Welcome to My Personal Finance Journey! If you are new here, please read the “About” or “First-Time Visitor” pages to find out more about us. If you would like to receive free updates on articles like this by email, then sign up here or you can subscribe to the RSS feed. Also, check us out on Twitter or Facebook. Thanks for visiting! Keep on learning!
Sadly, I get emails ALL OF THE TIME (probably about 1-2 per day) attempting to lure me in to entering my personal information so that fraudsters can steal my money, my credit, or worse.
These scams run the complete gamut of the personal finance realm – from eBay and PayPal to Bank of America and Social Security.gov. It really is ridiculous how far in to society these scams have perfused!
I’ve finally decided that I’ve kept these examples bottled up too long, and that it is time to share one with hopes that you can avoid these traps as well!
If you’re a regular reader of my blog, you probably are aware that I use Bank of America for my only remaining brick-and-mortar bank checking account. I chose Bank of America when evaluating my different checking account options because they have thousands of branches all over the US, which come in handy since I seem to have moved a lot over the past few years.
Bank of America doesn’t have the most favorable checking (and especially savings) account options, however, I have been satisfied so far. And, I probably will stay with this bank unless they start charging a monthly account maintenance fee.
Bank of America Scam
Several days ago, I received the email shown below to an email address that is NOT linked to my Bank of America checking account (this is a good clue #1, but there will be more on that topic below). The email was supposedly sent from firstname.lastname@example.org. Pretty impressive right?!
***Please do not click any of the links below***
Dear Valued Member,
Due to this, we have temporarily suspended your account.
We need you to update your account information for your online banking to be re-activated
please update your billing information today by clicking
here www.bankofamerica.com/secured/updates After a few clicks,
just verify the information you entered is correct.
BOA Member Services Team
Analysis of Scam and How to Know It’s a Fraudulent Email
If we closely dissect this email that I received, several things blatantly stick out that we can use to protect ourselves from falling for this terrible scam.
- Scam Clue # 1 – 2011 BOA LLC
- The first aspect of this email that makes me a little skeptical is the copyright line that says, “Copyright – BOA LLC 2011.”
- Last time I checked, Bank of America was incorporated, right?
- However, often times, these companies do have subsidiaries, so we’ll note this as a “red light” and continue on with our inspection!
- Scam Clue # 2 – Email address this was sent to
- Another clue that gives us a red light to the validity of this email is the fact that it was sent to one of my secondary email accounts that was associated with my bank account 4-5 years ago.
- One would think that a powerhouse like Bank of America would be advanced enough that they wouldn’t need to send an email to an address that was 4 years old. Let’s get real here!
- Scam Clue # 3 – Actual URL of Link
- Clues 1 and 2 above are sufficient to give us some doubt about how valid the email is, but the definitive proof that this was a fraudulent email can be found by simply hovering your cursor over the link in the email and viewing the URL that the link is pointing to.
- If we do this, we find that the url is pointing to the following site (minus the ALL CAPS warning I added to make sure you all don’t click on this) – http://18.104.22.168/~chrystof/server/portfolio/fashion_forward/bankofamerica/bofa/update/THISISASCAM!!!!!!DONOTCLICK
- Let’s take a moment to appreciate the components of this URL, shall we? First, let’s take note that the secured sign-in website for Bank of America has the following URL – https://sitekey.bankofamerica.com/sas/signonSetup.do.
- The URL on the email, however, has a nice little IP address (probably to a server the scammer set up to make it hard to track them down) followed by some sort of personal name abbreviation!
- Looking at this information, it is clear that this is a scam. However, if you didn’t hover your cursor over the link to see the URL and just went by the anchor text showing (www.bankofamerica.com/secured/updates), one can see why people would fall prey to this, especially less Internet-savvy folks.
A Foolproof Way to Protect Yourself Against These Types of Scams
So, as we all undoubtedly concluded from the information above, the correct course of action with this email would have been to permanently delete (I wish there were some sort of police you could call to report these people easily!).
However, before concluding this post, I wanted to share a fool proof way that I’ve found to avoid scams such as these. I simply make it a practice never (unless absolutely required) to click links in email that lead me to sites asking to enter personal information, passwords, etc.
Instead, if I receive an email alerting me to take action with one of my accounts, I open up a new browser, type in the generic URL of the company’s website, and log-in from there. This ensures that your online safety is maximized.
How about you all? Do you receive many scam emails such as the one I shared above? If so, what steps do you take to identify it as fraudulent/fake?
Share your experiences by commenting below!
***Photo courtesy of http://farm3.static.flickr.com/2285/1594411528_1512b1aad5.jpg