Regions Bank is a large bank based in Alabama with more than 1,700 branches throughout the South, Midwest and even into Texas. Recently, I received a phishing email that appeared to come from Regions Bank. Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which download malware or trick you into providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. The Regions Bank phishing email uses the common ploy of indicating that the bank needs you to verify personal information for security purposes. As phishing emails go, this one is pretty good, but it does have some telltale flaws. Although the email address from which it was sent appears to be legitimate, upon closer examination you can determine it is not an official email address of Regions Bank. Also, although the email is quite short, it contains numerous grammatical errors and the word “Sincerely” is spelled wrong. Most telling, the email is not directed to you by name and does not contain your account number in the email. It is important to remember that merely because the email contains the exact logo of the bank does not mean that the communication is legitimate. It is easy to obtain a copy of the logo on the Internet.
Obviously if you do not have an account with Regions bank, you know that this is a phishing scam, but even if you do have an account with this bank, there are a number of indications that this is not a legitimate email from Regions Bank, but instead is a phishing email. Legitimate banks would refer to your specific account number in the email. They also would specifically direct the email to you by your name. This email’s salutation is a generic “Dear customer” without even capitalizing the word “customer.” As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft. If you receive an email like this and think it may possibly be legitimate, merely call the customer service number for your bank where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to purchase phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Regions to trap you if you make a mistake in dialing the real number.