For Gold, Peace, and Freedom


Suspicious Spam Email Targets Regions Bank Customers

May 10th, 2007

spam-scam.jpgThis morning I have received a Spam email pretending to originate from Regions Bank. As a public service, I want to relay this information to any readers of this site who may be current customers because I have examined the text and determined that it is almost certainly a phishing scam.

The subject line of the email reads:

Regions Bank corporate customer cervice: urgent security notice! (message id: w32732174227357)

Note that the spammer cannot spell the word “service” correctly. This should be your first clue that this email may not be entirely legitimate! Here is the actual text:

Dear business client of Regions Bank:

The Regions Customer Service requests you to complete the Regions InterAct Confirmation Form.

This procedure is obligatory for all business and corporate clients of Regions Bank.

Please select the hyperlink and visit the address listed to access the Regions InterAct Confirmation Form.

[spammer’s link here]

Again, thank you for choosing Regions Bank for your business needs. We look forward to working with you.

***** Please do not respond to this email *****

This mail is generated by an automated service.
Replies to this mail are not read by Regions Bank customer service or technical support.

The link text contained words like “interactsession”, “server”, and “form”, along with some numbers. Interestingly, upon mouseover the hyperlink returns an additional “blednr.cn” extension on the end of the regions.com domain that is NOT displayed in the visible text of the link. The .cn extension is recognizable as the code for China, a country of origin that is notorious for various types of cheating and Internet fraud (apologies to any Chinese readers out there; Karlonia realizes that you’re not all scammers or spammers). This is another important clue that indicates a potentially fraudulent email.

Note that you should not actually click on the link. All you need to do is move your mouse over it and look at the text that appears in your browser bar (this is usually located at the bottom of your screen). If the link text and the browser bar text do not match, and especially if there are intentional misspellings in the root domain (for example, “e-qold” or “e-goid” instead of the proper spelling for e-gold), you should be alerted to a possible scam and should always avoid actually clicking on such a link. In some cases, doing so could result in a virus or Trojan being downloaded onto your computer, and this could have unfavorable consequences for you later.

If you have received a suspicious email such as the one detailed in this article and wish to report it, you can do so through the Email Fraud page at Regions.com. Meanwhile, if you are concerned that you may have been infected by a virus or other malicious program as a result of this kind of scam, you can use a software tool such as Malware RemovalBot to scan for any nasties and remove them for added peace of mind.

Post Your Comments, Opinions, or Suggestions Here:


Email (optional)

Website (optional)