This is a phishing attempt first reported to CSULB ITS on February 11, 2015.
From: Bank of America [mailto:firstname.lastname@example.org]
Sent: Wednesday, February 11, 2015 12:53 AM
Subject: Recent suspicious activity on your online account
Email informs recipient that their Bank of America account experienced failed login attempts. It instructs the recipient to open an attachment to update their profile.
Intent of the Email
The sender is attempting to obtain Bank of America account credentials for their own malicious purposes. By using a file attachment, the phisher may also be attempting to load malware or spyware on recipient's computer.
Figure 1: Screenshot of the phishing email