BleepingComputer.com: Bank of America Sign on goes to invalid screen

When I go to the Bank of America site and click sign on I am taken to a screen that requires various input such as credit card #, SS #, and other personal info. The "lock" does not show on the bottom of the screen but the URL in the address bar says https://sitekey.bankofamerica.com/sas/signon.do.

I've run Malwarebytes, SpyBot, Norton and AVG and nothing is reported.

Any ideas?

are you starting from https://www.bankofamerica.com ?

all of the legit BofA screens that I see have something between the "signon" and the ".do" like: https://sitekey.bankofamerica.com/sas/signonScreen.do etc.
and all show site as secure (locked lock icon)

Yes, I am starting from there.

The page it takes me to is not marked as secure. Also, when I run firebug after clicking on the sign on button on the BoA page, I get a quick message

POST https://www.bankofamerica.com/smallbusiness/trans_data.php 404 Not Found

and then am redirected to the invalid page.

Hi,

I am a Bank of America customer myself, and have NEVER been asked to reveal personal information when logging in, especially not credit card info or social security numbers.

This makes it appear that your computer may be infected. Therefore, I would stongly recommend two things:

1. Until one of the trained Bleeping Computer helpers responds and helps you to disinfect (and perhaps even reformat) your computer, DO NOT type in any of your personal or credit information on your computer. That also means to not type in any passwords, etc. to other financial websites, including Amazon.com, etc., since you don't want to run the risk that a keylogger might be capturing your sensitive info.

2. Also, while waiting for computer help, you should use a separate, known clean computer to monitor your bank account(s), credit card(s), etc. to keep an eye out for any unauthorized transactions.

Best of luck to you.

Agreed,looks like a Rogue Malware has infected your System. Is this XP or another.

We should first try running MBAM.

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.

Download Link 1
Download Link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

• Make sure you are connected to the Internet.
  
• Double-click on mbam-setup.exe to install the application.
  For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  
• When the installation begins, follow the prompts and do not make any changes to default settings.
  
• When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
    
  • Launch Malwarebytes' Anti-Malware
  
  
• Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

• If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  
• If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

• Make sure the "Perform Quick Scan" option is selected.
  
• Then click on the Scan button.
  
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  
• Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

• Click on the Show Results button to see a list of any malware that was found.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When removal is completed, a log report will open in Notepad.
  
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  
• Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware