IT IQ: Wells Fargo Phishing

Always interesting to get and look over a phishing email, as I did today. The email, purportedly from Wells Fargo, was boldly titled “Important Notice Regarding Your Account”, showed “Wells Fargo” in the From header line, with the official Wells Red square logo below the address block. The email address behind the From line was … Continue reading “IT IQ: Wells Fargo Phishing”

Picture of Wells Fargo logo

Always interesting to get and look over a phishing email, as I did today.

The email, purportedly from Wells Fargo, was boldly titled “Important Notice Regarding Your Account”, showed “Wells Fargo” in the From header line, with the official Wells Red square logo below the address block. The email address behind the From line was smrfc@notify.wellsfargo.com. The rest of the email is copied below,

with an asterisk added in the address so you don’t accidentally click it.

The key giveaway feature of these phishing emails is the helpful link you can click on to log in and solve the problem. Everything else in the content is intended to get you to trust and click. So the first rule you should follow is never click the included link. If you want to validate that you really have a problem then open your web browser, navigate to your bank’s site, authenticate, then check for warning messages.

My attention was also caught by the phrase “forced to suspend your account indefinitely”. While a bank may freeze a compromised account, no bank will lock you out of your funds and on verification with you may transfer funds to a different account number. This phase was included to alarm you with a tight deadline and severe consequences, so you’ll be more likely to click.

Don’t fall for these scams. At best they might lead to a software download that would compromise your computer. At worst they will clean out your bank account and try to find linked accounts to do the same.

Stay Safe online!

– Ken


Dear Wells Fargo Member:

We recently have determined that different computers have tried to log in to your account. Multiple password failures automatically places your account on hold.
We now need you to re-confirm your account information to us.
If this is not completed by December 03 2014, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes.
We thank you for your cooperation in this manner.

To remove limitations from your account click on the following link:

https://online.*wellsfargo.com/cgi-bin/Logon.aspx?sd

Thank you for being our customer.