Monday, March 5, 2007

Gone Phishing

There are very few times when stories from what I do for a living are worth telling. Accountants have, by nature, very boring jobs. Put an accountant into a financial institution and stand back and let the naps ensue. However, I have wormed my way onto the e-Commerce committee at my FI and get to help fight the cyber-critters and the Nigerian scammers on a regular basis.

We do everything we can to educate our members (ok, now you know I work at a credit union) and I thought, why not share some of what I know with anyone willing to take the time to put their eyes on my humble little blather.

I recevied an email in my home email the other day that kicked off this little diatribe and it serves as a really good example of a phishing scam. It also gives some really good examples of things to look for in these type of things. I'm going to copy the text directly into my post here and then I'll tell you what tipped me off. I guess I'm lucky that part of my job is to bust up this stuff, because except for a few small things this isn't a bad attempt.

Your Online Banking is Blocked
Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account. So we have decided to put an extra verification process to ensure your identity and your account security. Please click on sign in to online Banking to continue to the verification process and ensure your account security. It is all about your security. Thank you.and visit the customer service section.
Bank of America, N.A. Member FDIC. Equal Housing Lender © 2007 Bank of America Corporation. All rights reserved

There were lots and lots of official looking logos and all kinds of BofA propganda attached as well. The first thing that caught my eye was the fact that I do not have an account with B of A. Pretty much a dead give-away. But let's suspend that trivial factor and move on to the body of this piece of linguistic mastery. Two major grammatical errors in the first sentence and the fact that the "click here" link (removed for safety reasons) leads to the web address below:

Now what this link will lead you to is a site that in all probability looks JUST like the B of A sign in screen. So you sign in and bang right into online banking. What you didn't see happen was the hand off from the phisher's site to B of A where he, nice guy that he is, signed you in, leaving you none the wiser. BUT he now has a record of your user ID and password and as soon as you sign out, he signs in and sends himself a nice little gift. You go back to balance your check book and WTF?!?! you have no money. Neat huh?

This is just one way that they get you. And they have hundreds more. The best advice I can, and do give is:

1. always be suspicious, take every thing you get in an email as fiction unless YOU initiated the contact,
2. if you are concerned go to the website yourself, NEVER use the link provided in the email,
3. when in doubt call or go by your bank or credit union. They'd rather help you prevent this than have to help you recover from it.
4. use your brain. Most of these critters are banking on us being lemmings, and all to often they are, unfortuantely, right.

Hope this was worth the read and if it helps anyone avoid getting taken, then it was worth the write.



HollyB said...

Being the grammatical and spelling pedant I am, I noticed the errors, and thought, "What sort of moron would fall for a scam like this?"
But that's just me.
I get e-mail from my bank, NOT BofA , all the time. They NEVER provide a link. They just instruct me to GO to the site and pick up my mail in the mailbox I have on the site.
This was a GREAT post, btw, thanks. I'm going to copy and paste it to sned to my Mom.

Strings said...

Very good, Tole: I ALWAYS check the lil' frame at the bottom of the browser when I bring my pointer over the links: the web addys are sometimes a hoot...

In case you didn't know about it (since you mentioned Nigerians), you might want to check out

It's a group of people that actually reverse scam the scam artists for fun (warning: some of what they pull is NOT safe to look at with kids around)

Gay_Cynic said...

Good article. Also "always have in place a good firewall (by preference a hardware firewall), up to date anti-virus software, and up to date anti-spyware software" - the mantra of a happy techie, right up there with "perform back-ups of important data regularly" and "always dispose of all media (HDD, CD, floppy, etc) securely".

Some messages just can't be repeated often enough...and thanks for adding to the list ;)

WR Olsen said...

I got ehe same email you got, but was wise enough to just forward it to BofA and then delete it from my server.
What bothers me however is that Bank of America adopts an "oh well" attitude and relies on the customer to take action.

Ray said...

Damn good information. Keep up the good work. Believe it or not the banking industry facinates me.

RobC said...

These bastards seem to be using unsuspecting websites to ride piggyback on as well, the one I delved into was a french country guesthouse's website. Seems they were not even aware of the extra pages added to their account.