Phishing Scam Alert: “Information from Comerica Bank customer service team”

comerica-phishing-email

I just got the following email with the subject line: “Information from Comerica Bank customer service team [message id: 0715063392]” from “Comerica Bank” which, for me, was obviously a phishing scam. I wanted to quickly document what I found to alert others.

comerica_phishing_email

While the English of this email message is not as bad as other phishing scams that I have seen, it does raise some red flags. However, it is also without any type of formatting (typically, banks have an email template). Also, banks normally don’t send out this type of information email. The email header shows that the sender was “Hotmail” which is a sign of a phishing scam. If you ever get an alert like this, it is better NOT to click the link and instead, go directly to the site by manually typing in the URL.

This is part of the URL that shows up. Note the main domain is: “jfliil.net”!

comerica_phishing_URL

I clicked through the URL just to see if FireFox was blocking it yet. When I started this post, Firefox was not picking it up. It is now. Norton Confidential IS picking it up! The Netcraft Toolbar did detect it as well. (This toolbar is GREAT in that it detects Phishing scams as well as can give you insight into the true host of a website.)

comerica_phishing_norton

This is what the Phishing site looks like:

comerica_phishing

This is what the Actual Comerica Business Connect site looks like:

comerica_actual_site

They are incredibly alike! Note, the actual site contains additional assistance links.

I continued filling out the form with dummy date and was presented with a variety of other forms as I went.

comerica_phishing_form2

You are asked for additional customer information and passwords.

comerica_phishing_form3

You are asked to re-input your Token Code.

comerica_phishing_form4

Lastly, you are asked to fill out a bunch of other personal information.

This, to me, seems like a pretty well thought out Phishing scam. I don’t know if it actually tries to validate your information against the actual site.

Quick Tips to avoid Phishing Scams:

  • Don’t click on links in emails that seem odd
  • Use some kind of browser that detects Phishing sites. Most of the latest ones do.
  • Be sure you have a robust Security Suite (I like Kaspersky Internet Security for the PC, and Norton Internet Security for the Mac)
  • If you need to access a financial institution’s website, go to it manually

HTD Says: Stay safe when you browse, read email and click links. Use only trusted sources and be educated!

4 Responses

  1. I didn't report it but there are a variety of sites that can. Note
    that while I was writing the article, it did start showing up on anti-
    phishing scanners.

  2. I didn't report it but there are a variety of sites that can. Note
    that while I was writing the article, it did start showing up on anti-
    phishing scanners.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Other articles of interest

Global Product Review Disclosure

Disclosure: This is a global disclosure for product review articles on HighTechDad. It does not apply to Automobile reviews and there are other exceptions. Therefore, it may or may not be applicable to this particular article. I may have a material connection because I may have received a sample of a product for consideration in preparing to review the product and write this or other content. I was/am not expected to return the item after my review period. All opinions within this and other articles are my own and are typically not subject to the editorial review from any 3rd party. Also, some of the links in the post above may be “affiliate” or “advertising” links. These may be automatically created or placed by me manually. This means if you click on the link and purchase the item (sometimes but not necessarily the product or service being reviewed), I will receive a small affiliate or advertising commission. More information can be found on my About page.

About HighTechDad

Michael Sheehan (“HighTechDad”) is an avid technologist, writer, journalist, content marketer, blogger, tech influencer, social media pundit, loving husband and father of 3 beautiful girls living in the San Francisco Bay Area. This site covers technology, consumer electronics, Parent Tech, SmartHomes, cloud computing, gadgets, software, hardware, parenting “hacks,” and other tips & tricks.

Recent Articles

Explore Categories