Phishing Attack "Important notification ID23488577" (August 27, 2013)

We have received at least one report so far this afternoon of the following phishing attack purporting to be from Wells Fargo:

 

 

The destination address of the "Sign On to Wells Fargo Online" was reporting a 403: Forbidden error when I tried to access. This could mean that the site has already been notified and revoked access to the directory while remediation occurs or it could simply mean the compromise still exists but is dormant in hopes that security professionals overlook the threat assuming the page is down. I advise caution to anyone who receives the message. Since I cannot investigate the final destination, I can not clarify if the site is hosting a form to phish credentials, whether it hosts malware, or a combination of both. 

 

If you have additional questions or if you've successfully accessed the site, please contact the OIT Service Desk at 919.684.2200