Phony Bank of America Alert Emails Link to Malware

Bank of America SpamBe sure to hover your mouse over any links in Bank of America emails to verify they will lead you to the proper place.

Cybercriminals are doing their best to imitate emails sent by Bank of America to notify customers of important account alerts in order to spread malware.

The spam email closely resembles legitimate BofA emails and is void of any obvious spelling or grammar mistakes – characteristics that typically tattle-tale on spam emails the moment they’re opened.

All but one of the links within the email point to the legitimate BofA website (just like the Delta Air Lines phishing email did), which happens to be the link that folks are most likely to click since it allegedly takes them to the alert message:

Bank of America Spam Malware Link

Please follow the link to download ALERT message here
alerts.bankofamerica.com/customer/8239EPEOIQ89534/

However, the link points to an Italian domain that serves up a malware identified as Troj/FakeAV-EZF. Once on your machine, Troj/FakeAV-EZF will modify system files, disable IE internet security settings and open a backdoor to download additional malware or allow remote control.

How Can I Avoid Falling for This Fake Bank of America Spam Message?

One way to spot the fake Bank of America alert emails is to note how you are addressed within the email. Authentic BofA emails will address you by name, whereas the fake alerts will address you by email address.

Also, it’s generally a good idea to hover over a link and checking the actual address in the status bar before clicking on it. Of course, you could always bypass any email-related threats by visiting Bank of America’s website by typing in the URL in your browser, logging into your account and checking the ‘Alerts’ section for any new notifications.

Have you received any fraudulent Bank of America emails? Share your experience below!

Be sure to follow us on Twitter @hyphenetfollow and “Like” us on Facebook for the latest tech news and PC security threats. 

This entry was posted in Computer Security, malware, spam and tagged , , , .
Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5