There is apparently a new phishing scam making the rounds. Cybercriminals are reportedly targeting customers of the Bank of America (BOA) with a phishing campaign, designed to steal personal and financial information.
The scam allegedly involves hackers sending out phishing emails to BOA customers that tricks them into clicking on malicious links.
The phishing email, which reportedly poses as an official email from the bank, informs users that their bank account has been imposed with new limits, which can only be gotten rid of by providing proof of the account's ownership. In other words, the phishing email is cleverly designed to trick users into divulging their login credentials and personal information.
According to a report by HackRead, the phishing email has been designed to trick users into clicking on a malicious link that redirects victims of the scam to a fake BOA page, prompting them to type in their login credentials to "sign in."
However, the hackers are allegedly not satisfied with just the victims' login credentials. The scammers also look to harvest victims' personal and financial information by asking them to fill up a form. Victims are prompted to provide sensitive data, including first and last name, address, city, zip code, mobile number, email address, credit card number, card expiry date and CVV number.
HackRead reported that cybercriminals are operating the scam via Russia-based hosting provider called "Beget." The hosting provider has allegedly been informed about the phishing campaign, however, it is unclear if any action has been taken to shut down the scam.
It is also unclear how many victims have been targeted successfully by the scam.