Impersonations of Wells Fargo phishing emails seem to be on the increase. Received two over the last week on my phone.
The text reads Wellsfargo: We have detected unusual activity regarding your account, follow the link for security reason. https:/bit.ly/XXXXXXX to verify details. login page intentionally obscured here with XXXXXXX.
Using a short URL decoder I found the URL resolved to a phishing site registered on Namecheap. Namecheap seems to be a poplar registrar for these. Namecheap also provides free privacy. The page hosts a phony mobile Wells Fargo login page. The page is fairly well done. Of course, if you look at the URL bar you would immediately know its not a valid Wells Fargo site as it is just a site name and not a homograph /doppelganger. Have you noticed any of these?