Archive
This post is archived and may contain outdated information. It has been set to 'noindex' and should stop showing up in search results.
This post is archived and may contain outdated information. It has been set to 'noindex' and should stop showing up in search results.
Scam Text Message from 855-254-9217 us-bankofamerica.com
Sep 11, 2016Web and InternetComments (0)
Lately there has been a scam text message going around trying to trick people into thinking their Bank of America account has been compromised in some way. It contains a fake authorization code, and a link to "block" the transaction.
Here is the full text of the message:
(The 6-digit code may be different for each person.)
For me, the text message came from the phone number (855) 254-9217. The text message looks somewhat legitimate, and the link domain name also looks like it could possibly be legitimate (us-bankofamerica.com). Honestly, I am surprised a scammer was able to acquire that domain name.
If you follow the link, it redirects you to this page if you're on mobile (if on desktop, it gives a server error):
The page looks pretty good. They copied the style of Bank of America quite well:
Looking closer though, and there are several obvious signs that it was fake:
WHOIS
I looked at the WHOIS information for us-bankofamerica.com. It has domain privacy protection, which Bank of America doesn't use on their official domain. And it also has a couple domain name servers (DNS) that are very shady, and not the DNS used for Bank of America's official domain:
Checking those domain name servers on Google and it appears these servers are used on other scam/malware websites.
What To Do
If you didn't follow the link and type in your information, you can just delete the text message. If you did type in your information, you should probably contact Bank of America for more assistance by going to this website:
www.bankofamerica.com
(Copy and paste it into your browser URL bar)
Here is the full text of the message:
Bank Of America: 234567 is your online payment authorization code. If you didn't request the code, follow www.US-BankOfAmerica.com and block the transaction.
(The 6-digit code may be different for each person.)
For me, the text message came from the phone number (855) 254-9217. The text message looks somewhat legitimate, and the link domain name also looks like it could possibly be legitimate (us-bankofamerica.com). Honestly, I am surprised a scammer was able to acquire that domain name.
If you follow the link, it redirects you to this page if you're on mobile (if on desktop, it gives a server error):
http://www.us-bankofamerica.com/PhoneVerification.php
The page looks pretty good. They copied the style of Bank of America quite well:
Looking closer though, and there are several obvious signs that it was fake:
- The copyright date is 2015
- All of the footer text is just an image, not text
- Bank of America doesn't expose any file extension in the URLs on their official website (and probably doesn't use PHP)
WHOIS
I looked at the WHOIS information for us-bankofamerica.com. It has domain privacy protection, which Bank of America doesn't use on their official domain. And it also has a couple domain name servers (DNS) that are very shady, and not the DNS used for Bank of America's official domain:
dns2.dnsxsystem.pw
dns1.dnsxsystem.pw
Checking those domain name servers on Google and it appears these servers are used on other scam/malware websites.
What To Do
If you didn't follow the link and type in your information, you can just delete the text message. If you did type in your information, you should probably contact Bank of America for more assistance by going to this website:
www.bankofamerica.com
(Copy and paste it into your browser URL bar)