New phishing scam specifically targeting BoA clients

Jul 24, 2017 07:51 GMT  ·  By

You might be tempted to believe that hackers are getting tired of using phishing scams to target bank clients across the globe, but as Bank of America customers might find out the hard way, this doesn’t seem to be the case just yet.

HackRead has come across a new major phishing attack aimed at BoA clients, with hackers going after credit card details, but also personal information using a website hosted on a Russian server.

While there’s no evidence that hackers are Russians or are in any way linked to the government, the attack relies on the traditional method that involves an email requesting users to provide their details should they want certain limits on their bank accounts to be lifted.

“You have same usage limits in order to protect your priority. The limits will be lifted after confirming your informations. You need just to confirm your information by follow the next steps: 1. Click the link below to open a secure browser window. 2. Confirm that you’re the owner of the account, and then follow the instructions,” the email reads.

Credit card details and personal information wanted

In most of the cases, the bad English grammar should be the living proof that it’s just a phishing email, but customers clicking the provided link are redirected to a phishing website asking for logging in with Online IDs and passcode.

A secondary form is also provided once the BoA customer provides their login credentials, with information like names, address, city, mobile number, card number, expiry date and CVV number among the details the hackers are looking for.

It goes without saying that the page is not secured and there are several signs that this isn’t a legitimate request coming from Bank of America, so customers are strongly recommended to avoid providing their credentials.

The Russian hosting provider has already been notified, but it’s not known just yet whether the phishing pages have been removed or any action would be taken in the coming days.