Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. Reproduced below is a copy of a new phishing email presently circulating that appears to come from Chase Bank. This was sent to me by a regular Scamicide reader.
Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States. Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is pretty good. It looks legitimate and the version appearing in your email comes with a legitimate appearing Chase logo. As so often is the case with these type of phishing emails, it does not contain your account number in the email nor is it personally addressed to the receiver of the email. Another indication that this is a scam is that the name Chase is not capitalized in the first sentence. This particular phishing email tries to lure you into clicking on a link where in the second paragraph, it states, “sign in.” If you hover over the link, you would find that the address it is sending you to has nothing to do with Chase, but is merely a phony website intended to trick you into providing your username and password. For security reasons I have removed the link and just replaced it with the words “sign in.”
Here is a copy of the Chase phishing email presently being circulated.
In an effort to safeguard your information, chase helps to actively protect and monitor your account in multiple ways. Our monitoring systems detect that your profile or your identity may have been compromised.
Please sign in to verify your account, and update your personal information to prevent an interruption with your online account.
We are constantly developing new security features so that you can be a member of a more secure world.
Please do not reply directly to this automatically generated e-email.
@ 2020 Chase
Online Service Team
There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Legitimate companies would refer to your specific account number in the email. As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony website where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.
If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number. Alternatively you can go to http://www.chase.com to check on your account.
For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.” Scamicide’s list of Coronavirus was recently featured in the New York Times.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”