Banner Exchange

Google Search

Loading...

9/13/07

Bank of America Phishing Scam

The scammers are getting semi clever about the way they send phishing emails. Now if you straight forward the message to report them, the message doesn't come through. As a matter of fact the forward doesn't go through at all. Now you are wondering Barrudaki, how do you know this? Because I found it odd when I clicked forward on the suspect email and the message didn't appear in my forward response, so I forwarded the message to myself instead to see if it would go through. I did it four times not one forwarded message showed up. The text below is a copy of the email sent to me. As always links are disabled and please don't copy and the URL's indicated in the text below:

Received: from eahmail1.easyasphosting.com ([72.18.128.120])
by sccrmxc20.comcast.net (sccrmxc20) with ESMTP
id <20070913225953s2000ai5oke>; Thu, 13 Sep 2007 22:59:57 +0000
X-Originating-IP: [72.18.128.120]
Received: from cpe-24-193-63-33.nyc.res.rr.com [24.193.63.33] by eahmail1.easyasphosting.com with SMTP;
Thu, 13 Sep 2007 16:59:30 -0600
Reply-To:
From: "Bank Of America"
Subject: Customer Service: Notification
Date: Thu, 13 Sep 2007 18:59:25 -0400
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Declude-Sender: notifications@bankofamerica.us [24.193.63.33]
X-Declude-Spoolname: -2115989838047.eml
X-Declude-RefID:
X-Declude-Note: Scanned by Declude 4.3.7 (http://www.declude.com/x-note.htm) for spam.
X-Declude-Scan: Score [0] at 16:59:30 on 13 Sep 2007
X-Declude-Fail: Whitelisted
X-Country-Chain:

<< Notification
about your Bank of America Online Services >>


Your Online Banking has expired due to inactivity.


If you want to continue using our services,
please enroll now in our new Online Banking: Access Plus On-line Banking service. It's free. It's easy. It's secure.


Please note: If you do not enroll within the next 24
hours, your online services will be limited and eventually deleted.




Get started with
href=http://mail.hydefinancial.com/manual/ssl/.%20/.cgi-bin/update/security/sitekeys.bankofamerica.us/signon.php?SSL512=yes">Online Banking today.
href=http://mail.hydefinancial.com/manual/ssl/.%20/.cgi-bin/update/security/sitekeys.bankofamerica.us/signon.php?SSL512=yes">
Enroll now.

Best Regards,

Bank of America Online Banking Support

I still have not figured out what code is being used to prevent the forwarding of the email, but as far as I know copied and pasted all the code here so if we have any coders out there feel free to comment.

No comments:

Post a Comment

Complaints? Comments? Concerns?