An E-mail campaign is trying to pry personal financial data from Bank of America customers and others.

George V. Hulme, Contributor

March 4, 2003

2 Min Read

Bank of America Corp. is warning its customers to be aware of a fraudulent E-mail that was sent out this week to lure unsuspecting customers to a spoof Web site designed to steal personal information. The bank says it knows of less than 75 customers who fell for the scam so far.

The scam consists of an E-mail that appears to have originated from the bank's customer-support department and includes links to a Web site, now disabled, that asks visitors to reveal their personal information, including banking passwords. "We never, never ask for that information," a Bank of America spokeswoman says.

While the site was designed to look like an actual Bank of America site, the E-mail sent was littered with grammatical errors, which may have clued some recipients of the letter that it was indeed bogus.

The E-mail seems to have been sent to BofA customers and other people, too, the spokeswoman says. The incident is being investigated by the Secret Service, and it's similar to cons directed at First Union Bank and Discover Card customers. BofA says the fake site was shut down in about 13 hours.

None of the bank's IT systems was compromised, the spokeswoman says, but she declined to comment further because the incident is under investigation.

Bank of America is advising its customers to:

• Discriminate when providing personal information, Social Security numbers, and account or credit-account information over the phone, in person, or on the Internet.

• Review a Web site's URL as a way to check its legitimacy. Is the spelling correct? Does it look suspicious?

• Notify the bank of suspicious phone or E-mail inquiries such as those asking for account information to "verify a statement" or "award a prize."

About the Author(s)

George V. Hulme


An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights