Please Queue Here For The Next Phish

Filed Under: SophosLabs

This year is going to be a good year because the economy is recovering from the global financial crisis. How do we know this? It is obvious because the spammers are hard at work crafting up cunning phishing emails hoping to get their hands into the pockets of innocent web users. Today I was looking at an email sent into one of our many spam traps that disguised itself as a legitimate mail from Bank of America. A sample of the email is attached below:
 

How can I tell this is a phishing email? It is quite easy because when I hover the cursor over the link it gave the following web address:
 

This link clearly is not the Bank of America link and has been blocked by Sophos applications. But since the spammers spent some time crafting this up so I thought I would be a good sport and follow it to see what they are up to. Following the above link leads to the following page:
 

So far so good, the page looks like a replica of the real Bank of America web site. However as soon as I signed into the site with a random online ID, I get directed to the following page that asks for my personal details:
 

This is rather odd, first there is no verification of my online ID and second the page asks for my ATM PIN. There is definitely something "phishy" going on here and if the user is still not convinced, a simple check of the link of this page will assure this is dodgy:
 

Since I got this far, I might as well go all the way and fill out this fake form with some fake and random information. As I progressed further onto filling out this form I am again prompted for more personal information as displayed below:
 

After completing this dodgy form, I went to submit it and again there was no verification of the inputted data. Instead I was directed to the following link:
 

and it leads to the following web page:
 

After about 2 seconds the page automatically refreshed and I was taken to the real Bank of America web site:
 

How can I tell this is the real Bank of America web page? Quite simple, the link of this page reads:
 

So what lesson did I learnt from this experience? When using online banking, I should always take extra care when  it involves my personal information. If I am unsure whether the site is real or dodgy, I can always check the link of the site but the safest thing to do is to call up the bank for verification.

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s