HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
HOTforSecurity
  • Home
  • Threats
    • Security alerts
    • Social Networks Security
    • Mobile & Gadgets Security
    • Tips and Tricks
  • Smart Home Security
  • Digital Privacy
    • Digital Identity
    • Good Practices
    • Data Breach Alerts
  • Work from Home: Safety Tips
  • The ABC of Cybersecurity
  • Security Videos
Loredana BOTEZATU @lbotezatu
3 Comments
    Share This!
  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • ReddIt
Alerts • E-Threats

Bank of America on Short List of Scammers’ Spam Lures

March 15, 2013
3 Min Read

The dust has barely set on the Bank of America security breach, and crooks unleashed a series of aggressive spam campaigns that include the Bank of America in the title as bait.

In the context of a security breach, the name of the bank was used to catch customers’ attention, infect them with malware, have them type in sensitive data or entice them into sending money in advance for a service they will never receive.

“Online Banking Passcode Modified” invites people to click a link to reset their online banking passcode. The same template and con is entirely recycled from a similar attack in November 2012. This new spamvertised malware campaign attempts to get Bank of America customers to click a link to a webpage associated with the Redkit Exploit Kit – a crimeware tool that exploits vulnerabilities in browsers and plugins to silently infect victims’ PCs.

“Bank of America Corporate Office Headquarters” and the very recent “Payment Notification from Bank of America” spam campaigns are examples of a complicated Nigerian-like scam informing customers that their funds will be transferred to the United States Treasury Account. To have the money transferred back, the customer needs a DIPLOMATIC IMMUNITY SEAL OF TRANSFER (DIST) that costs $750. The money can be sent via WESTERN UNION or MONEY GRAM, which are untraceable payment mechanisms through which the attacker can get the money just by telling the teller the transaction number or by showing ID.

“Bank of America Alert: Suspicious Activities on your Account!” and “Bank of America Alert: Sign-in to Online Banking Locked” lure customers to a phishing page by suggesting they click a link and confirm their banking details as a security measure against alleged suspicious activity detected in their accounts. Once users type in the sensitive data, they share that information with crooks that can later use it for fraud and impersonation schemes.

“Reminder: Bank of America Customer Survey” is another active scam that invites customers to participate in a survey on their personal experience using the bank’s accounts. As a (laughably useless) safety measure users who want to access the survey are invited “to simply click the link below, or manually copy and paste the address into your web browser”. The survey is just an excuse to phish for personal data.

Bank of America has been recycled in spammed scams since 2006 and used multiple times a year, for more or less the same results: steal card and identity information, infect people with malware, and unwarily recruit them into money-muling operations.

This article is based on spam samples provided courtesy of Bitdefender anti-spam team and the technical information provided by Doina Cosovan, Bitdefender Virus Analyst.

Note: All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

Tagsbank of america Online Banking Passcode Modified scam slider spam Suspicious Activities on your Account

You may also like

Alerts • Digital Privacy

How Bitdefender Protects You from Ransomware (Part 2)

23 hours ago
Alerts • Digital Privacy

How Bitdefender Protects You from Ransomware (Part 1)

1 week ago
Alerts

Feeling Lucky This Holiday Season? COVID-19, Google and Microsoft ‘Lotteries’ are Out for Your Info and Money

1 month ago

About the author

View All Posts

Loredana BOTEZATU

A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.

3 Comments

Click here to post a comment
  • BitDefender advierte a los usuarios de correos falsos vinculados a Bank of America says:
    March 17, 2013 at 12:00 pm

    […] hotforsecurity googletag.cmd.push(function() { googletag.display('DFP_NEWS_RELATED_BTF_LEFT_468x60'); }); […]

  • BitDefender advierte a los usuarios de correos falsos vinculados a Bank of America | Where Is My Software says:
    March 17, 2013 at 6:06 pm

    […] Vía: hotforsecurity […]

  • Bank of America on Short List of Scammers Spam Lures | Sorin Mustaca's IT Security News aggregated says:
    March 18, 2013 at 10:40 am

    […] breach, the name of the bank was used to catch customers attention, infect them with…. …read more Source: CERT Europe   Share […]

Spanish Targeted on Facebook by ‘Who Deleted You’ and ‘Free Credits’ Scams
OSX Backdoor Used in Facebook Attack Snuck Past Gatekeeper
    Share This!
  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • ReddIt

Promo

1.3m
Fans
Like
▲ 12
104.8k
Followers
Follow
2.7k
Subscribers
Subscribe
19
Subscribers
subscribe
1.4m
Fans Love us

Recent shouts

  • Meurig Parri on Microsoft Ends Support for Windows 7. What You Need to Know
  • Kevin on Cable Haunt vulnerability affects millions of Broadcom cable modems
  • Terry on Ransomware attack forces Arkansas CEO to fire 300 employees days before Christmas
  • Martin on 1&1 Telecom GmbH hit by almost €10 million GDPR fine over poor security at call centre
  • Xander on 1&1 Telecom GmbH hit by almost €10 million GDPR fine over poor security at call centre

Time Machine

January 2021
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
« Dec    

ANTIVIRUS SOFTWARE FOR HOME USERS

Bitdefender Cybersecurity for Smart Home
Bitdefender Complete Protection
Bitdefender PC Protection
Bitdefender Antivirus for Mac
Bitdefender Mobile Security for Android
Bitdefender Product Comparison

BUSINESS SOLUTIONS

Bitdefender GravityZone Business Security
Bitdefender GravityZone Advanced Business Security
Bitdefender GravityZone Enterprise Security
Bitdefender Hypervisor Introspection

TOOLS & RESOURCES

Renewal for Business Customers
Trial Downloads
Free Antivirus
Free Online Virus Scanner
Free Virus Removal Tools
Live Remote Assistance
Free Tools
Bug Bounty
Press Center

Powered by Bitdefender - a leading cyber security technology provider | Copyright © 2008 - 2016. All rights reserved.
  • Home
  • The Team
  • Terms and Conditions
  • Contact
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok