This email hit a little too close to home today. It arrived in a mailbox days after a new account was created at Comerica. Oddly enough, the Comerica application asked for an email address for online banking info, and the employee mentioned that notification would be coming as soon as the account was set up.
Checking the link, it was found that the domain that it pointed to was created 2 days ago, and it wasn’t Comerica. Furthermore, it was in Nova Scotia. The domain is gf6fe.com. You can find a write up about the phishing email here here
Subject: Comerica Bank – Protect your account.
Client authentication using digital certificates in COMERICA BANK(r)
Dear Customer,
Comerica.com site has requested that you identify yourself with a certificate. The next step in the transformation of Comerica Online is Digital Certificate (DC) access.
This DC will allow you to access Comerica Bank and other online services through a single sign-on.
All users will be notified and transitioned to the new URL between April 2008 and October 2008.
Please register your DC account and use our services safely.
Continue>> (I removed the link)
2008 Comerica Bank. All rights reserved.