Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« I'm in Trouble! (Not!) | Main | You Have NOT Won an iPad 2 [or 3] »

March 16, 2012

Phony Bank of America Wire Transfer Notices

Yet another attempt to trick unsuspecting victims. This one comes in the form of a bogus alert from Bank of America suggesting that you wired a big chunk of dough to an international recipient. Here's one version of the message I've seen:

From: Online Transfers from Bank of America
Subject: Your Same Day wire transfer was successfully sent

We have successfully sent the following transfer:

*********************************************
Item #: 996474891
Amount: $5151.00
To: Brooks Sports
Fee: 45.00
Send on Date: 03/16/2012
Service: International
*********************************************

You can always check your transfer status on the Review Transfer screen at www.bankofamerica.com.

Wire Details Report: report_996474891.doc (Microsoft Word Document)

Sincerely,

Member Service

www.bankofamerica.com

(C) 2012 Bank of America Corporation. All rights reserved.

The links are to a hijacked Turkish web site, where the inserted page loads not one, not two, but five copies of the same JavaScript script, each one hosted at a different domain or IP address. The script loads a page from a still different hijacked web site.

Although phony banking alerts typically lead to phishing pages, there are hallmarks of this campaign that point more to malware delivery. Of course, one cybercrook is equally capable of pulling off both types of scams. Installing malware helps build the bot network; phishing helps fund the botnet-building activity.

In any case, I can see recipients of this message (who are also Bank of America customers) freaking out about a $5100 wire transfer. If you want to put your mind to rest about this possible transaction, ignore the links in the message and log into your BofA account by way of the bookmark you normally use to do your electronic banking. Any wire transfer would show up as a debit in your account — but you will find no such debit because this email is entirely bogus.

Posted on March 16, 2012 at 11:00 AM