Over the last day or so, a Twitter feed claiming to be a support channel for Bank of America has been sending links and messages to anybody having issues with their accounts.
Here’s the dubious BoA Twitter account in question:
The message reads as follows:
Dear customer, as part of our security measures against fraud, we recommend all our customers perform a security check on their account now. Log in via our secured area [url removed] to secure your account. Thank you.
In most cases, they direct people to a URL where they can supposedly fix their problems, which is
sclgchl1(dot)eu(dot)pn/index(dot)html
They’ve also been seen asking for credentials directly via DM (Direct Message).
They appear to be using that classic Twitter phishing technique: look for people sending help messages to an official account, then inject themselves into the conversation.
Here’s a sample list of messages they’ve been sending to BoA customers:
Some things to note: the Twitter account is not verified, and the page collecting personal information is not HTTPS secured which is never a good sign where sending banking credentials to someone is concerned. If you land on their page with JavaScript disabled, you’ll be asked to switch it on again:
The page resembles a Bank of America login page, and says:
As part of our security measures to protect your account against fraud and scam activities. You need to pass through our security verification protocols to view your account. Please bear with us. Thank you.
The site asks for the following information: Online ID, Passcode, Account Number, Complete SSN or Tax Identification Number and Passcode. Once all of this information is entered, the victim is redirected to the real Bank of America website.
At time of writing, the site is being flagged by Chrome for phishing:
We’ve also spotted another page on the same domain which looks like a half-finished Wells Fargo “Security Sign On” page:
We advise customers of BoA to be very careful where they’re sending account credentials – note that the official BoA Twitter feed has a Verified icon, and that small but crucial detail could make all the difference where keeping your account secure is concerned.
Christopher Boyd (Thanks to Jovi for additional research)
