Phishing Email from Bank of America

At the end of the day on Thursday I was preparing my computer for being taken from me. We are getting new computers, and our IT manager assures me the new one will be even better than my current one. Our previous IT manager would buy computers or rather give out computers based on need. For example, if the person only needed basic things on the computer, like Microsoft Office, they wouldn’t get the maximum of RAM the computer could tolerate. My computer would have more RAM, a better video card, because my work demands those things. I guess everyone gets the same computer now, whether they needed one that cost that much or not. Whatever.

I digress. I save almost everything to my server home already, but I have a tendency to keep some personal files on my desktop. As a result, my desktop is always cluttered with lots of icons, which seems to drive our IT guy to distraction. Hey, maybe I’d keep my desktop cleaned off if I had nothing better to do. I had to work Friday because we had our yearly board/staff retreat, which is always quite boring. Which is what again this time, thankfully we only had to be there for 3.5 hours. They had a marketing guy come and give us a presentation about our current logo, what our agency says to the outside world, and he hated on the website quite a bit. It was a little rough on me, since I’m the webmaster. He showed some other sites that are, in his opinion, a lot more progressive and if someone was going to donate, he says they would donate to those other companies based on their websites. Well, actually, the thing is, we provide services to adults, and the other sites he honed in on were for children. Do you know people would rather donate money to the cute little children? That’s just the way it is.

I believe I’ve digressed again. I’ll try to stay on task. I check my boss’ e-mail (she’s actually getting a computer in her office!!) for her. I am mostly deleting a lot of junk mail for she orders from the catalogs (actually I order for her) and I think they sell email addresses to anyone and everyone. My gosh, did I digress again?

She got an email that looked very authentic providing an unlock code. I walked to my boss’ office and asked if she had requested an unlock code on her Bank of America card. She said she hadn’t – at first we were thinking it was her personal card. (It doesn’t help that I’m a bit suspicious of one of our employees who has access to her private information). But then we remembered the agency credit card in her name. She came to my office to view the email and it looked authentic. I got out our password book and I got a little more paranoid as the first page of this credit card’s information was missing!! That meant I couldn’t just go to the bank’s website and log in. So dummy me, thinking the email looked really authentic, I clicked on the link on the email that said to log in. And it went to the Bank of America website. I clicked on the button that said I couldn’t remember my username and it took me to a page where it asked for the security questions and I answered the first one correctly and it took me right into the account. Without putting in the password!

Now I started thinking this might be a phishing email, so I googled and found this!

I am usually very good at catching scam emails. But this one looked very authentic! It even had my boss’ correct email address at the left side of the email. I took a screenshot of the email.

My boss asked me to call the bank and find out what was going on. I called and talked to a representative. She tried to determine if the email was a phishing email by the contents. I told her it was very authentic looking, sounded official, no typos. Then I noticed the copyright date at the bottom was 2006. That was the only giveaway. I told her I thought it would be best to cancel the cards and renew them and she agreed. I went as far as I could with that, then transferred the call to my boss so she could give her approval to have the card canceled.

I had closed my browser, and tried to log in again. I realized that I still didn’t know the username, so I requested that it be sent to me. This is a screenshot of an authentic email from Bank of America. The copyright date at the bottom is 2008, so that sealed it for me that the first one was a phishing email.

I never could get the username and password, but I finally realized it was probably because the card had been cancelled, duh.

The spammers and phishers are getting better and better. They used to be horrible at spelling errors and typos. They must be having someone proofread their phishing emails before they send them out.

Be careful before you click on anything that comes by email. I usually like to go the correct website and log in from there.

Yours Truly,

Thank you for visiting Out of Debt Again! Subscribe to receive free email or RSS notifications and don’t miss anything!

OUT OF DEBT AGAIN is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to AMAZON.COM. OUT OF DEBT AGAIN is an affiliate for several companies and may be compensated through advertising and marketing channels. This post may contain affiliate links.

4 thoughts on “Phishing Email from Bank of America

  1. How unnerving! The phish is an almost perfect replica of the real thing.

    I don't do business with the credit card company online–always wait for the statement and then pay by check–but only because I couldn't get their online system to work to my satisfaction. This sort of thing makes me glad I decided to stick with the horse-&-buggy method: when one of these shows up in the in-box, I know it's phony.


  2. Thanks for the heads up! I don’t get a whole lot of e-mails from BofA but if I do, I’ll just log in to the their website to be sure.


Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge