This sentence is false

functional programming, software, and emacs.

WebCert+ Phishing Attempt

UPDATE: Definitely phishing.

I recently got an email ostensibly from Bank of America. It said I needed to sign up for their new “WebCert+” service and if I didn’t, my account would be suspended and imposed a hefty $45 reactivation fee. I received one email (which went to Spam) containing an embedded web form in which I was to fill out all kinds of personal information. And three others adjuring me to fill it out lest terrible things happen to me and my bank account.

I think this is a phishing attempt. I want to know if there are others getting the same thing and if anyone can confirm that it is illegitimate.

My first clue that it’s a phishing attempt is that it’s sent from alerts@bankofamericaalerts.0nlinereport.com. These days it’s so easy (right?) to spoof a FROM address, you wonder why more people don’t.

Second was the embedded form. Who sends embedded email forms? I should have to log into my account online and _then_ fill out the form.

But all of that is circumstantial.

Anyone else see this or can confirm that it is attempted thievery?

Advertisement

04 August 2011 - Posted by | security

5 Comments »

  1. I just received the same email. I’m going to treat it as thievery, though I have nothing to confirm that other than my gut :)

    Comment by module27 | 04 August 2011 | Reply

  2. I received this as well. It is most definitely a phishing attempt. If you look at the original message, the place where it asks you all the personal and detailed information in a web form embeded in an email…. (red flag already).

    That webform has this –

    So, you are submitting your personal banking information and other personal details to a domain mobercitymains.com… That is a bad idea!

    Comment by Chris | 05 August 2011 | Reply

  3. Apparently, the form info I pasted got striped out. The form submitted to a domain “molbercitymains . com”

    Comment by Chris | 05 August 2011 | Reply

  4. Definitely phishing. Just check the spam email and the top BofA image points to: http://ratesinnycity.co.uk/t_files/olb_masthead_nonav.gif. You’ll also note that the email comes from onlinebanking@bankofamericaalerts.0nlinereport.com (note that the domain is 0nlinereport.com, with a zero “0″).

    Banks also always require that you log into their portal to do anything as well, including extra “validation” requests. If you need to, I’d call the bank on the phone (use the one on your statement or bank card) and ask about this “webcert+” if you’re still unsure.

    Comment by Discoboy | 05 August 2011 | Reply

  5. They sent it to my student email, which is not the email address I use for my BoA account.
    The website it directs you to also is not bankofamerica.com
    Finally, it says that the service is mandatory starting August 1, 2011. Yet I get the email a week later? Good try.

    Comment by SLNR | 08 August 2011 | Reply


Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

« Previous |

Follow

Get every new post delivered to your Inbox.