Phishing Example: Irregular Activity

October 20, 2016

Why is this a Phishing message?

This phishing message is a little unusual.  It contains multiple threats to the recipient:

  • The message contains file attachments from an unknown sender that may contain malware.  Never open file attachments unless you are expecting them and they are from a reliable source.
  • The account sign-in fields in the message are intended to capture the recipient's login credentials.

Original Message:

From: BankOfAmerica
Subject: Irregular Activity
Date: 10/20/2016 7:27 AM

We have detected irregular activity on your account on the date 10/20/2016. For your protection, we have temporary limited your account.
In order to regain full access to your account, you must verify this activity before you can continue using your account. We have sent you an attachment , open it and follow the steps to verify your account. Once completed, please allow up to 48h to update.

Copyright © 2016 BankOfAmerica, All rights reserve


Home Client access Update Authentication  
  Sign On to View Your Accounts
Enter your Online ID and Passcode to securely update or manage your Bank Of America account .

Online ID

About Bank Of America | Careers | Privacy, Security & Legal | Report Email Fraud | Sitemap | Home

© 1995 - 2016 Bank Of America. All rights reserved.NMLSR ID 399801


Warning:  The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.

The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).

How to report phishing:

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to