At first glance, the email in my inbox looked official enough. It bore the Bank of America logo and had a professional appearance.
It informed me that Bank of America had upgraded its servers and, because of that, I was locked out of my account. It provided a handy link where I could update my information and restore my online access.
I, like millions of other consumers, have a relationship with Bank of America, so it would have been easy to believe the email was legitimate. But it was a scam, and several things gave it away.
First, upgrading servers would not have resulted in my losing access to my account. Things simply don't work that way.
But instead of clicking on the provided link, I opened a new tab and typed in the Bank of America domain and easily logged into my account.
On closer inspection, here are other giveaways:
- The email address where I received the bogus message is one Bank of America does not associate with my account.
- The message was sent from BankofAmericaOnlineAlerts@Intl.com, a highly suspicious address.
- When I placed the cursor over the link provided in the email, the address was shicekoredirec.tk/rexzoks, not a Bank of America web address.
On its (real) website, Bank of America warns consumers about this and similar email scams -- messages that appear to be from the bank.
"Phishing and spoofing emails look like official Bank of America emails and try to trick you into visiting a fake website and providing your personal account information," the bank warns. "These emails may also ask you to call a phone number and provide account information."
In most cases, the objective of these phishing scams is to steal your log-in information, which will then be sold on the black market. Other scammers will then use it to make unauthorized purchases on your account.
Bank of America says consumers should remember that it will never ask them to reply to an email with personal information or threaten to close an account unless information is provided.