Bank of America Online Customers in Tennessee Are First in the Country to Get New Service to Protect Accounts and Identify Fraudulent Web Sites

Bank of America, which has the most online banking customers in the
country, is the first major financial services company to provide this added
level of security . So
even if a customer's ID and passcode have been stolen through spyware
or a phony Web site, the thief still would have to answer a challenge
question to get access to the account . In the summer of 2004, The Customer Respect Group ranked Bank of America
No.

Business Editors /Technology Editors

TORONTO----

Cost-Effective Solution Provides Banks of All Sizes with Best
Practices to Combat Phishing and Prevent Online Identity Theft

Brandimensions Inc. In addition, customers have the option to
subscribe to Brandimensions' full-service, subscription -based phishing
attack management service, which is akin to an insurance policy.

tackling comptroller

StrikePhish is based upon best practices from Brandimensions' work
with global financial institutions and law enforcement and delivers a
turnkey solution that smaller institutions can employ to protect their
brand equity and customer base. Over the past four months, we have
noticed a dramatic increase in the number of phishing attacks moving
downstream targeting smaller regional financial and banking
institutions ," said Bradley Silver, COO of Brandimensions Inc.

arises phishing

SiteKey is the newest way to use online banking to help prevent identity
theft and fraud.
Brandimensions' StrikePhish service now ensures that banks of all
sizes have an effective strategy in place to identify, shut down, and
minimize the risks associated with online identity theft from emails
and Web sites that mimic legitimate businesses . Combined with its sophisticated online market sentiment
analytics offering, Brandimensions offers the only truly integrated
brand equity management and protection program on the market.

phishing fraudulently

Bank of America offers a guarantee that protects customers
against unauthorized transactions., called Bank of America "the clear leader"
in the rate of adoption of online bill payment and the leader of the industry
based on overall number of active online customers.

'

eliminator distrust

4 million people who pay bills online. comScore Networks, Inc.
"Large banking institutions have made significant strides to
mitigate the effects of phishing.

About Brandimensions Inc.

bbb eliminator

This
capability targets a fraud called spoofing , and will help ensure
customers are not fooled by fake versions of bankofamerica.

netcraft trustworthy

Bank launches industry-leading online security features to help prevent fraud
and identity theft

CHARLOTTE, N.com/cgi-bin/prnh/20050526/CLTH009)
Tennessee customers are the first in the country to get the new service,
called SiteKey(TM), which is free. Install protection such as firewalls, anti-
virus software and anti-spyware software. Consumers who get the request through e-mail should
open a new browser window and type in the referenced Web address rather
than clicking on links provided within the e-mail. Brandimensions'
offering leverages a unique approach, combining phishing detection
technology with human intervention to shut down attacks , providing
customers with the most cost-effective solution and the industry's
fastest response times.
On the Internet, phishing (sometimes called carding or brand
spoofing) is a scam where perpetrators send what appear to be genuine
e-mails from legitimate financial services companies to unsuspecting
consumers in an effort to "phish" for personal and financial
information.
Billed on a per-attack basis, customers receive forensic information
on the attack including log files, trace routes and Web page
snapshots. For example, the company recently worked with a
regional mid-Western bank that was a new phishing target.
Additional features of the Brandimensions StrikePhish Service
offering include:

Technology analysis and review of suspected email and Web site
for confirmation prior to alert or acceptance of incident for
management;

Monthly reporting and delivery of forensics for law
enforcement, analysis and prosecution;

Relationships with ISPs worldwide for expediting the closing
of fraudulent sites; and

In-depth analysis of each attack to determine scope and
effectiveness, including potentially determining victim
identities.

dubious fraudulently

When customers log in to Online
Banking at http://www.

- Confirm the validity of all requests for sensitive personal, financial
or account information , particularly if they are made with an urgent or
threatening tone.S.

practicable dubious

- Protect accounts.bankofamerica.com.

contacted tackling

"It's a free way to increase your online security, and
it's easy because you don't need extra hardware or other equipment.
Here are more steps consumers can take to prevent fraud:

- Use safe computer behavior.com, has received widespread
recognition.com among the leaders in experience for
customers and prospective customers. Brandimensions also continuously monitors
every phishing site that is shut down to ensure it does not re-launch,
preventing further attacks.

geotrust trustworthy

"SiteKey helps you know it's us and we know it's you," said Sanjay Gupta ,
e-Commerce executive. Notify banks and
credit agencies immediately of any unauthorized transactions. 1 among business and
finance sites, according to comScore Media Metrix.

distrust dubious

The customer and
the bank can pass that information securely back and forth to confirm each
other's identity . Before the customer and the bank agree to open the box together, they
confirm each other's identity . Customers also can receive bills, pay bills, as well as view
checks and statements online -- eliminating risks associated with sending
items through the mail.

About Online Banking
Bank of America is a leading provider of online financial services, and
its online site, http://www.-based Internet
properties in terms of unique visitors monthly, and No. 1 among commercial banks for the way it treats customers online, and
Vividence ranked bankofamerica.

outputs tackling

- Do not share your IDs, passcodes or ATM passwords with anyone., an international leader in the online brand
protection and market intelligence industries, today announced the
release of StrikePhish, a new phishing attack management service
designed to help small and mid-sized financial institutions address
potential online identity theft concerns. With
this option, while the frequencies of attacks may increase, the
subscription cost of Brandimensions' services does not change.

019 toolbar

masquerading bbb

Someone trying to access an account from an
unrecognized computer must answer a challenge question correctly. 1 online banking site, with more than 13.
Brandimensions' extensive experience with global banks proves that
technology alone is not sufficient to mitigate the risks associated
with phishing.

arises toolbar

The service was announced in May and is being rolled out
across the country throughout the year. Don't download materials from unknown senders. Bank of America ranked No.
While global financial institutions have been working to address
the issue and educate consumers, phishers are getting smarter and
finding new targets that may be more vulnerable to attacks. The bank
initially had pulled company resources away from other projects to
address the attack, but Brandimensions was able to shut down the
attack within minutes and free up those company resources.
Brandimensions' unique brand equity management programs serves an
impressive list of Fortune 500 companies in the automotive, financial
services , entertainment, consumer packaged goods, retail,
telecommunications and pharmaceutical industries .

comptroller contacted

, Bank of America customers in
Tennessee have a new way to help prevent fraud and identity theft with the
launch of an industry-leading protection service they received this week with
their Online Banking. The image,
personal message and challenge questions work together to help:

- Confirm the Web site's validity.

The term phishing arises from the use of increasingly sophisticated lures to 'fish' for users' financial information and passwords.

eliminator trustworthy

Customers who use online banking can detect fraud earlier by reviewing
their account activity regularly, rather than waiting for a monthly statement
in the mail. In the spring of 2005, the site was ranked among the Forbes Best of the
Web.

Incorporated in 2000, Brandimensions offers a sophisticated
real-time solution to analyze, manage and protect a company's
intellectual property, trademarks, identity and customers on the
Internet.

contacted eliminator

bankofamerica.com, they can click on the SiteKey
button to see their secret image and phrase. 1 in the Single-Owner Home-Operated (SOHO)/Micro
category.

characterised authenticate

C.
(Photo: http: //www.

- Monitor accounts, credit reports and credit scores. The Gomez Scorecard ranked the Small
Business Web site No.

Brandimensions Launches StrikePhish an Identity Theft Management Service for Small and Mid-Sized Financial Institutions

netcraft arises

Using SiteKey is like getting a safe deposit box that takes two keys to
open.

Bank of America is the No.
1 in Javelin Strategy + Research's Identity Fraud Safety Scorecard in November
2004. Brandimensions' StrikePhish service quickly eliminates
the spoofed phishing web page, thereby minimizing the cost in damages
that can be inflicted upon the organization and protecting the
unsuspecting consumer from identity theft by disabling their access to
the page.

geotrust masquerading

If the image and phrase
don't appear, the customer could be at a fraudulent site.com. Sign up
for Verified by Visa, which allows consumers to pick a password that is
necessary for online purchases with a credit card and Check Card.

"If
these attacks are not addressed immediately, it can affect a company's
revenue stream, brand equity and relationships with their customers. In order to shut down each phishing scam, Brandimensions
follows the actual IP address of the attack and shuts them down
immediately using leading technology combined with Brandimensions'
team expertise and partnerships with law enforcement organizations and
Internet Service Providers.

practicable toolbar

"
Signing up for SiteKey takes just a few minutes and is free .2
million subscribers and 6.
Brandimensions' StrikePhish is a cost-effective preventative solution
that enables small banks to leverage leading technology and industry
expertise to reach levels of management effectiveness achieved by
larger financial institutions."
Using StrikePhish customers send potential attacks to a dedicated
Brandimensions' phishing team that analyzes and shuts down the attack.

characterised netcraft

Keep the protection and
browsers updated. Use
unique passwords that are hard to guess and change them often.

- Take advantage of free bank services, such as direct deposit.bankofamerica. The site is among the top 35 of all U.
As a result, banks of all sizes need to have a strategy in place to
deal with phishing and identity theft before it occurs.

blacklist geotrust

newscom . Customers pick one of thousands of images,
write a brief phrase and select three challenge questions .
For more information about safety and security, go
to http://www.

Wikipedia defines phishing as 'a form of social engineering, characterised by attempts to fraudulently acquire sensitive information , such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message.