X

Phishers take advantage of Wells Fargo's woes

Phishing sites are looking to take advantage of last weekend's outage of services at Wells Fargo.

Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
Robert Vamosi
2 min read

Although they look similiar, the fraudulent site above uses a URL that isn't SSL-protected (note the white address bar), nor is it from the Wells Fargo top-level domain (note the numbers in the URL). The fraudulent site also uses an older version of the Wells Fargo log-in page.

Sites monitoring phishing activity are today reporting an increase in Wells Fargo phishing sites as thieves looking to take advantage of an outage over the weekend have started sending out e-mail pretending to be from the San Francisco-based institution.

On Sunday Wells Fargo experienced an outage of its ATM and online banking services. The problem, which also affected back-end systems for the bank's mortgage, equity and student loans, had been resolved as of Tuesday afternoon. Because the bank needed to use backup records, individual account balances might not up be up to date for a few more days. Through the media, the bank has apologized for any inconvenience. However, phishers have wasted no time in sending out their own e-mails, pretending to be from Well Fargo.

The legitimate Wells Fargo site is SSL-protected (note the yellow address bar), uses the Wells Fargo top-level domain, and features the latest log-in page design.

Banks typically do not send e-mail to their customers; that should be your first warning sign. In one e-mail that begins "Dear Wells Fargo customer ...," users are invited to link to a fraudulent Wells Fargo phishing site in order to update account information. The site, still active on Wednesday afternoon, looked similar to the legitimate Wells Fargo site; however the phishing site did not use the latest page redesign, nor was the URL secure through Secure Sockets Layer (SSL) encryption, nor did it mention Wells Fargo within its top-level domain. When compared side-by-side with the legitimate site, the differences (especially within the address bars) should be obvious.

When accessing your online bank accounts, use a previously bookmarked URL or type in the address yourself. Once on the banking site, make sure the address bar shows a SSL connection (usually the address bar will be a different color and display a tiny paddle lock) before typing in a user ID or password. Also, the latest versions of Firefox 2 and Internet Explorer 7 include built-in antiphishing tools to block fraudulent sites, but these tools must be enabled first.