The IP address [18.104.22.168] in the email headers below, where the email originated from, belongs to Bank of America. The hostname mta.emcom.bankofamerica.com, which belongs to Bank of America, goes to the same IP address.
The Headers for the Bank of America Email
-X-Apparently-To: @yahoo.com; Wed, 25 Apr 2018 13:59:07 +0000
-Received-SPF: pass (domain of bounce.emcom.bankofamerica.com designates 22.214.171.124 as permitted sender)
-Authentication-Results: mta4121.mail.bf1.yahoo.com from=emcom.bankofamerica.com; domainkeys=pass (ok); from=emcom.bankofamerica.com; dkim=pass (ok)
-Received: from 127.0.0.1 (EHLO mta.emcom.bankofamerica.com) (126.96.36.199) by mta4121.mail.bf1.yahoo.com with SMTPS; Wed, 25 Apr 2018 13:59:07 +0000
-DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=200608; d=emcom.bankofamerica.com;
-DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=200608; d=emcom.bankofamerica.com;
-Received: by mta.emcom.bankofamerica.com id hs24qk163hsc for <@yahoo.com>; Wed, 25 Apr 2018 07:33:30 -0600 (envelope-from <bounce-32_HTMLemail@example.com>)
-From: "Bank of America" <firstname.lastname@example.org>
-Subject: Action Needed: Please contact us as soon as possible to update your personal information
-Date: Wed, 25 Apr 2018 07:33:30 -0600
Reply-To: "Bank of America" <reply-febe1d71706d027e-32_HTMLemail@example.com>
Although the information proves the email is not a phishing scam, Bank of America customer should still not click on links in emails, especially suspicious ones. They should instead, always go directly to Bank of America's website at www.bankofamerica.com and sign into their accounts from there and update their personal information. This will prevent them from becoming victims of phishing scams.
The "Bank Of America Update Your Personal Information" Email
From: Bank of America <firstname.lastname@example.org>
Sent: Wed, Apr 25, 2018 08:44 AM
Subject: Action Needed: Please contact us as soon as possible to update your personal information
Reply-To: "Bank of America" <reply-febe1d71706d027e-32_HTMLemail@example.com>
Bank of America logo
Please contact us to update your personal information to avoid interruption of your checking account ending in 6208.
During a recent review, we found that the personal information we have on file for you is either missing or incomplete. As your financial institution, we're required to update our records periodically with your most current information. We value your business and want to make sure you don't experience any interruption in your banking services.
What you need to do
Please contact us as soon as possible to update your information using one of these options:
• Sign in to Online Banking where you'll receive a message on how to update your information. Not enrolled in Online Banking? Enroll now and respond to the message you'll receive at the top of the page.
• Visit a nearby financial center to speak with one of our associates. Schedule an appointment.
We appreciate your quick response and look forward to hearing from you.
Thank you for being a Bank of America customer. You received this email as part of your existing relationship with us.
Bank of America Email, 9th Floor NC1-028-09-02, 150 N College St., Charlotte, NC 28255. Please do NOT send any physical mail to this address, especially mail containing sensitive information.
Need to get in touch? Simply visit our Contact Us page for multiple ways to connect. Please do not reply to this email, as email replies are not monitored.
Read more about Privacy & Security.
Bank of America, N.A. Member FDIC. Equal Housing Lender.
©2018 Bank of America Corporation. All rights reserved.
According to Bank of America customer service, the emails were accidentally sent out during a system test. The last four digits in the same emails are an internal account number, not the card last four digits. The emails can be ignored, or call BOA customer service to confirm.