Identity thieves are constantly looking for new ways to trick consumers into revealing personal information in response to phishing emails. Their latest ruse is to disguise themselves as Verified by Visa.
Your Bank of America card has been automatically enrolled in the Verified by Visa program, one version of the email says. To ensure your Visa card's security, it is important that you protect your Visa card online with a personal password. Please take a moment, and activate for Verified by Visa now.
Verified by Visa is a legitimate service that adds an additional layer of security to online credit card transactions. If your card is part of the Verified By Visa program, anyone using your card must use a password to complete the transaction.
But anyone responding to this email would not be enrolling in the program. Instead, the link in the email would take them to a duplicate site, controlled by the scammer.
There, they would be asked to enter their credit card information, and might even be asked to divulge the kind of personal information that could be used to change the cards billing address, or even steal the card holders identity.
The return address on the email is firstname.lastname@example.org. Bank of America has been a favorite target of phishing scams lately. Security experts say thats because its such a big bank with lots of customers. Recipients of the email who are Bank of America customers are more likely to fall for the ruse than those who arent.
The dead giveaway that this particular email is a scam is the last line: Please note: If you FAIL to update your Visa card, it will be temporarily disabled.
Security experts note that scammers also use fear or pressure tactics to get recipients of their spam emails to comply.