That’s a phishing scam and you took the bait!
Criminals use compelling tricks to get you to click a link or download an attachment. They steal sensitive information or install malicious software. Delete scam messages, or move them to your spam folder, without clicking the link. Scroll down to continue.
Check the Sender
The most important step is to identify the sender. If you don't know them, you should immediately be on guard.
And even if you do, take a moment to inspect the "From" address, and keep the following in mind:
- Scammers use names and e‑mails stolen on the black market, so their messages appear to be from real people.
- A common tactic is to spoof a well-known service's address, like your e‑mail provider or bank.
- If something seems off, compare the message to the real service's e‑mail address—even a different in one letter should set off your alarms!
Dear Online Banking Customer:
We are inform you that is been invalid log on attempt to acces yore account. As a result, we have temporarily locked your account and added an extra verification process intended to ensure your identity and protect the security of your account in the future.
Please click here to begin the account verification process. If you fail to update your account information in the next 24 hours, you will be required to go into our branch to reestablish your account.
Sincerely,
Bank of Americans Fraud Detection
What's the Subject?
Scammers want to catch your attention and will often use the "Subject" line to provoke an emotional response, hoping it will lower your skepticism.
Messages that threaten your financial accounts are the go-to method.
Read each "Subject" line before opening e‑mails, and don't jump to conclusions.
Dear Online Banking Customer:
We are inform you that is been invalid log on attempt to acces yore account. As a result, we have temporarily locked your account and added an extra verification process intended to ensure your identity and protect the security of your account in the future.
Please click here to begin the account verification process. If you fail to update your account information in the next 24 hours, you will be required to go into our branch to reestablish your account.
Sincerely,
Bank of Americans Fraud Detection
Imposters on the Loose
Cybercrooks don't care about copyright laws! They'll impersonate any organization they can in order to make their messages seem legitimate.
In some cases, their forgeries look so good that they're indistinguishable from the real thing.
In this case, you've got to use your investigation skills to find other telltale signs of phishing.
The bottom line: a corporate logo doesn't make the e‑mail trustworthy!
Dear Online Banking Customer:
We are inform you that is been invalid log on attempt to acces yore account. As a result, we have temporarily locked your account and added an extra verification process intended to ensure your identity and protect the security of your account in the future.
Please click here to begin the account verification process. If you fail to update your account information in the next 24 hours, you will be required to go into our branch to reestablish your account.
Sincerely,
Bank of Americans Fraud Detection
Say My Name
Many phishing e‑mails use generic greetings, like "Dear Customer," or "Greetings Account Holder." These greetings sound professional, until you realize that all of these service providers should know your name ... and hackers may not.
In an age where personal information is submitted to companies all the time, a salutation like this should seem out of place and raise a red flag.
Dear Online Banking Customer:
We are inform you that is been invalid log on attempt to acces yore account. As a result, we have temporarily locked your account and added an extra verification process intended to ensure your identity and protect the security of your account in the future.
Please click here to begin the account verification process. If you fail to update your account information in the next 24 hours, you will be required to go into our branch to reestablish your account.
Sincerely,
Bank of Americans Fraud Detection
Do You Know "Engl-ish"?
Low-rent scammers aren't into grammar.
As you read the e‑mail, keep an eye open for sentences which feel like they were written by someone unfamiliar with English.
Everyone makes spelling or grammar mistakes from time to time—but an abundance of mistakes is one more way you can differentiate between a phishing message and the real thing.
Dear Online Banking Customer:
We are inform you that is been invalid log on attempt to acces yore account. As a result, we have temporarily locked your account and added an extra verification process intended to ensure your identity and protect the security of your account in the future.
Please click here to begin the account verification process. If you fail to update your account information in the next 24 hours, you will be required to go into our branch to reestablish your account.
Sincerely,
Bank of Americans Fraud Detection
Check the Hyperlink's URL
The most important thing you can do to avoid falling prey to phishing is to check any hyperlink's URL before clicking.
Check out the link in the example, and see where it's taking you.
Sometimes it's obviously fake:
www.goggle/amp/tiny.cc/ 9asf673_87.ru
Other times, the fake destination is more well-hidden:
www.google.com/fraud_reporting/ submissionform
Dear Online Banking Customer:
We are inform you that is been invalid log on attempt to acces yore account. As a result, we have temporarily locked your account and added an extra verification process intended to ensure your identity and protect the security of your account in the future.
Please http://amaericans-bank.mp2.io
Click to follow.click here to begin the account verification process. If you fail to update your account information in the next 24 hours, you will be required to go into our branch to reestablish your account.
Sincerely,
Bank of Americans Fraud Detection
Beware of Attachments
Attachments remain a primary means of getting the malware onto your computer.
If a message seems phishy AND it has an attachment, sound the alarm right away.
Even if the message seems legit, but you weren't expecting the attachment, it's best to slow down and follow up with the sender via a new e‑mail to confirm.
In the case that the attachment comes from an organization or service provider, reach out through their official customer service channel.
Dear Online Banking Customer:
We are inform you that is been invalid log on attempt to acces yore account. As a result, we have temporarily locked your account and added an extra verification process intended to ensure your identity and protect the security of your account in the future.
Please click here to begin the account verification process. If you fail to update your account information in the next 24 hours, you will be required to go into our branch to reestablish your account.
Sincerely,
Bank of Americans Fraud Detection
Don't Get Fooled by a Fake Sign-In Page
Many phishing hyperlinks will redirect you to fake websites which ask you to enter account information, like passwords.
Like well-made phishing e‑mails, these pages look legitimate, but have many of the same tell-tale signs of forgery that you can spot in an e‑mail.
Use your skepticism and investigate before filling out any information.
Remember: when in doubt, just open up a new window and go to the organization's website directly using a URL you know is safe!
Login to access your account.
Keep me signed in
Do
- Forward the e‑mail to our IT department explaining the situation.
- Follow-up with the sender via a new e‑mail if you need clarification.
- Go to the official website, if the sender is an organization, instead of clicking links.
- Mark the sender as SPAM, and then delete it.
Don't
- Reply directly to the e‑mail.
- Click any hyperlinks or download attachments.