The Latest Phishing Scam Bank of America - All You Need to Know About This Scandalous Case
Customers in the U.S. are being targeted by identity fraudsters posing as Bank of America in an effort to obtain card information and personally identifiable information (PII).
Bitdefender researchers have been alerted to two active phishing attacks that pretend to be official bank correspondence in the last week.
Phishing is a form of assault that is frequently employed to obtain user information, such as login credentials and credit card details. It happens when an attacker deceives a victim into opening an email, instant message, or text message by disguising themselves as a reliable source. Next, a dangerous link is deceived into being clicked by the recipient. This can cause malware to be installed on the recipient’s computer, a ransomware assault to lock it down, or the disclosure of private data. An assault can have disastrous consequences. For people, this includes theft of money or identity, as well as illicit transactions.
Phishing is usually used as part of a wider attack, like an advanced persistent threat (APT) incident, to infiltrate business or governmental networks. In the latter case, staff members are compromised in order to get over security barriers, spread malware inside a safe setting, or gain access to data.
Depending on its size, a phishing attempt could turn into a security issue from which a company will find it challenging to recover.
Latest News & Scam Alerts
The Eighth Largest Bank in The World Comes in The Spotlight for Scam Case
The Bank of America (BOA) is an American global investment bank and financial services holding corporation with its headquarters in Charlotte, North Carolina.
It is also popularly known as Bank of America and is frequently abbreviated as BofA or BoA. It was made in San Francisco, and the NationsBank of Charlotte purchased it in 1998, giving it its current shape. It is the eighth-largest bank in the world and the second-largest bank in the United States, behind JPMorgan Chase. One of the Big Four U.S. financial organizations is Bank of America. It competes directly with JPMorgan Chase, Citigroup, and Wells Fargo for about 10.73 percent of all bank deposits in the United States. Commercial investment banking and its three main financial services.
Numerous lawsuits and investigations pertaining to mortgages and financial disclosures, going back to the 2008 financial crisis, have been sparked by the bank’s significant market share, business operations, and economic impact. Since the early 20th century, its corporate policies of providing services to the middle class and the larger banking community have produced a sizable market share. With a $313.5 billion market value as of August 2018, Bank of America is the 13th largest company in the world. It generated $102.98 billion in sales, ranking it as the sixth-largest American public firm as of June 2018.
On the 2020 list of the biggest U.S. corporations by total revenue, Bank of America came in at number 25. In a similar vein, Forbes’ 2020 Global 2000 rankings placed Bank of America at #8. In their 2018 Awards for Excellence, Euromoney Institutional Investor dubbed Bank of America the “World’s Best Bank.”
Phishing at Bank of America increased 34% in 2019. A remarkable increase in phishing assaults posing as community banks occurred at the same time as the rise in Bank of America phishing. Community banks, often thought of as less attractive targets, now count among the SMBs being attacked online worldwide. SMBs have evolved into the ultimate target because they have fewer resources than enterprises.
Phishing Schemes are Becoming More Prevalent
Nobody can deny the fact that phishing schemes are becoming more prevalent. The scams themselves, however, become trickier and more difficult to spot as more individuals become aware of the techniques these con artists are employing.
Look no farther than the current online abundance of COVID-19 and stimulus frauds for the ideal illustration. These timely topics create excellent lures for potential victims, and if you’re not paying close attention, it’s simple to be duped into providing your personal information. The main thing to watch out for from con artists these days, though, isn’t only topical subject matter. Customers are the subject of a horrifying new banking fraud that uses a bogus login screen that is incredibly convincing. It’s one of the most cunning efforts in recent memory, and if you don’t watch out, it just might catch you as well.
Customers of Bank of America are at significant risk of falling victim to a widespread phishing campaign that uses a variety of convincing emails, websites, and login pages.
A convincing-looking email that claims to be from Bank of America itself is the first indication of fraud. The email is painstakingly created to appear as genuine as possible and is designed to look like a standard “change your contact information” communication. You are presented with what looks to be a typical Bank of America login page if you click the link in the message.
The heart of the con is at this point. If you input your email address and password, the website will steal this information and send it back to the con artists. Additionally, it asks for your security questions, which increases the risk of your account being compromised. What’s more alarming is how this letter managed to bypass some of the more effective spam filters that are now available online. The effort is a targeted “spear-phishing” campaign with a more constrained scope rather than a mass mailer like many of the more prevalent ones going around.
On July 10, researchers with Bitdefender Antispam discovered the first phishing campaign. Our monitoring shows that Belizean I.P. addresses are the source of the bogus correspondence. The phony email seems to be a security notice from the bank, which appears to be true. It requests that recipients download an online form after informing them that their account has been suspended due to odd conduct.
Receiving such letters and not having a Bank of America account should be a dead giveaway that it’s a scam. But if you do have an account, examine closely the dubious email address @bentonairpark and the HTML attachment, which ought to raise a red flag right away. Users are prompted to validate their personal information, including their online I.D., full name, address, and ZIP code, when they download and open the attachment.
- Passcode, PIN, or ATM
- The expiration date, verification code, and credit or debit card number (CVV)
- The routing number and savings account number
- Contact information (phone and email)
- Driver’s license number, date of birth, parents’ names, and Social Security number.
Fraudsters Are Attempting To Gather as Much Information as They Can
In order to directly access customers’ bank accounts and use the newly acquired identities to commit various types of fraud in the victim’s name, fraudsters are attempting to gather as much information as they can.
If the drawn-out process of filling out this form doesn’t put users off, perhaps the cramped layout and bad design will. A Bank of America gift card notice email that has been sent to hundreds of thousands of individuals is the second attempt at user data theft. The Czech Republic and the United States appear to have sent 77 percent and 15 percent, respectively, of the fraudulent emails. Users in the U.S. were only targeted by 64% of the phishing emails. Ireland received 17% of the total, followed by Denmark with 4% and Sweden with 3%. The fraud has also been seen by a small number of users in the U.K., Romania, and Germany.
This scam email tries to mislead unwary recipients into completing an online marketing survey in exchange for a $90 prize. Following verification, the page requests users to submit their name, email address, and phone number as well as more private information, such as credit card information, in order to pay processing costs or transfer fees. Any information given will thereafter be misused by the con artists.
If you’ve been a victim of Banking Scam you can contact us for support.
DO YOU NEED EXPERT ADVICE?
We have encountered victims who were mentally and emotionally drained when they were scammed out of their money. We can help you with your legal and technical concerns. We can help you get your money back.
In an Effort to Get Over Antispam Defenses, The Offenders Employ a Variety of Subject Lines and Headers
The following are examples of subject lines: • All Your Bank of America Rewards in One Place.
- Bonus: Chance to win a $50 BANK OF AMERICA gift card
- Congratulations! A $50 Bank of America gift card is available!
- Provide comments to be eligible to win!
Shopper, you may be eligible for a $50 Bank of America gift card. You may also be eligible for special rewards.
The email’s header includes the following symbols to identify the sender: “Bank of America Opinion Requested,” “Bank of America Shopper Feedback,” and “Bank of America Shopper Gift Card Chance.”
The Numbers Keep on Rising
A total of 19,800 distinct phishing URLs impersonating Bank of America were found in 2019, up from 14,771 in 2018.
Among the most frequent hoaxes in phishing attempts targeting financial services are security alerts. Phishing emails from Bank of America are also common. Any account notice will undoubtedly cause consumers to worry, but one from a financial institution is particularly upsetting and likely to prompt clicks.
How Can You Avoid Becoming A Victim In Such Scam Cases?
The simplest method to prevent getting scammed is to never provide your information in response to unwanted emails unless you are completely certain of their origin.
Customers are never requested to answer emails with their SSN, account numbers, ATM or debit card PINs, or any other sensitive information by banks or financial institutions. Knowing this info is essential if you are unsure of the email’s legitimacy.
Furthermore, banks often won’t contact consumers by email as the first mode of contact in response to an urgent situation, even if the request is urgent. Please forward this email to your bank and then delete it if you or a family member have received it.
Small Banks Have Become Phishers' Favorite Targets
The top 25 financial services brands included numerous small businesses in addition to Bank of America, which represents a change from the prior year when hackers mainly targeted Wall Street giants.
In general, the financial services sector was the most frequently attacked, accounting for 37% of all unique phishing URLs found by Vade Secure. Following closely after are cloud services, with Microsoft and PayPal receiving the most industry-wide attention.
While the number of Wells Fargo phishing URLs drastically reduced by more than 74 percent, Credit Agricole experienced a 49.4% increase. Attacks against community banks are on the rise, which is in line with a global spike in assaults on SMBs. Assaults on enterprises outside the typical enterprise attack surface, including direct attacks on government agencies as well as attacks through MSPs, increased dramatically in 2019.
Given the effectiveness of those attacks, it is likely that the pattern will persist through 2020, which is a worrying development given the situation of SMBs throughout the global COVID-19 epidemic.
It can be challenging to distinguish between legal emails and phishing assaults, which are typically forms of contact meant to trick people into giving over personal information. There are several hints, though.
- Subject lines that need immediate or urgent action
- Unusual or unknown senders
- Unanticipated demands
Scammers that use email often switch up their methods. To always be on the lookout is your best line of defense. A few online and mobile security recommended practices, like employing strong passwords and making sure your technology has the most recent security patches, can also help you secure yourself.
You could lose time and money by clicking a link in an email or text that isn’t what it seems to be. The FBI reports that fraud strategies are becoming more complex and that cybercrime costs businesses and people billions of dollars annually. The claimers are the only business that can assist you in getting your money back if you are a victim of fraud. Visit their website and speak with them there for more advice.
do you need help?
A lot of those who contact us have questions and concerns about their personal and business data being compromised. We aim to arm you with the legal and technical know-how in the fight against scams. Also, we will be able to refer you to top scam recovery agencies.
Please fill up the form. Rest assured that our support team will get in touch with you