Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Bank of America customers under phishing attack

Posted on 31 October 2012.

Bank of America customers, beware - the old "account suspended" warning purportedly sent by your bank's Cardmember Services is hitting inboxes once again.

"During our usual security enhancement protocol, we observed multiple login attempt error while login in to your online banking account," the email says. "We have believed that someone other than you is trying to access your account for security reasons, we have temporarily suspend your account and your access to online banking and will be restricted if you fail to update."

According to PhishTank, the offered link takes potential victims to a very realistically spoofed Bank of America login page:

The fake webpage was located on http://account.safe.bankofamerica.com.flipthisbod.com/home/sign-in/, but has since been made unavailable. Still, the URL in the email can be easily changed to point to another page, so be careful!

If you aren't sure whether the email is legitimate or not, check your account but do not do it by following the link embedded in the email - type in the correct, legitimate URL in the browser's address bar, or use already set up bookmars.