This recent phishing email came very close to actually being clicked on, and I thought it would be interesting to see what these cunning phishermen got right and what gave them away (click image for enlargement).
What went right (for them):
1. Relevance. I get all sorts of fake messages from banks I've never heard of, much less banked at. But do have an account at BOA.
2. The footer looks pretty official and the Olympics rings are a very thoughtful touch. The overall layout is fairly clean, too.
3. The first six words in the first paragraph: "Because of unusual number of invalid login attempts...". Sounds plausible, especially after you've scanned the message, saw the logos and the footers and started feeling comfortable.
What went wrong (for them):
1. The first giant red flag was the @support.com address in the "From" field. You might think that BoA is outsourcing its customer support to support.com, but if you are faking an email address, why not fake BoA's?
2. The entire "that, their..." mess in the first line. A huge letdown after such a promising opening.
3 "Ensure your identity"?
4. They are overdoing it in the last line where "It is all about your security."
5. No contact information.
6. The very first sentence, of course: "Your Online Banking is Blocked".
After so many red flags, there is no need to check the URL under "Continue to Online Shopping" (it leads to some site entirely unrelated to BoA).
The moral of the story: increase relevancy and work on the language.
Banner Ad Gone Phishing