"During our usual security enhancement protocol, we observed multiple login attempt error while login in to your online banking account," the email says. "We have believed that someone other than you is trying to access your account for security reasons, we have temporarily suspend your account and your access to online banking and will be restricted if you fail to update."
According to PhishTank, the offered link takes potential victims to a very realistically spoofed Bank of America login page:
The fake webpage was located on http://account.safe.bankofamerica.com.flipthisbod.com/home/sign-in/, but has since been made unavailable. Still, the URL in the email can be easily changed to point to another page, so be careful!
If you aren't sure whether the email is legitimate or not, check your account but do not do it by following the link embedded in the email - type in the correct, legitimate URL in the browser's address bar, or use already set up bookmars.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.