Security News > 2020 > June > Credential phishing attack impersonates Bank of America
2020-06-18 16:52
The phishing email leads recipients to a phony BOA landing page in an attempt to steal their banking credentials, according to Armorblox.
A blog post published Thursday by security provider Armorblox explains how a recent phishing campaign impersonates Bank of America.
In this attack, which hit the inbox of an Armorblox customer, the recipient receives an email that claims to come from Bank of America with a request and link to update their email address.
Clicking on the link takes the user to a credential phishing page built to resemble the Bank of America home page.
Though the sender's name of Bank of America was spoofed, the email was sent from a personal Yahoo Mail account via SendGrid.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Australian pension funds hit by wave of credential stuffing attacks (source)
- Phishing kits now vet victims in real-time before stealing credentials (source)
- iOS devices face twice the phishing attacks of Android (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)