Phishing Page Attached to Fake “Irregular Activity” Bank of America Emails

Bank of America phishing page (click to see full)

Bank of America customers should beware of fake emails that inform them of irregular activity detected on their account.

According to Stop Malvertising, the emails inform recipients that their bank account has been limited and that they must follow the steps in the attached file in order to regain full access to it.

The attached file is an HTML document that fetches information from the genuine Bank of America website and a hijacked site hosted at

The form instructs victims to enter their name, contact information, date of birth, driver’s license number, social security number, mother’s maiden name, payment card information (including PIN), online ID, password to the account, and secret questions.

From the BoA site, images are retrieved. The other website is used to host the stolen information. As you might have guessed, the information collected by the cybercriminals can be used for all sorts of malicious purposes, including identity theft.

If you come across such emails, delete them at once. If you’re a victim, change your passwords, contact your bank, and keep a close eye on your account.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s