New Phishing Scams Can Hook Ya!

By Joseph Raczynski

Many moons ago when phishing scams were first cast they were easy to detect.  The bait was rank with punctuation and spelling errors and the emails were typically all text.  You viewed the email from Bank of X, cocked your head to the side and then easily dismissed it as chum.

Surprisingly phishing has continued to proliferate but in more sophisticated forms.  According to RSA phishing scams still circulate as one of every 400 emails sent.  The issue is not simply the volume, but the new lures implemented.

Here is recent example of email phishing using a fake Bank of America email notification.



What jumps out at you?  It looks pretty legitimate.  It is an email that seemingly came from BoA’s customer service group notifying you that a message is waiting.  It has all of the branding a BoA email would contain.  The scam offers reminders about security, “Remember, always look for your SiteKey before you enter your passcode during Sign In.”  They have disclosures and terms of use at the bottom of the email.  HOWEVER each of the hyperlinks will take you to the fraudster’s site where you would unwittingly enter your Bank of America credentials.  Once that is done, they have your login and password to your bank account.


How to evade getting hooked…


  • Go Slow! Do not click on any links in an email like this until you really investigate it.  You can scrutinize it by looking for the dots (…).  One of the best ways to see if this email is legitimate is to look for the domain of the URL that is associated with the links at the end of the dots.


How to do this: RIGHT click on the link and copy the link into Word or a text document.  Look for the domain.  Make sure the domain is consistent with the company where the email supposedly originated.


  • EXAMPLE: Find the last domain here, i.e. look for, but make sure it is the last domain listed.  Be careful, it is the last domain that matters.;cust=redacted@redacted.redactedamp;l=lWXS3AlBXVShqAhQRfhgTDrf=/sas/


Did you find it?;cust=redacted@redacted.redactedamp;l=lWXS3AlBXVShqAhQRfhgTDrf=/sas/


The last domain here is which is not BoA, so we know that this is not legitimate.  They try to trick us with that very first part of the URL where they write  That is purposely misleading.


  • When in doubt, type it out.
    • If you are not sure, always go to a new browser session and type out the address of the site where you want to go, e.g.
  • Last resort – trash it
    • If you are still unsure, trash the email and either go to the website as noted above or call the bank. Clicking on unsecure links can be a very expensive.  The RSA estimates each victim of phishing to lose in the range of $5,000 US.


No one longs to be a trophy fish stuffed and mounted on a criminals wall… Be smart about what you click on in these suspicious emails.  Go slow, view the URL/Domain and see if it looks right.



About Joseph Raczynski (167 Articles)
Joseph Raczynski Technologist/Futurist Joseph is an innovator and early adopter of all things computer related. His primary focus is around the future of technology, and speaks globally about Legal Technology, Cybersecurity, Blockchain, Artificial Intelligence, Cryptocurrency, and Robotics (drone technology). He also writes about the future of technology as it impacts the crossroads of our personal and professional lives, especially in the legal sector. Under the umbrella of Thomson Reuters, The Hearing a Legal Podcast, Joseph hosts a podcast with a technology focus. He also serves as a mentor with the Columbia | IBM Blockchain Accelerator and guest lecturer at Fordham University School of Law, as well as a Cybersecurity Committee Member at the University of South Florida. Joseph founded wapUcom, LLP, consulting with companies in web and wireless development. As a side project DC WiFi was created to help create a web of open wireless WiFi access points across cities and educate people about wireless security. Currently Joseph is with Thomson Reuters Legal managing a team of Technologists for both the Large Law, Corporate, and Government divisions in the US. Joseph serves the top law firms in the world consulting on legal trends and customizing Thomson Reuters legal technology solutions for enhanced workflows. He graduated from Providence College with a BA in Economics and Sociology and holds a Masters in eCommerce and MBA from the University of Maryland, Global Campus. You can connect with Joseph at or or onTwitter @joerazz

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: