Wells Fargo Phishing Scam Report

May 22, 2022 0 Comments

First of all, I must explain what phishing is. Phishing is basically the act of tricking a victim into revealing information. It involves receiving an email message with a link to a website where the victim would enter personal information. In this particular scam, you receive an email from “Personal Banking: [email protected]” stating that there may be some unauthorized access to your account and that you should click the link and log into your account and verify certain information . When you click on the link, you are taken to a site that looks identical to the Wells Fargo site.

If you look at the HTML code of the site, you will notice that they are almost identical. One thing about this scam that was somewhat surprising is that the message got past my G-mail spam filter. This is slightly different than the scams I’ve seen before, as they don’t ask you to reply to this email with your account number like most others, and they don’t ask for passwords or anything like that. They simply ask you to log in, as you normally do, which would not surprise normal users. On closer inspection of the site, you’ll notice that the forms send the entered data (username and password) to some foreign script and not to Well Fargo. Most likely, the scammer is receiving all usernames and passwords via email. After you submit your information, the site responds that your password is incorrect. Here, an unsuspecting victim would assume this was due to the alleged unauthorized access mentioned in the email.

If you try to submit information several more times, it will take you to another Wells Fargo-like page called “Online Banking Verification.” Here they ask for your SSN number, your ATM card number, expiration date, pin number, and CVV2# (4-digit verification). Using the ATM information, the scammer could max out your debit card. With all the rest of the information you’ve gathered, it wouldn’t be hard at all to call Wells Fargo and basically take over your account. You could change billing addresses, get checks for your account, and just delete it.

How to spot scams like this

Scams like these are usually easy to spot, but this one in particular was a bit tricky, however there are some basic methods you can use to spot these types of scams.

First of all, check the link. Although the link appears to go to the Wells Fargo website, if you let your mouse hover over the link for a while and look in the status bar, you will get the actual address of the link. In this case, the scammer used only an IP address from your domain or machine. However, this can be overridden online (if the scammer changes the status bar) and sometimes even in your email, depending on your security settings.

Check the address bar. In this case, the address bar reported that the website was also from the scammer’s IP address. Long story short, it didn’t say http://www.wellsfargo.com. Very rarely would a scammer fake this. However, they can employ other tricks like buying a domain name with a slight spelling difference that the user might not notice, or simply loading the link in a new window and hiding the address bar altogether.

Ultimately, the only fully proven method to avoid falling victim to a scam like this is to simply call and verify information over the phone. Keep in mind; do not use a phone number in the email if one is provided. Open your phone book and locate your company number and ask them about it.

Just remember, if it looks fun and feels fun, it’s probably a scam. Never reply to such emails to obtain sensitive personal information such as account information and SSN.

Below is a copy of the email for your review and amusement. The link is active, however, DO NOT ENTER ANY PERSONAL INFORMATION ON THESE FORMS. THIS IS NOT THE WELLSFARO WEBSITE.

Kevin A. Lloyd.

From: Personal Banking [email protected] >

To: [email protected]

Date: June 2, 2005 2:22 PM

Subject: Security Advisory #291240 Wells Fargo Online Banking Account

Update needed!

Dear member,

We recently reviewed your account and suspect that an unauthorized third party may have accessed your Wells Fargo Internet Banking account. Protecting the security of your account and the Wells Fargo network is our primary concern. Therefore, as a precautionary measure, we have temporarily limited access to sensitive account features. To restore access to your account, please follow the steps below to ensure your account has not been compromised:

1. Sign in to your Wells Fargo Internet Banking account. In the event you are not enrolled in Internet Banking, you will need to use your Social Security Number as your personal ID and password and fill in all required information, including your name and account number. 2. Review your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure no changes have been made. If any unauthorized activity has had p! on your account, let Wells Fargo staff know right away.

To get started, click on the following link:

[https://online.wellsfargo.com/signon?LOB=CONS]

We apologize for any inconvenience this may cause and appreciate your help in helping us maintain the integrity of the entire Wells Fargo system. Thank you for your prompt attention to this matter.

To be honest,

The Wells Fargo Team

Leave a Reply

Your email address will not be published. Required fields are marked *