This is a phishing attempt first reported to CSULB ITS on March 2, 2015.
From: Wells Fargo Online [mailto:firstname.lastname@example.org]
Sent: Friday, February 27, 2015 4:37 PM
Subject: Unauthorized activity on your online account
Email informs recipient that Wells Fargo has detected unsuccessfully login attempts were made on their account and instructs the recipient to open an attachment to begin the process of verifying their account.
Intent of the Email
The sender is attempting to obtain Wells Fargo account credentials for their own malicious purposes. By using a file attachment, the phisher may also be attempting to load malware or spyware on recipient's computer.
Figure 1: Screenshot of the phishing email