From our spam/scam files today we have a Wells Fargo Phishing scam. This email has the subject “Wells Fargo Alert! JEZSLVMYCC” and when we read the email, we are told that we need to confirm our identity in order to agree to their revised terms. Of course the entire email is a big ol’ scam. Let’s take a close look.
Let’s first take a look at the email. The body of the email received here read:
Dear Customer:
Dear Wells Fargo Online Customer:
Wells Fargo is constantly striving to provide you with more convenience, control, and security to assist in managing your finances.
As part of our ongoing efforts to make it easier for you to use our online services, we have revised the Wells Fargo Online Access Agreement that you reviewed and accepted when you began to use Wells Fargo Online ® or Wells Fargo Business Online Banking service(s) and an error occurred.
In order to repair this error, we need you to click here to login and complete the form to confirm your identity.
If not, your account will be automatically deleted from our system. We apologize for any inconvenience this may have caused.
If, after completing the form, you wish to cancel your online services, please contact our Customer Service Representatives through Contact Us within Wells Fargo Online or Wells Fargo Business Online Banking.
We look forward to continuing to provide you excellent service.
Sincerely,
Wells Fargo Online
What they’re doing here is playing on fears – fears that a person could lose access to their bank account. They also count on inexperience of those who aren’t familiar with phishing scams. Both of these factors would probably target the elderly demographic, who are generally more mindful of their money than younger people, and who are often relatively behind the curve in online awareness.
In the email I received, the text was actually just a large graphic, linking to a page at batsadelcentro.com.mx – so you’re in reality being sent to a scammer with a website located in Mexico, not a Wells Fargo website. Notice that the domain is “.com.mx” which could confuse someone into believing it came from batsadelcentro.mx, which appears to be unrelated to this scam.
An very similar copy of this same scam from several years ago can be found here. One has to believe that if they’ve been repeating this email for years, it must work enough to be worth their effort.
If you ever have questions about your bank account, log into the website you know is official, which in this case would be wellsfargo.com, and see if there are any alerts there. Or call them at their known customer service number. Otherwise you could be handing your financial information over to overseas scam artists.
5/24/2012 Update
Another version of a Wells Fargo Phishing scam was spotted today via email. The body of the message read:
Account locked!
To protect your account we had put your funds on hold.
Until you restore your account you cannot access any of your funds.
You cannot make purchases and you cannot withdraw money. You will receive a letter in the mail explaining the situation
If you are the authorized owner of this account and wish to restore it please click the “Continue” button and
follow the steps on the next page.
There is a link with the word “Continue” at the bottom, which actually goes to a Russian website.
Be careful!
7/9/12 Update 2
Yet another variation seen today. The text is as follows:
Dear Customer,
Wells Fargo has been receiving complaints from our customers for unauthorised use of the Wells Fargo Online accounts.
As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.
Due to this, you are requested to follow the provided steps and confirm your online details for the safety of your Accounts.
Please Click Here To Start .
However, Failure to do so may result in temporary account suspension.
Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
The link goes to ekstraturas.com and now Wells Fargo. In other words – don’t click that link!
Facebook
Twitter
Pinterest
Instagram
Google+
Tumblr
RSS