Free tech support / small logo


Is the Wells Fargo Alert Update a legitimate email?

I just got an email from my bank - Wells Fargo - that says "Wells Fargo Bank technical department is performing alert upgrade to improve the security of our online banking notifications as part of our enhanced security measures". Not suspicious, except the next line says "This is mandatory validation exercise for all Wells Fargo Bank customers. During the database upgrading exercise we discovered a credit advice of a substantial inflow in your favor." What? Is this legit? I clicked on the link and it sure looks like Wells Fargo, but I'm scared to proceed in case it's some criminal phishing hack or other.

Dave's Answer:

You're right to be suspicious and skeptical. What you've received is indeed a phishing scam and is not a legitimate email warning from Wells Fargo. If nothing else, Wells has writers with a much better sense of grammar. Go read those sentences again, you'll see what I mean. Still, grammar isn't the first red flag I saw in this email, but rather the obvious enticement of "we upgraded our database and found you had extra money".

Does anyone fall for that sort of thing? And if this were from a bank, would they email you this information rather than send you a letter of explanation?

Unfortunately, people do fall for this sort of thing, skim messages, and don't really pay close attention to either the wording or the URL on the link itself.

Let's have a look at this phishing scam...

First off, here's the email I received. I imagine yours was very similar:

wells fargo phishing email 1

Not really legit, but it certainly looks realistic and even the sender address looks correct, "alertservice@wellsfargo.com". But my email program does something that yours might do too: leave your cursor on an embedded link and it'll show you the destination URL:

wells fargo phishing email 2

"wo.to"? The ".to" domain is the island of Tonga. Really. So why the heck would Wells Fargo be using an offshore server? The answer is obvious. They aren't.

Still, what happens if you click on the domain? If you're lucky, your Web browser has some anti-phishing filter already installed and pops up a warning:

wells fargo phishing email 3

But maybe it doesn't -- or you're skeptical or lured by the promise of additional money dropped into your account -- and you end up on the site itself:

wells fargo phishing email 4

This looks totally legitimate and valid, doesn't it? Very impressive. In fact, if you enter a zip code to find an ATM, it'll even take you to the proper page on the Wells site itself:

wells fargo phishing email 5

Back on the fake site, though, if you were to log in using your proper credentials, which is of course the entire point of this sort of phishing message in the first place, you'd even be taken to a legit Wells Fargo page:

wells fargo phishing email 6

No surprise, though, it still says "Sign On" because you didn't actually sign in to the real site in the first place, you just gave your login credentials to the criminals who will quickly log into your real site, change your password, then drain all the money into one of their own accounts.

That's how these work. Your best rule of thumb for avoiding phishing attacks? Be incredibly skeptical and never click on any links included in email messages. That's it. If you think this might be a real message from Wells Fargo, for example, simply type in "wellsfargo.com" into your Web browser and see whether there's a real message from the bank or not.

And be careful out there...

Also check out:



Categorized: Computer and Internet Basics   (Article 10096, Written by )
Tagged: , , ,
Previous: Change document owner's name in Microsoft Word for Mac?
Next: How do I install a Theme in Google Chrome?




Subscribe!
Never miss another Q&A article! Click to subscribe: Add to Google Reader Add to My Yahoo! Subscribe in NewsGator RDF XML
Comments (1) · Add Comment

I clicked on almost all of the click ons at the end of the email and could not click on "About Wells Fargo" and, also could not click on "PRIVACY & Security". Imagaine that.
But these guys are good. Almost ricked me.

Posted by: Sabroso at March 31, 2012 11:08 AM
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you for all your efforts on this Web site by buying you a cup of coffee!
I do have a comment, now that you mention it!











Remember personal info?


Please note that I will never send you any unsolicited email. Ever.

While I'm at it, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site.









Recent Entries


Search
I Need Help!
Need Help? Ask Dave Taylor!

Even More Help

film blog - social media / blogging speaking - business blog - Colorado photography - free tech support
© 2002 - 2012 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

[whiteboard marker tray]
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.