Wells Fargo Phishing

Phishing is a common scam that attacks internet users via email. Its main purpose is to convince a victim to divulge personal information. Phishing emails typically contain links to fraudulent sites where recipients are instructed to enter their prsonal details and unknowingly upload it to criminals.

Phishing scams not only hurt email recipients but the companies they impersonate as well. Some organizations have been tarnished to a point where consumers no longer feel comfortable doing business with them. One prominent financial institution that has been at the center of the phishing controversy is Wells Fargo.

The prominent Wells Fargo phishing scam

Wells Fargo phishing operates by sending an email claiming there may have been unauthorized access to your account, encouraging you to click a link and verify the information. Upon clicking the link, you are redirected to a site that looks nearly identical to the Wells Fargo website. When looking at the HTML code of the website, you will observe that they are almost identical as well.

Wells Fargo phishing scams are so well developed they often penetrate some of the best spam filters. One variation goes away from the traditional phishing structure and doesn't ask that you reply with passwords or account numbers. Instead, it requests that you log in to your account as you normally would, a move that may not raise suspicious for some recipients. When examining the site closer, you may notice that form designated to submit a username and password is a foreign web script and seems to have no relation to Wells Fargo. In this scenario, the form is used to upload the information directly to a scam artist.

After entering your personal details, the site responds by claiming that your login information was incorrect. Here is where an unsuspecting victim might assume the error is a result of the unauthorized access noted in the original email.

The Wells Fargo phishing scam gets more sophisticated when victims stick around the fraudulent website. If you attempt to submit your personal details again, you are then redirected to another website that appears to be operated by Wells Fargo. From there you may be prompted to enter your debit card number, the PIN number, expiration data and the four-digit verification number found on the back. Some variations of this scam will ask for your Social Security as well, claiming that this information is required to verify you as the owner of the account.

Equipped with this information, the con artist now as everything they need to commit identity theft. They can easily call Wells Fargo or make adjustments online, taking complete control of your account. The scammer could change your billing address, order checks in your name and wipe out your account entirely.

How to protect yourself against the Wells Fargo phishing scam

Though very damaging, scams like Wells Fargo phishing are easy to detect. You can spot this one by examining the link within the email. Instead of copying and pasting it into your browser, hover the mouse over it and take note of the status bar; this will display the address of the website to where you will be redirected. The best method involves calling your Wells Fargo representative to verify the legitimacy of the email. Refer to the number on your account statement instead of the one provided in the email. This simple phone call will determine whether or not you were being lured into the Wells Fargo phishing scam.

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
86% of email addresses posted on websites are used by spammers to send unsolicited emails?

63% of all "Remove me from your list" requests are not honored.

Spam accounted for 80% of all e-mail received in 2004, up from 62% in 2003