Today's phishing e-mail targeted Wells Fargo customers.

This one gets a minus for not having any compelling stick or carrot.  I mean what is so compelling about viewing a bank account?  It also gets a minus for using a personal e-mail address as sender and rarely used e-mail address as destination.  Smarter crooks are more careful about what to put in the From field.

It seems that phishing crooks are also not shy about wasting target site's resources.  Not only are all the graphics pulled from the legit Wells Fargo site, but some of them are pulled using HTTPS.  Yikes.

Why am I posting these screenshots?  I am doing so because I believe they make more emotional impact than waving some figures.