Chase is a popular target for this type of phishing email because it is one of the largest banks in the United States. Like so many phishing emails, this one attempts to lure you into responding by making you think there is an emergency to which you must respond. As phishing emails go, this one is not terribly convincing. It was sent from an email address that had absolutely no connection to Chase and most likely was from an email account that was hacked and made a part of a botnet used to send out this type of scam. It does contain a Chase logo, however, the logo is easy to counterfeit. I have disabled the link which was found where the email indicates “Sign on here,” but if you hovered your mouse over the link before it was disabled, you would have seen that the address to which it would have sent you has no relation to Chase. As so often is the case with these type of phishing emails, it does not contain your account number in the email nor is it personally addressed to the receiver of the email, but merely uses your email address.
Here is a copy of the Chase phishing email presently being circulated
Dear Customer, Recently, we notice your online details have been compromised, for your protection your account has been restricted pending the time of this verification. Failure to do this might lead to suspension of your account. To verify your account Sign on here.
Sincerely, Online Security Team
© 2020/2021 Chase Bank
There are a number of indications that this is not a legitimate email from Chase, but instead is a phishing email. Most notably, the email address from which this phishing email was sent has no relation to Chase. Most likely it is part of a botnet of infected zombie computers used by scammers to send out such phishing emails.
As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony website where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.
If you receive an email like this and think it may possibly be legitimate, merely call the customer service number where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of the legitimate numbers for financial companies, such as Chase to trap you if you make a mistake in dialing the real number. Alternatively you can go to http://www.chase.com to check on your account.
For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the http://www.scamicide.com website and click on the tab at the top of the page that indicates “Coronavirus Scams.” Scamicide has been cited by the New York Times as one of three top sources for information about Coronavirus related scams.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/