Date: Jul 10, 2015 12:35:21 PM
From: Bank Of America <firstname.lastname@example.org>
Reply To: email@example.com
Subject: Unauthorized activity on your online account
Dear Bank of America customer, We have recently detected that a different computer user has attempted gaining access to your online account and multiple passwords were attempted with your user ID. It is necessary to re-confirm your account information and complete a profile update. You can do this by downloading the attached file and updating the necessary fields. Note: If this process is not completed within 24-48 hours we will be forced to suspend your account online access as it may have been used for fraudulent purposes. Completion of this update will avoid any possible problems with your account. Thank you for being a valued customer. © 2015 Bank of America Corporation. All rights reserved.
This phising email includes an attachment in the from of an html file. The html file includes a form that replicates a page of Bank of America. When you enter your information and send them it sends the information to ”http://jhingenieria.cl/wp-includes/wp-def.php”. This domain is based on Chile and has no relationship with Bank of America.