BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Phishing Scams: Chase, Bank of America, Sun Trust

Alert — There is a massive new bank fraud phishing scam being conducted via email. The website address that appears in the body of the email looks valid; however, if you view the source, you will see a bogus domain name. Clicking on the link will take you to an unauthorized website. Should you receive one of these emails, DO NOT reveal your private information.

Examples:

Subject: SunTrust Bank reminder: notification Tue, 16 Jun 2009 10:06:37 -0300

Reference Number: 20091919664020

Online Treasury Manager Confirmation Form.

Dear Customer,

As part of the new security measures, all SunTrust Online Treasury Manager users are required to complete Online Treasury Manager Confirmation Form. Please complete the form as soon as possible.
* To access the form please click on the following link:

http://onlinetreasurymanager.suntrust.com/ibswebsuntrust/cmserver/ccare/default/cform.cfm?id=3081079390068176417033060820680455426793542263056&email=my@emailaddress.com.

 

SunTrust Bank, Member FDIC. © 2009 SunTrust Banks, Inc. SunTrust is a federally registered service mark of SunTrust Banks, Inc.
Live Solid. Bank Solid. is a service mark of SunTrust Banks, Inc.

This email was sent on behalf of SunTrust Customer Care, 1575 Lemon Farris Road, Cookeville, TN 38506.


The above is criminal attempt at bank fraud. The hidden URL actually takes you to onlinetreasurymanager.suntrust.com.hiilff.net


Subject: Chase Bank: alert – online client form released.

Note: This is a service message regarding the Chase Customer Form.

Dear customer:

As part of the new security measures, all Chase bank customers are required to complete Chase Customer Form. Please complete the form as soon as possible.

To access the form please click on the following link:

http://chaseonline.chase.com/Secure/webform/OSL.aspx?LOB=84064245071871982084785953907115353560172752347916009775207850

Thank you for being a valued customer.

Sincerely,

Chase Customer Service

Please don’t reply to this Alert.


The above is criminal attempt at bank fraud. The hidden URL actually takes you to http://chaseonline.chase.com.il1ifi.com.mx


Subject: Bank of America customer service: important message [message ref:

Message from Customer Service

We would like to inform you that we have released a new version of Bank of America Customer Form. This form is required to be completed by all Bank of America customers.

Please follow these steps:

1.Open the form at http://www.bankofamerica.com/srv_37447993/customerservice/securedirectory/cform.do/cform.php?id=438646285236118062405358479406787325837698602578055323.
2.Follow given instructions.

Because email is not a secure form of communication, please do not reply to this email.
If you have any questions about your account or need assistance, please call the phone number on your statement or go to Contact Us at www.bankofamerica.com.

Bank of America, Member FDIC.
© 2009 Bank of America Corporation. All Rights Reserved.


The above is criminal attempt at bank fraud. The hidden URL actually takes you to http://www.bankofamerica.com.srv_37447993.hflij1.net


WARNING: Do not visit the above sites! If you receive an email like these, report it to the bank’s fraud division.

One Response to “Phishing Scams: Chase, Bank of America, Sun Trust”

RSS BugTraq

  • [SECURITY] [DSA 2100-1] New openssl packages fix double free
    Posted by Moritz Muehlenhoff on Aug 30------------------------------------------------------------------------ Debian Security Advisory DSA-2100-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff August 30, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : opens […]
  • Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
    Posted by security curmudgeon on Aug 30: 1. OVERVIEW : : The QtWeb Browser application is vulnerable to Insecure DLL Hijacking : Vulnerability. Similar terms that describe this vulnerability have been : come up with Remote Binary Planting, and Insecure DLL : Loading/Injection/Hijacking/Preloading. : 3. VULNERABILITY DESCRIPTION : : The QtWeb Browser applicat […]
  • [ MDVSA-2010:165 ] libHX
    Posted by security on Aug 30 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:165 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libHX Date : August 30, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1 _________________________ […]
  • {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
    Posted by Lostmon lords on Aug 30################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browse […]
  • R7-0036: FCKEditor.NET File Upload Code Execution
    Posted by HD Moore on Aug 30R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector  in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulne […]