I just got an email which tries to phish Bank of America’s customers who use the SiteKey (PassMark) technology. The message tries to get people to disclose their credentials by masking the real website address (which only works under IE, and not under Firefox, which I am using in this situation).

Take a look at these images – screenshots:

(a) This is a screenshot of the original phishing email.

(b) The “verification” link in the email takes you to the file below (click on the image to see the complete representation)

(c) If you click on “Continue”, it takes you to another page where you’ll notice that under Internet Explorer, the script tries to cover the original address bar to show the “bankofamerica.com” url. Obviously not working under Firefox on a Mac.

d) And here is the larger text

e) Some of the images appear to come directly from the BofA original site.