New Phishing Scams Can Hook Ya!

Many moons ago when phishing scams were first cast they were easy to detect.  The bait was rank with punctuation and spelling errors and the emails were typically all text.  You viewed the email from Bank of X, cocked your head to the side and then easily dismissed it as chum.

Surprisingly phishing has continued to proliferate but in more sophisticated forms.  According to RSA phishing scams still circulate as one of every 400 emails sent.  The issue is not simply the volume, but the new lures implemented.

Here is recent example of email phishing using a fake Bank of America email notification.

image5

 

What jumps out at you?  It looks pretty legitimate.  It is an email that seemingly came from BoA’s customer service group notifying you that a message is waiting.  It has all of the branding a BoA email would contain.  The scam offers reminders about security, “Remember, always look for your SiteKey before you enter your passcode during Sign In.”  They have disclosures and terms of use at the bottom of the email.  HOWEVER each of the hyperlinks will take you to the fraudster’s site where you would unwittingly enter your Bank of America credentials.  Once that is done, they have your login and password to your bank account.

 

How to evade getting hooked…

 

  • Go Slow! Do not click on any links in an email like this until you really investigate it.  You can scrutinize it by looking for the dots (…).  One of the best ways to see if this email is legitimate is to look for the domain of the URL that is associated with the links at the end of the dots.

 

How to do this: RIGHT click on the link and copy the link into Word or a text document.  Look for the domain.  Make sure the domain is consistent with the company where the email supposedly originated.

 

  • EXAMPLE: Find the last domain here, i.e. look for bankofamerica.com, but make sure it is the last domain listed.  Be careful, it is the last domain that matters.

 

http://www.bankofamerica.com.sas.signon.do.detect.2.signin.sessionid.

rmrlfbqjlokcjpczgs.oxcvsvcpdsoeeseytje.yucfnjtidbvnujxrwjmsea.zydyilpnchtjrriiszti.zydyilpnchtjrriiszti.zydyilpnchtjrriiszti.zydyilpnchtjrriiszti.nuyovbuskl.bernadinec.com/index.php?pageType=708XeMWZamp;cust=redacted@redacted.redactedamp;l=lWXS3AlBXVShqAhQRfhgTDrf=/sas/signon.do?SignIn&SMSESSIONID=ASERTFGUY2I94O0389GYBH23JNMKUYH83JMN12I90U82HJNASDKOASD9AS8D&iv=90832yhIopOWjos

 

Did you find it?

 

http://www.bankofamerica.com.sas.signon.do.detect.2.signin.sessionid.

rmrlfbqjlokcjpczgs.oxcvsvcpdsoeeseytje.yucfnjtidbvnujxrwjmsea.zydyilpnchtjrriiszti.zydyilpnchtjrriiszti.zydyilpnchtjrriiszti.zydyilpnchtjrriiszti.nuyovbuskl.bernadinec.com/index.php?pageType=708XeMWZamp;cust=redacted@redacted.redactedamp;l=lWXS3AlBXVShqAhQRfhgTDrf=/sas/signon.do?SignIn&SMSESSIONID=ASERTFGUY2I94O0389GYBH23JNMKUYH83JMN12I90U82HJNASDKOASD9AS8D&iv=90832yhIopOWjos

 

The last domain here is bernadinec.com which is not BoA, so we know that this is not legitimate.  They try to trick us with that very first part of the URL where they write http://www.bankofamerica.com.sas.signon.  That is purposely misleading.

 

  • When in doubt, type it out.
    • If you are not sure, always go to a new browser session and type out the address of the site where you want to go, e.g. bankofamerica.com
  • Last resort – trash it
    • If you are still unsure, trash the email and either go to the website as noted above or call the bank. Clicking on unsecure links can be a very expensive.  The RSA estimates each victim of phishing to lose in the range of $5,000 US.

 

No one longs to be a trophy fish stuffed and mounted on a criminals wall… Be smart about what you click on in these suspicious emails.  Go slow, view the URL/Domain and see if it looks right.

 

 

Advertisements
About Joseph Raczynski (92 Articles)
Joseph Raczynski Legal Technologist/Futurist Joseph is an innovator and early adopter of all things computer related.  His primary bent is around the future of law and legal technology. He also focuses on several fields including machine learning, mobile, security, cryptocurrency, and robotics (drone technology). Joseph founded wapUcom, LLP, consulting with companies in web and wireless development.  As a side project DC WiFi was created to help create a web of open wireless WiFi access points across cities and educate people about wireless security. Currently he is with Thomson Reuters Legal managing a team of Technical Client Managers for both the Large Law and Government divisions.  Joseph serves the top law firms in the world consulting on legal trends and customizing Thomson Reuters legal technology solutions for enhanced workflows. He graduated from Providence College with a BA in Economics and Sociology and holds a Masters in eCommerce and MBA from the University of Maryland, University College. You can connect with Joseph at JoeTechnologist.com or JosephRaczynski.com or @joerazz

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: