Suspicious Login Detected
This email below has been confirmed as malicious or fraudulent by the Information Security department. If you have received this phishing email, do not open any attachments or follow the link(s) in the message; simply delete the email.This email is designed to have you access the PDF file in someone’s Google Drive or contact the email address to find out what to do next. This is a scam and the PDF file probably has malicious code.
See the Red Flags listed below for information on why this is not a legitimate email.
Suspicious Email Address: The sender’s email address appears to be from a domain that is not an official Wells Fargo domain.
Urgency in Subject Line: The subject “Suspicious Login Detected – Online Access ID Blocked – Validate Online Access Immediately.pdf” is designed to create a sense of urgency, a common tactic in phishing emails to prompt hasty actions from the recipient.
Shared PDF Document: Phishers often use PDFs or other document types as bait to get recipients to open attachments that may contain malicious links or software. Banks will never share sensitive information over a google document.
Mismatched Information: The email is flagged as originating from Google Drive, but the sender is supposedly representing Wells Fargo.
Generic Heading and Branding: The email does not list the recipients name. Typically all official financial communications will address the recipient by name. Additionally, the branding in the email looks generic. Typically, official communications from a bank will include specific branding and a more professional design layout.
