Bank of America: Your Online Banking is Closed – ID Theft Scam

Welcome back my fellow e-mail readers. I think that makes the majority of you.  Today I received news that my Bank of America online banking is closed.  Coincidentally, I do have a Bank of America account and that tickled my curiosity a little bit.  First, I want to show you the screen shot of this interesting and nearly well crafted email fraud so we can both go through the details of its content.

Bank of America: Your Online Banking is Closed – ID Theft Scam

You can click on the image to see it up close, or right click it to open in a new window or tab.

As you can see from your initial perspective it seems to be a legitimate email from Bank of America and not an identity theft scam.

What makes this email seem believable? Well, for one, it has the sender listed as Bankofamerica.  This is also where the thieves made a mistake by not spacing the words and not capitalizing “america.”  This is often not enough to stop identity theft, but for the prepared it is a sign of poor organization on behalf of the scam artists.

The email has the company logo prominently displayed up top.  This is perfectly executed to make you think it is from your bank.  Remember this, anyone can go to the website of the bank, in this case Bank of America, and obtain the images apparently used in this email.

Lets get to the body of the email message to spot id theft in progress.

Your Online Banking is Blocked

Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account.

Good headline which gets the message across.  Go to the end of the paragraph.  Here you will notice that “their” should be “there” and “problem” should be “problems.”  I am no English major but when it comes to protecting my identity and credit I am a PhD.

So we have decided to put an extra verification process to ensure your identity and your account security.

This paragraph looks perfect.

Please click on continue to the verification process and ensure your account security. It is all about your security.

Thank you.

In my opinion the last sentence can make the reader worry, and it should.  If this would be my bank and it wanted my id information updated for security purposes it would write me a letter on paper, or call me, and tell me to login into my online bank account at the Bank of America Website.

If you clicked on the link above you will notice “https” in the address bar of your web browser.  This shows that the login will be attempted on a secure server and you should be fairly confident that this is not there to steal your identification information.

Lets continue with this image:

This is the bottom portion of the email, but it is the most valuable in the prevention of email scams that can potentially put you in strenuous debt and credit problems.

If you can’t see the image well click on it as you did with the prior one as it will reveal a secret known to select few, and techies, of course.

The tool tip, the little window with the extra long website address, shows that the website is of European descent: “www.mycomet.eu.”

So what?  Shouldn’t you mention that it has no BankofAmerica.com domain.  Sure, that’s next.  The reason I focused on the origination of this site is because banking, and other financial institutions, often use companies that create content pages for them which are routed through non-company specific domain names, but end up looking like you went straight into the web site of your choosing. That’s why.  The domain should most likely be www.bankofamerica.com/a_lot_more_other_characters_and_weird_text.

Word of advice here.  Your financial institution should never ask you to update your personal and security information via email.  If there is such an institution please send me an email with the request, and I can tell you if it is a genuine email or a scam.  Again, if there is such an institution they are putting their customers at risk. Period.

On we go with the email.  We are almost done.

Looking at the image above notice the “Copyright 2006 Bank of America” notice.  Does anything seem wrong here? If you said the year is incorrect, you win a stress free lifestyle compliments of your keen observance.  As of this writing it is mid 2008 and I know for a fact that any websites run by most banking institutions update their copyright notices to the year of, or they post their copyright notices in this or similar format: Copyright 1999-2008 Your Financial Co. — 2008 being the current year, if it is now past the year 2008 plug in your year to make sense of the copyright information.

Finally the Olympic logo is a great way for identity thieves to make the email look presentable and valid.  Don’t be fooled by pretty graphics, as they are there to confuse you.

This email, unlike millions of others, is very well crafted.  However, like many circulating scams, this one has probably been flagged as fraudulent.  If you own the latest version of Internet Explorer or Mozilla FireFox you can be protected when you click a bogus link like the one in the above email.

I hope that you update your operating system and Internet web browsers whenever an update is ready.  This is crucial in keeping you sane and your identity in tact.  In the end you are solely responsible for your identity, and even though technological advancements can help, you should be well aware of the ins and outs of email and other scams.