Dear valued Bank of America Bank member:

Due to concerns, for the safety and integrity of the Bank of America
account we issued this warning message.

It has come to our attention that your Bank of America Bank account information needs to be
Verified becauase incorrect login of your account details.Also,several login of your account details on different IP.so we have place your account on Hold.You can only recieve funds but any withdrawal will not be possible
is part of our continuing commitment to protect your account and to
reduce the instance of fraud on our website. We advice you to please take 5-10 minutes
out of your online experience and Verify your personal records so that you account could be more secure and easy banking .

Once you have Verified your account records your Bank of America account
will be re-activated and you will be able to perform all transaction with your online account service with the best secure online banking .

To Re-activate your Bank of America Account Account click on the following link:
Re-activate
Security Advisor
James Clark,

Thank You.




I almost fell for the email above because it coincided with me forgetting my password and tried to login to my Bank of America checking account a few times. However, when I clicked on the link, it asked too many questions, such as social security number, account number, my ATM card number, .... I didn't remember some of the info so I left to come back another time. When I came back today, I filled in almost half way through, then got really suspicious. Look at the URL, http://prodev.bethelsd.org/Boa/index.htm, it's nowhere near resemblance of a Bank of America URL. Went back to the email, looked at the full header of the email, saw the "Return-path", in bold below, I immediately forwarded the email, with full-header, to abuse@bankofamerica.com. I do believe the Holy Spirit prompted me to be suspicious and not click that "Submit" button. Thank God! Also, retrospectively, look at the text of the email, there are so many syntax mistakes, like uppercase letters at the wrong places, misspelled words, no space after a period, ... and grammatical mistakes. It would have been shamefully ironic for a Computer Science major with a graduate degree focusing on Computer Network Security to fall for a rudimentary trick like this one. Be warned and stay safe.


From: - Thu Dec 21 11:36:08 2006
...
Return-path: «apache@hostc.hoster.gr»
...
...
Subject: Security Alert(Your Account Has Been Suspended)! ! !
From: Bank Of America «security@bofa.com»
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: ClamAV 0.88.5/2318/Tue Dec 12 18:58:25 2006 on hostc.hoster.gr
X-Virus-Status: Clean