Sample of a "Bank of America Activity Alert" Phishing Scam
Sent: Wednesday, June 7, 2017 1:27 PM
Subject: Bank of America: Activity Alert
Dear Bank of America customer,
Your account may have been accessed from different location.
This may be due to changes in your IP address or location.
Protecting the security of our customers is our primary concern.
Please download the attached form, open, and fill it up in order to confirm your identity.
At Bank of America, we are serious about protecting our customers from fraud.
That's why we take these steps whenever we notice any unusual account activity.
Bank of America Customer Service.
Copyright 2017 Bank of America. All rights reserved.
Bank of America (BofA) customers should not open the attachment or follow the instructions in the email message. This is because the attachment is a phishing Bank of America HTML form that sends the information entered on it to cybercriminals, who will use the stolen information to hijack their victims' accounts and use them fraudulently. Also, Bank of America will never send an email message with an attached form requesting account credentials, personal or financial information.
Bank of America customers who have received email messages like the one above, they should go directly to Bank of America's website at https://www.bankofamerica.com/ and sign into their accounts from there, instead of clicking on a link in the email messages. If there is something wrong with or something that needs to be done their Bank of America accounts, it will be shown to them after signing in.
Bank of America (BOA) customers who have been tricked and have already submitted their information via the fake form, should immediately attempt to change their BOA account passwords and contact Bank of America for help.