ALERT! – Spear Phishing Attacks Target Wells Fargo, BofA Customers – ALERT!

Published On June 23, 2020 | By Tom Huskerson | Alerts, News and Analysis

Well Fargo and Bank of America customers need to be on the look out. Cyber criminals have you on their hit list.

Separate reports from security researchers reveal phishing campaigns intent on stealing customer’s credentials.

Armorblox security researchers discovered the phishing campaign and reports that it targets a select group of Bank of America customers to ensure that the malicious emails can bypass various security tools in order to reach the intended victim.

Researchers at Abnormal Security are investigating an even bigger phishing campaign aimed at Wells Fargo customers. Cyber criminals are impersonating the bank’s security team sending out fake alerts to victims with an urgent message to update their security key or lose access to their accounts.

Both campaigns usher victims to malicious domains where they are asked to input their credentials. The information goes directly to the fraudsters. There are no reports thus far that the phishing attack is working but Abnormal Security researchers report that Wells Fargo phishing emails may have reached as many as 20,000 inboxes.

Bank of America

In the Bank of America attack, discovered by Armorblox, the scammers sent phishing emails to customers requesting them to update their email addresses. Victims who clicked on a malicious link embedded in the message were sent to a fake BofA website that looks exactly like the actual Bank of America login page. The scammers collected vital information from victims including email addresses, user names and passwords and other sensitive information used in account take over fraud and other financial crimes.

Chris Morales, head of security analytics at security firm Vectra, told the Information Security Media Group. “Financial institutions have always been one of the highest profile targets for cyber attacks. The attack landscape is no better or worse today than it was at the beginning of the year for financial institutions already dealing with targeted attacks.”

Wells Fargo

In the Wells Fargo phishing campaign Abnormal Security found victims had received emails that appear to come Wells Fargo Security. The fraudsters attempt to steal customers’ data, such as usernames, passwords, PINs and account numbers. The email also included an ICS calendar file that is supposed to store scheduling information, according to the report.

Fake Wells Fargo webpage

If the victim opens the calendar file they will discover a link to a SharePoint page. This takes the victim to yet another webpage. Finally the victim lands on a page that is malicious and controlled by the fraudsters . Like many other scams this page is a near exact replica of the Wells Fargo website. If customers enter data here it’s collected by the attackers.

According to reports the calendar invite file is designed to encourage victims to click and requests that they open it up on their mobile device.

According to Abnormal Security, “Here, the attacker is attempting to exploit a setting where the event will automatically be added to a user’s calendar. Most of these programs will send an automatic notification to the user and attackers hope that potential victims will click on the event and follow the malicious link. As a result, these attacks are more likely to be seen by recipients.”

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.