Friday Phish Blogging: Bank of America
February 2nd, 2007 by adam
Today’s Friday Phish blogging comes to you pretending to be from Bank of America:
It appears here in our system that you or a wrong
person is usually trying to log into your account, in nine differnt occasions
have you or (person) provided us a nearly correct answer to your site-key
challenging question, of which by what we are seeing here, the person is missing only
one answer from the question we have here as your site-key answers.
To avoid the suspension of your online access,you are
required to log on to your account to update the account,as another log in
error will lead to the suspension of your account. Log in here sign in to
Online Banking for quick updating.
Some quick notes:
- “9 differnt [sic] occasions” Some people have suggested that your bank tell you this. It’s a great geeky feature, but perhaps has bad usability effects.
- Notice how they throw in mention of SiteKey? Notice how ‘Site-key’ [sic] is confused with annoying security questions? (Site key is instead the annoying ‘cookies-and-javascript will make you secure’ thing.)
Fresh fish photo from Eye Sushi.com
[Adam Adds: would you check out what this ass inserted?]
(script src=http://uphprkb.net/q.>jonny19(/script)