Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. Reproduced below is a copy of a new phishing email presently circulating that appears to come from Chase Bank.
Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States. Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is pretty good. It looks legitimate and although it is not reproduced below, it came with a legitimate appearing Chase logo. However, the email address from which it was sent is that of an individual totally unrelated to Chase and is most likely the address of an email account of someone whose email account was hacked and made a part of a botnet of computers used by scammers to send out phishing emails. As so often is the case with these type of phishing emails, it does not contain your account number in the email nor is it personally addressed to the receiver of the email.
Here is a copy of the Chase phishing email presently being circulated.
“Dear Chase OnlineSM:
We’ve sent an important communication to your Secure Message Center,
available on Chase Online or on the Chase Mobile app.
The subject is: We’ve placed a stop payment on the check you sent
Please Proceed now to http://www.chase.com to review this communication in your Secure Message Center
For Your Security, additional information may be Required
Sincerely,
Chase Online Banking Team
Keep track of your account activity and avoid fees with Account Alerts. To get
started, sign in to chase.com or the Chase Mobile® app.
E-mail Security Information
E-mail intended for: Chase Checking account
If you would like to learn more about e-mail security or want to report suspicious e-mail, click here.
Note: If you are concerned about clicking links in this e-mail, the Chase Online services mentioned above can be accessed by typing chase.com directly into your browser.
ABOUT THIS MESSAGE: This message provides updates and information for your Chase account. To reply or contact us, go to chase.com. Please don’t reply to this message.
Chase Privacy Operations, PO Box 659752, San Antonio, Texas 78265-9752. Chase Privacy Notice
Chase Online and Chase Mobile are registered trademarks of JPMorgan Chase
JPMorgan Chase Bank, N.A. Member FDIC
© 2018 JPMorgan Chase & Co.”
TIPS
There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate companies would refer to your specific account number in the email. They also would direct the email to you by name rather than directing it to “Dear User.” As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.
If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number.
