I get alot of spam email telling me how much money I can get if I just give them my account information. Most of the time I do not read them and immediately report them as spam. Today, I received an email from my "bank" telling me that I need to update my account information to protect my account and reduce fraud....yeah right. Here are a couple of things that made this one so funny:

  • It came from security@bankofamerica.co.uk. I have never had an account outside the U.S. so why would my email come from the United Kingdom??
  • There are a few misspellings in the email. Come on, if you are going to try and take my money, at least have the common courtesy to use spellcheck!
  • Check out the link that I am supposed to click.

I forwarded the email to spam@uce.gov and reportphishing@antiphishing.org per the REAL bank.


Dear valued Bank of America member:


It has come to our attention that your Bank of America account informations needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.

However, failure to update your records will result in account suspension.
Please update your records on or before September 20, 2007.
you are requested to update your account informations at the following link.
https://www.bankofamerica.com/login_update_done=1115487 <http://shop.hollylisle.com//sc_images/iuser_downloads/new/bankofamerica/updateinfo/www.bankofamerica.com/online_bofa_banking/e-online-banking/>
*Important*
We have asked few additional information which is going to be the part of secure login process. These additional information will be asked during your future login security so, please provide all these info completely and correctly otherwise due to security reasons we may have to close your account temporarily.

4 comments

  1. Randy Peterman // September 18, 2007 at 11:22 PM  

    I work for a company that makes anti-spam software and anti-phishing software. The biggest problem that people face is their ignorance of what phishing is and what their bank sends out. This post reports some of the very key things that people should look out for: Who, what, where, when and why. Asking those basic questions could help most people identify phishers like this from the get-go.

  2. Mya Moola // September 19, 2007 at 12:00 AM  

    I got that one about BOFA today too

  3. Pinyo // September 19, 2007 at 7:37 PM  

    Good tips. I always hover over the link to check the real URL. If it is something I really do use. I go to the site myself without clicking on the provided link.

  4. trillwing // September 23, 2007 at 11:15 AM  

    I recently had a phishing e-mail that asked me to click on a link that--I kid you not--had "pirates" in the URL.