26/13). Bank of America - HTML.Phishing.Bank-213
This email targets customers of Bank of America.
Message Details
| Malware Name: | HTML.Phishing.Bank-213 |
| Origin: |  United States |
| Date first seen: | 10/01/2007 21:31:07 |
| From: | "Bank of America"<service@bankofamerica.com> |
| Subject: | Online Banking Notification: An update for your online profile (Important) |
Attacker's URLs
The following table shows the details of the URLs used by the attacker. These could either be the fake website of the attack, or a site which redirects to the attackers fake site. Sometimes the attacker will use an additional site for hosting resources such as images.
The table shows the current status of the site: if it is still reachable (
), or if it has been shut down (
). If the site has not been confirmed as a phishing site it is shown with the symbol 
. The time when the site was first observed is shown, together with the time that the site was shut down, if applicable. Do not visit the attackers site as it may contain malware. You can get more details on the site by clicking on the 
symbol.
| Status | First observed | Shut Down | Internet Address | URL | |
|---|---|---|---|---|---|
|
14/01/2007 08:25:10 | 14/01/2007 08:25:10 | 74.52.11.162 |
http://www.lambtoncountyjf.com/www.bankofamerica.com/update-information/online/ | |
|
14/01/2007 08:25:09 | 74.52.11.162 |
http://magnum.kylemaw.ca/suspended.page/ | |
Message Text
The text below shows the message content, rendered in a safe way. It does not show images or HTML formatting, but the text is the same as that contained in the phishing email. Each clickable link is shown as a reference. You can see the way the URL is presented in the main body of the text, while the actual URL activated by the link is shown below the main body.
[mhd_reg_logo.gif]
Dear Customer,
As the Internet and information technology enable us to expand our services,
we are committed to maintaining the trust customers have placed in us for
protecting the privacy and security of information we have about you. In
order to protect your information against unauthorized access, identity
theft and account fraud we earnestly ask you to update your profile.
Currently we are trying to upgrade our on-line security measures. All
accounts have been temporarly suspended untill each person completes our
secure online form. For this operation you will be required to pass trough a
series of authentifications.
We won't require your ATM PIN number for this operation
To begin unlocking your Bank of America account please click the link below.
[1]http://www.bankofamerica.com/index.cfm
Please note:
(Bank of America Bank will never ask for your ATM/PIN) If we don't receive
your account verification within 48 hours from you, we will further lock
down your account untill we will be able to contact you by e-mail or phone.
Bank of America, N.A. Member FDIC. Equal Housing Lender.
References
1. http://www.lambtoncountyjf.com/www.bankofamerica.com/update-information/online/