Scam of the day – September 10, 2016 – A new Chase phishing email

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which  download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Reproduced below is a copy of a new phishing email presently circulating that appears to come from Chase Bank.  DO NOT CLICK ON THE LINK.  Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is pretty good.  It looks legitimate.  However, the email address from which it was sent is that of an individual totally unrelated to Chase and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails.   The grammar and spelling is good, but a minor flaw is the inconsistent capitalization in the phrase, “All Rights reserved.” Also, as so often is the case, the email is not directed to you by name and does not contain your account number in the email.  It carries a legitimate looking Chase logo, but that is easy to counterfeit.

Chase logo

Chase Bank Online® Department Notice:

Your online account has been suspended (Reason: the violation of terms of service).
Update and Restore your online account Now
Log On
Thank you for using Chase Bank.
Member FDIC © 2016 Chase Bank Financial Corporation. All Rights reserved.
TIPS

There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate credit card companies would refer to your specific account number in the email.  They also would specifically direct the email to you by your name.  This email has no salutation whatsoever.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.

Scam of the day – August 25, 2016 – Another Chase phishing email

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work.  Reproduced below is a copy of a new phishing email that is presently circulating that appears to come from Chase bank.  DO NOT CLICK ON THE LINK.  Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond.  As phishing emails go, this one is pretty good.  It looks legitimate.  However, the email address from which it was sent is that of an individual totally unrelated to Chase and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails.   The grammar and spelling is good, but as so often is the case, the email is not directed to you by name and does not contain your account number in the email.  It carries a legitimate looking Chase logo, but that is easy to counterfeit.

Chase logo

Dear Chase OnlineSM Customer,
Please confirm that you or someone authorized to use your account made
the following transaction(s) on your account:

www.Chase.com/validate/account:

Your online account will be fully restored and protected after the verification process.
Thank you for being a valued customer.

Customer Service Center.
JPMorgan Chase & Co ©2016

TIPS

There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate credit card companies would refer to your specific account number in the email.  They also would not use the generic greeting “Dear Chase  OnlineSM Customer,” but would rather specifically direct the email to you by your name.  As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft.  If you receive an email like this and think it may possibly be legitimate, merely call the customer service number on the back of your credit card where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.

 

Scam of the day – October 19, 2013 – New Chase bank email scam

Today’s scam of the day is one that is a commonly occurring scam, however, this one, which comes from my own email box shows how real these scams can appear.  Below is a copy of the exact message with Chase logo that appeared today in an email sent to me.  Even the address from which it came appeared to be legitimate.  It is easy to react too quickly and click on the link as requested, but you should not do so under any circumstances.  This type of scam is called “phishing” and it occurs when you are lured by a counterfeit communication to click on to another site where two things can happen and both of them are bad.  The first is that by clicking on the link you are actually downloading keystroke logging malware that will steal all of your personal information from your computer and make you a victim of identity theft.  The other thing that can happen is that you are taken to a website that appears legitimate even though it is not.  There you are required to provide personal information that is used to make you a victim of identity theft.

TIP

Never click on links in emails unless you are absolutely sure that it is legitimate.  Unfortunately, whenever you get an email, you cannot be sure as to who actually sent the email.  Sometimes it is obvious that it is a phishing scam as where the address of the sender has no relation to the institution that the email purports to be from, but other times, the email address may look legitimate as was the case with this email.  Your best course of action when receiving an email such as this is to call the  real company, in this case Chase directly at a telephone number that you know is accurate in order to confirm whether or not the communication is legitimate.

Here is a copy of the email I received.  Again, DO NOT CLICK ON THE LINK.