, in this case Bank of America to learn whether or not the email is phony or not.  Chances are, you will be told that it is a scam.

Scam of the day – July 4, 2013 – Customer satisfaction survey scam

This scam starts innocently enough when you receive an email asking you to fill out a customer satisfaction survey for a major company, such as Bank of America.   In return for completing the survey you are promised a valuable gift card.    After a few appropriate questions, however, the survey asks for some personal information from you such as your credit card number, or your Social Security number.  This is where the identity theft begins.  Even though the email with the survey appears to be legitimate and even carries the logo of a legitimate company, the truth is that the logo is counterfeit and the email is not from a legitimate company, but rather from an identity thief who is merely trying to lure you into providing information such as your credit card number or Social Security number in order to make you a victim of identity theft through a technique called phishing, whereby the identity theft tricks you into providing information by posing as a legitimate company.

TIPS

No legitimate survey requires personal information from you of a nature such as your credit card numbers or Social Security number that can be used to make you a victim of identity theft.  You should never provide such personal information in response to any email because you can never be sure that the email is legitimate.  If you are every asked for such information and even if it appears to be a legitimate request, you should check out the legitimacy of the email request by calling the company or governmental agency at a number that you know is accurate to confirm whether or not the request is indeed legitimate.  You can also Google the company doing the survey and add the word “scam” to your Google search to see what comes up as well.  Finally, as I have warned you many times before, you should never click on links in emails you receive until you have confirmed that they are legitimate.  Otherwise you run the risk of downloading a keystroke logging malware program that can steal all of the information from your computer and make you a victim of identity theft.

Scam of the day – June 18, 2013 – National Mortgage Settlement scam

As I have told you previously, in February of 2012 through the joint efforts of 49 state attorneys general as well as federal authorities a 25 billion dollar settlement was reached with the country’s five largest mortgage servicers, namely Ally/GMAC, Bank of America, Citi, JPMorgan Chase and Wells Fargo.  Funds from the settlement are to be paid to harmed borrowers as well as to the states and federal government.  The claim involved unfair and deceptive mortgage practices.  Initial payments to borrowers who have already filed claims started on June 10th.  Unfortunately, scam artists have been contacting homeowners representing that they are with the banks involved.  They ask for your checking account number and bank routing number in order to facilitate a payment to you under the settlement.  This is a scam.  Banks will not be contacting you and if they did, they would already know your account number and the routing number of the bank.  These scammers are only seeking these numbers in order to create counterfeit checks and empty your checking account.  Other scammers are contacting victims and telling them that for a fee, they can facilitate early payments under the settlement to the victim.  This too is a scam.  No one can get you your settlement payment, if you are owed one, any quicker for a fee.

TIPS

For information about the settlement program that you can trust go to the following link http://www.nationalmortgagesettlement.com/ which is the link for the website of the National Mortgage Settlement set up by the state attorneys general who got the settlement.  In particular, you will want to go to the section of the website entitled “Help for the Borrower.”  In addition, you should not trust anyone who contacts you who says that for a fee they can get you your settlement payment faster.  That is a scam.  You also should not provide any information to anyone who calls you purporting to be from the banks or attorneys general involved in the settlements.  Scammers are posing as the banks or attorneys general merely to get your personal information and scam you out of your hard earned money.  If you have any questions about your eligibility for any funds under the settlement, use the above link to access the contact information for the banks and governmental agencies involved in the settlement for trustworthy information.