my account with Bank of America. The link provided is
profile/step1.htm and the promise is "Note: We will be upgrading our
yearly SSL EncryptedServer to prevent fraudulent activity. Since I
have never in my life done any business with B of A, I assume that
126.96.36.199 is not the bank's DNS and that this is what they call
'phishing'. Am I right?
Yes. I'm surprised thaat you've only recently realised this, as I
believe you've been lurking and posting here for quite some time.
Very transparent for me, maybe less if you really have an account
I can't imagine anyone who's had an email account for more than six
months failing to realise that essentially all such emails are
password-phishing frauds. Therefore I presume that the targets of these
attacks are (a) teenagers operating their first bank-account, and (b)
people who are very new to the internet (do such people exist???). And I
would have thought that most teenagers were already wise to email fraud;
so it beats me how anyone falls sucker to these people.
On a related note: one of my own banks has particularly good online
security, with rather detailed id-checking and so on. And yet they do
regularly send me email, which I don't want (it's nearly always an
attempt to cross-sell me insurance or something), and which therefore
gets mixed-up with my spam. How do they expect people to show the
necessary wariness about unsolicited banking email, and then go ahead
and send *real* unsolicited banking email themselves?
I've told them off about this, and I no longer get these messages; but I
doubt they've extended the coutesy to the rest of their customers.