Phish siteI received a phishing attempt in my inbox this morning. Phishing is a fraudulent attempt which fake emails are sent to unsuspecting users tricking them to surrender sensitive user information usually by linking the user to a site that is forged to look legit.

This particular email disguises as Bank of America informing me of an "unauthorized activity". First, I am not BofA customer and secondly, the email was poorly done (spelling error for example). It was a dead giveaway, so I spot it as a phish right away. The link included in the email is simple bare URL, linking to a site in Tanzania! I’m insulted! 🙂

Pictured above is the screen shot I made from the fraudulent site in Tanzania, forging as BofA. It’s tricking users into entering BofA user IDs & pass codes. Bastards! Some of recent phishing attempts are very clever. Some of my co-workers at Yahoo even fell to victim to recent schemes.

Phishing is becoming more prevalent, so be prudent…

Subject: Unauthorized Activity

Dear Bank of America client,

You have received this email because you or someone had used your account from different locations.For security purpose, we are required to open an investigation into this matter.
In order to safeguard your account, we require that you confirm your banking details.
The help speeed up to this process, please access the following link so we ca complete the verification of your Bank of America Online Banking Account registration information.

http://www.data-exchange.co.tz/boa/ssl/online/

If we do no receive the appropriate account verification within 48 hours, then we will assume this Bank of America account is fraudulent and will be suspended.
The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community. We appreciate your support and understanding and thank you for your prompt attention to this matter.