CHARLOTTE, N.C. An imposture discovered this week at Bank of America Corp. is yet another example of fraudsters growing use of e-mail, though an official with the company could not recall e-mail being used this way before.
The nations largest consumer bank and the Federal Bureau of Investigation say an e-mail sent to thousands Bank of America customers and others purported to be from B of A and that the sender tried to get recipients to divulge their account numbers and other personal information, presumably to infiltrate accounts, make credit card purchases, or steal identities.
Robin Warren, Bank of Americas top privacy executive, said Thursday, Weve seen phony Web sites set up, but Ive never seen an e-mail that initiated contact toward this end. But it is not unusual for telemarketers pretending to be bank employees to try to get peoples account information, she said.
The sender claimed to be from the Charlotte companys electronic-commerce division and said the company needed to verify customers information for a systems upgrade, said Bank of America spokesman Brad Russell. Recipients were directed to a Web page designed to resemble B of As Web site, and at the phony site were asked to enter account numbers and other data.
According to data from the National Consumers Leagues National Fraud Information Center e-mail was used in 18% of Internet scams in the first 10 months of 2001, up from 12% in 2000. Web sites accounted for 78% of the initial contacts, the center said.
Only a couple of hundred of those who got the bogus e-mail this week were Bank of America customers, Mr. Russell said. He said that about 4.4 million of its 27 million customers bank online and that its computer systems were not affected in any way.
Bank of America issued a press release and alert on its Web site Wednesday afternoon urging customers to guard their personal information closely.
It was not clear Thursday how many people supplied information. That is among the questions the FBI and Bank of America investigators are asking.
B of A may have headed off a more serious problem by spotting the come-on within a few hours. Ms. Warren said the companys information security team scans the Internet regularly for this sort of thing. Once this e-mail was found B of A officials contacted the Web site hosting service, which shut down the site immediately, though the e-mail did provoke a few angry phone calls, Ms. Warren said.
Experts say the best way to contain Internet fraud and other scams is to get people informed.
Consumers who are in their first six months to a year of online usage, where they generally are almost by definition newbies, theyre the most vulnerable for these kinds of things, said James Van Dyke, a research director in the financial services group of the New York consulting firm Jupiter Media Metrix.
Mr. Van Dyke said banks and other businesses must tell their customers about online fraud and how to avoid it. But consumers have to do their part, he said. The new rule online is, let the browser beware.
Ms. Warren, however, said: I dont think we can do anything about this, any more than we can do something about folks who call on the phone saying theyre from the bank. We feel like the best thing to do is educate our customers. Just like on the telephone, you shouldnt be giving out information on the Internet either.
Im sure well see more of these things, and other banks may be affected.
Related Content Online
