Bank of America [phising email]

[Troy Cregger <tcregger () kennedyinfo com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Got an email today that was crafted to look like it came from Bank of
America, the message contained the following:

Because of   unusual number of invalid login attempts on you account, we
had to believe that,   their might be some security problem on you
account. So we have decided to put   an extra verification process to
ensure your identity and your account security.   Please click on <A
href="http://www.candy-pop.com/www.bankofamerica.com/BOA/sslencrypt218bit/online_banking/index.htm";
target="_blank">sign in to Online Banking</A> to continue to the
verification process and   ensure your account security. It is all about
your security. Thank you, and   visit the customer service section.

Which of course loads a phishing page that would capture login
credentials should anyone fall for the ruse.

This may be old news though and possibly related to another story I read
earlier on Zone-H
here: http://www.zone-h.org/content/view/14577/31/




Troy Cregger
Lead Developer, Technical Products.
Kennedy Information, Inc
One Phoenix Mill Ln, Fl 3
Peterborough, NH 03458
(603)924-0900 ext 662
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF3HPLnBEWLrrYRl8RAmPbAJsEhggVS+bHdwHYAi6Zrax+azPPXwCfd2T8
gKSsfPlF/9a+kPWEYacykVg=
=aepj
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/