Here is another good example of a phishing email that is presently being circulated. It was sent to me by a Scamicide reader who received it. It makes for compelling reading, but it is a scam. Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur. Copied below is a new phishing email presently being sent to unsuspecting people that appears to come from Wells Fargo. This particular one came with a Wells Fargo logo and was sent from an email address that, while not a real Wells Fargo email, did appear to be legitimate, which makes the scam even more tempting to more people. It contains an update of a phone number that is incorrect. This is done in an attempt to lure you into clicking on a link to update your contact information. Clicking on the link will either lure you into providing personal information that will be used to make you a victim of identity theft or merely by clicking on the link you will download malware such as ransomware on to your phone or computer. The link in the email is found where it reads “update contact information. I have removed the link. Additionally, I have removed the link to contact wellsfargo.com because the link provided in the email would not take you to wellsfargo.com, but would take you to a phony Wells Fargo website.
Here is the email.
We’ve updated your contact information
To view your current information, go to update contact information.
If this is not you, contact wellsfargo.com immediately. We’re available 24 hours a day, 7 days a week.
Thank you for banking with Wells Fargo.
Wells Fargo Online Customer Service
Note: You may also receive this alert if you are a “Guest User” with view-only access on another customer’s account. The Administrator on those accounts may have recently updated your email address. Please contact the Administrator for assistance.
Please do not reply to this automated email.
Legitimate emails from your bank would include the last four digits of your account and include your name. This email had neither. Often such phishing emails originate in countries where English is not the primary language and the spelling and grammar are poor. However this one appears grammatically correct. Obviously, if you are not a Wells Fargo customer, you will recognize immediately that this is a scam. As with most phishing emails, they lure you into clicking on a link (we have blocked the links) by attempting to trick you into believing there is an emergency. If you hover on the links contained in the actual phishing email, you will find it does not go to Wells Fargo.
As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft. If you receive an email like this and think it may possibly be legitimate, merely call your bank or other institution from which the email purports to originate at a telephone number that you know is accurate and you will be able to confirm that it is a scam.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”