Security News > 2020 > June > Credential phishing attack impersonates Bank of America

The phishing email leads recipients to a phony BOA landing page in an attempt to steal their banking credentials, according to Armorblox.
A blog post published Thursday by security provider Armorblox explains how a recent phishing campaign impersonates Bank of America.
In this attack, which hit the inbox of an Armorblox customer, the recipient receives an email that claims to come from Bank of America with a request and link to update their email address.
Clicking on the link takes the user to a credential phishing page built to resemble the Bank of America home page.
Though the sender's name of Bank of America was spoofed, the email was sent from a personal Yahoo Mail account via SendGrid.
News URL
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- How New AI Agents Will Transform Credential Stuffing Attacks (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Australian pension funds hit by wave of credential stuffing attacks (source)
- Phishing kits now vet victims in real-time before stealing credentials (source)
- iOS devices face twice the phishing attacks of Android (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)