Android Trojan gets an update

Bank of America Phish Seeks Personal Data Bonanza

If you’re a Bank of America customer you’ll want to avoid this phishing URL, located at

74(dot)208(dot)43(dot)206/html/E-Alert(Dot)html

Verification file?

The site says

We need you to verify your account information for your online banking to be re-activated

and asks visitors to “click the download button to receive your verification file”, then open it in their browser. As it turns out, “downloading the file” means “visit another webpage”:

Alertfb(dot)pw/site/IrregularActivityFile(dot)html

The above site takes those eager to hand over personal information to the cleaners – there’s a wide variety of data harvested including Online ID and passcode, name, DOB, social security number, drivers license number, email address and password. That’s not all – there’s also 3 security questions and payment information / address to complete the carefully laid out steps.

That’s a lot of info to hand over to scammers, and anybody who thinks they may have been caught by something similar to the above should contact their bank immediately. Some of the images on the website are apparently broken and none of the URLs look remotely like legitimate BoA URLs so that will hopefully deter a few would be banking disasters.

While in the process of drafting this blog we’ve noticed the second site which asks for the bulk of the banking customer information is being flagged by Chrome for phishing, so hopefully that will help to reduce the potential victim pool still further.

We’ll update the post as we test with different browsers, but for now watch what you click and be very cautious should you see either of the two URLs pop up in an unsolicited email…

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.