26). Bank of America - HTML.Phishing.Bank-213

This email targets customers of Bank of America.

Message Details

Malware Name:	HTML.Phishing.Bank-213
Origin:	United States
Date first seen:	13/07/2006 22:41:59
Number seen:	37
Date last seen:	08/07/2007 23:20:33
From:	Bank Of America <service@bankofamerica.com>
Subject:	Bank of america - Mesangger - Security Update - Please Apdate Your Personal Account

Attacker's URLs

The following table shows the details of the URLs used by the attacker. These could either be the fake website of the attack, or a site which redirects to the attackers fake site. Sometimes the attacker will use an additional site for hosting resources such as images.

The table shows the current status of the site: if it is still reachable (), or if it has been shut down (). If the site has not been confirmed as a phishing site it is shown with the symbol . The time when the site was first observed is shown, together with the time that the site was shut down, if applicable. Do not visit the attackers site as it may contain malware. You can get more details on the site by clicking on the symbol.

Status	First observed	Shut Down	Internet Address	URL
	13/07/2006 22:45:40	17/07/2006 09:16:07	84.246.225.21	http://tarot-numerologie.com/phpmv2/BankofAmerica2006/BankofAmerica%20OnlineID/cgi-bin/sso.login.controller/SignIn/index.html
				http://images.google.co.id/images

Message Text

The text below shows the message content, rendered in a safe way. It does not show images or HTML formatting, but the text is the same as that contained in the phishing email. Each clickable link is shown as a reference. You can see the way the URL is presented in the main body of the text, while the actual URL activated by the link is shown below the main body.

How the message body looks in an email client.

   [1]Bank of America Higher Standards Newsroom 

   Dear Bank of America customer,

   During  our  regularly  scheduled account maintenance and verification
   procedures, we have detected a slight error in your billing information.

   This might be due to either of the following reasons:

   1. A recent change in your personal information ( i.e.change of address).
   2. Submiting invalid information during the initial sign up process.
   3. An inability to accurately verify your selected option of payment due to
   an internal error within our processors.

   Please update and verify your information by clicking the link below:

   [2]sing on now

   If your account information is not updated within 48 hours then your ability
   to access your account will become restricted.

   Thank you

   The Bank of America Billing Deptartment .
     _________________________________________________________________

   Bank of America, N.A. Member FDIC. Equal Housing Lender Equal Housing Lender
   © 2006 Bank of America Corporation. All rights reserved.
   Designated  trademarks and brands are the property of their respective
   owners.
   [3][Bank%2520of%2520America%2520RGB%2520logo.jpg] 

References

   1. http://tarot-numerologie.com/phpmv2/BankofAmerica2006/BankofAmerica%20OnlineID/cgi-bin/sso.login.controller/SignIn/index.html?sing_on%%update+information%%online+banking+singon=submit
   2. http://tarot-numerologie.com/phpmv2/BankofAmerica2006/BankofAmerica%20OnlineID/cgi-bin/sso.login.controller/SignIn/index.html?sing_on%%update+information%%online+banking+singon
   3. http://tarot-numerologie.com/phpmv2/BankofAmerica2006/BankofAmerica%20OnlineID/cgi-bin/sso.login.controller/SignIn/index.html?sing_on%%update+information%%online+banking+singon

   [1]Bank of America Higher Standards Newsroom 

   Dear Bank of America customer,

   During  our  regularly  scheduled account maintenance and verification
   procedures, we have detected a slight error in your billing information.

   This might be due to either of the following reasons:

   1. A recent change in your personal information ( i.e.change of address).
   2. Submiting invalid information during the initial sign up process.
   3. An inability to accurately verify your selected option of payment due to
   an internal error within our processors.

   Please update and verify your information by clicking the link below:

   [2]sing on now

   If your account information is not updated within 48 hours then your ability
   to access your account will become restricted.

   Thank you

   The Bank of America Billing Deptartment .
     _________________________________________________________________

   Bank of America, N.A. Member FDIC. Equal Housing Lender Equal Housing Lender
   © 2006 Bank of America Corporation. All rights reserved.
   Designated  trademarks and brands are the property of their respective
   owners.
   [3][Bank%2520of%2520America%2520RGB%2520logo.jpg] 

References

   1. http://tarot-numerologie.com/phpmv2/BankofAmerica2006/BankofAmerica%20OnlineID/cgi-bin/sso.login.controller/SignIn/index.html?sing_on%%update+information%%online+banking+singon=submit
   2. http://tarot-numerologie.com/phpmv2/BankofAmerica2006/BankofAmerica%20OnlineID/cgi-bin/sso.login.controller/SignIn/index.html?sing_on%%update+information%%online+banking+singon
   3. http://tarot-numerologie.com/phpmv2/BankofAmerica2006/BankofAmerica%20OnlineID/cgi-bin/sso.login.controller/SignIn/index.html?sing_on%%update+information%%online+banking+singon

Additional Examples