Bank of America, US Eagle, Walmart, & MORE — Top Phishing Scams of the Week

    Bank of America, US Eagle, Walmart, & MORE — Top Phishing Scams of the Week
    iStock

    This week we’ve found a large number of scams that you need to watch out for, including ones relating to Bank of America EDD, US Eagle Federal Credit Union, Walmart, and more. Would you have been able to spot all the scams?

    Impersonating famous brands, scammers send out fake text messages and emails containing phishing links and try to entice you into opening them with various lies. These phishing links will often lead to fake login pages that will end up asking you for your personal information and/or login credentials. Below are some examples:

    Bank of America (EDD) Scam

    Bank of America is one of the scammers’ favorite companies to impersonate. As we’ve reported several times, they try to trick you into clicking on the attached phishing links, using Employment Development Department (EDD) prepaid cards as a lure — that is, they falsely claim that your debit account is blocked or suspended and prompt you to reactivate it:

    • california employment development dept’ (edd) : bofa edd prepaid has temporarily blocked your debit account. if this was a mistake immediately visit us at:  {URL} msg & data rates may apply
    • еdd Ꭰεbіτ ᏟaᎡᎠ aᏞeᎡt payment information is updated daily and is available through your ui online account υоսr eᎠd Ꮲrераіⅾ βаոk-оf-αⅿеrіса dеbіt cаrⅾ ѕtаrtіոg ԝіth 4427434 ηave penⅾing transactiоn оf $2,106.32 acη Ꮩаⅼսе crеⅾіt. νоτe:>υοur edᎠ prepaiⅾ воfa debit carⅾ hаѕ bееո tеⅿрοrаrіⅼу ѕսѕреոⅾеⅾ ⅾue tο suspicious activity. рⅼеаѕе rе-асtіⅴаtе уοսr саrⅾ ԝіth thе ⅼіոk bеⅼоԝ tо сοոtіոսе սѕіոg. {URL}

    When clicked on, the links lead to fake Bank of America login pages designed to collect all submitted credentials, including your card number, CVC code, and even your Social Security number. With such data, scammers could take control of your bank account and steal all your money.

    Spot the Scam_Bank of America_EDD Scam_Sample fake login page_20221007
    Spot the Scam_Bank of America_EDD Scam_Sample fake login page_20221007_2

    Sample fake Bank of America login page web addresses

    • myprealertsbofa[.]com
    • edds24hr[.]com/visaprepaidprocessing

    Note: The legitimate web domain of Bank of America is bankofamerica.com

    An Easier Way to Stay Safe from Scams — Trend Micro Check

    Trend Micro Check is a browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!

    After you’ve pinned the Trend Micro Check extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).

    TMC_CTA_Extension_2022

    You can also download the Trend Micro Check mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).

    TMC_CTA_Mobile_2022

    Check out this page for more information on Trend Micro Check.

    US Eagle Federal Credit Union Scam

    Similarly, posing as US Eagle, scammers try to convince you that there is a security issue with your account and instruct you to click on a link to resolve it:

    • u.s. eagle federal credit union: an online suspicious activities was detected on your account and your account is temporarily locked. kindly click {URL} to re-activate 

    The link leads to a fake US Eagle login page. Scammers can record any login credentials you enter. Be careful!

    Spot the Scam_US Eagle Federal Credit Union_Sample fake login page_20221007

    Read more about other bank scams and tips to stay protected!

    Phishing links will also often take you to online survey pages that state you can claim a gift by filling out an online questionnaire. Below are some common scams with examples.

    Walmart Survey Scam

    This is not the first time we’ve written about Walmart text message scams. This week, we detected a lot of scam raffle messages featuring the iPhone 14s as a reward:

    • IT’S HERE! The, aII new lPH0NE 14, You are the Iucky WlNNER of (1/7) courtesy phones from Walmart: <URL>

    If you take the bait and click on the attached link, you will be taken to a fake Walmart reward page (online survey page) that says you can win an iPhone 14 Pro once you’ve finished the questionnaire:

    Spot the Scam_Walmart_iPhone 14 Survey Scam_20221007

    Yeah, it sounds too good to be true! You could end up revealing all your credentials, such as your home address or credit card information, to scammers. Watch out!

    Spot the Scam_Walmart_iPhone 14 Pro Survey Scam_20221007_2

    We also discovered similar scams that utilize fake rewards pages to try to trick you:

    • Item for +64274368998: Can you please confirm if this stuck deIivery belongs to you? <URL>

    The excuses scammers use may vary, like a fake delivery notification for example, but their ultimate goal is to get you on the fake online survey page and steal all your credentials:

    Spot the Scam_Survey Scam_Samsung Neo QLED 4K TV_20221007
    Spot the Scam_Survey Scam_Samsung Neo QLED 4K TV_20221007_2

    How to Protect Yourself from Phishing Scams

    • Pay close attention to URLs — are they legitimate?
    • Double-check the sender’s mobile number.
    • Free gifts and prizes are always a major red flag.
    • Go to the official website/application instead of using links from unknown sources.
    • Never click on links or attachments from unknown sources. Use Trend Micro Check to surf the web safely (it’s free!).
    • Add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. Click the button below to give it a try:

    Did you successfully spot all the scams? As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected. Also, please consider clicking the LIKE button below.

    Post a comment

    Your email address won't be shown publicly.

    0 Comments