Understanding Phishing Scams…first hand!
This is my PSA (Public Service Announcement) for the week and it is about something pretty scary…Phishing Scams. Several years ago, I was a victim of identity theft. It was not a pleasant experience but it left me wiser and more cautious. It was done the old fashioned way of swiping some receipts and looking up some account information (local retailer). Now adays, identity theives have become much better in their “art.” I have first hand experience now…but I wasn’t a victim.
So, here is what happened, I received the following email:
It looked much more legit than others that I have seen. There were no huge gramatical errors or spelling errors (although the writing was pretty bad). So, I figured that I would check to see if Bank of American had shut down the site yet. To my suprise, they hadn’t! Thus, it became my mission to document this as a warning for others.
So, using Safari (because I have no faith in using Internet Explorer for things like this because of ActiveX installers and such), I went to the site and documented it. It looks identical to the current Bank of America site, and all of the links (with the exception of the login section in the upper left) were valid. Here is what it looked like:
Take a look at the url and the domain [http://debitcc.bankofamerica.uo-s.com/secure/ ]. Doing a WHOIS on that domain gets me this:
Registrant:
Marcis Graudins
Rigas iela 9-19
Ligatne, Cesu raj LV-4108
LatviaRegistered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: UO-S.COM
Created on: 22-May-06
Expires on: 22-May-07
Last Updated on: 16-Jun-06Administrative Contact:
Graudins, Marcis marcis.graudins@gmail.com
Skolas iela 9-19
Ligatne, Cesu raj LV-4108
Latvia
37126261435Technical Contact:
Graudins, Marcis marcis.graudins@gmail.com
Skolas iela 9-19
Ligatne, Cesu raj LV-4108
Latvia
37126261435Domain servers in listed order:
DNS2.CHARGERTEK.COM
DNS3.CHARGERTEK.COM
Hmmm. I don’t think that Bank of America is located in LATVIA! So, I went on to put in some fake information in the login screen and got to the screen that captures ALL the critical “identity theft” information. Take a look at this screenshot (click to view):
Clicking submit sends all of your confidential information off to the scammer! See success screenshot below:
So, I just figured that I would post this so that you know to be sure to never click through links sent in emails but rather go directly through your web browser. Be careful!!! I have reported this to Bank of America…so the site will hopefully be taken down soon.
Related posts:
- How to combat Phishing Scams So, I previously posted about Phishing scams and what they...
- Quick way to test if you need DST patch Ok, you are running out of time!!! Literally! Thanks, Kris,...
- ALERT: LogMeIn Phishing Scam claims New Encryption I just received an email supposedly from "security@logmein.com" claiming that...
- Netvibes & iPhone Compatible at last! WOAH! I just reloaded my default home page and there...
- New Theme for Netvibes - Coriander The great Web2.0 company, NetVibes, that I have been using...
If you enjoyed this post, please consider leaving a comment or subscribing to the feed and get future articles delivered to your feed reader.
Be sure to click on an Ad (like the one below)!
Add New Comment
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Add New Comment
Trackbacks
(Trackback URL)
November 7, 2007 at 9:41 am
[...] to get users to put in their LogMeIn information. (I have covered Phishing scams before. See posts #1, #2 ...