Cybercriminals are taking another shot at tricking users into exposing their banking information by spamming out the following email to anyone on their mailing lists:
Dear Chase Online® Customer,
Chase Online® security has detected an unusual error on your Online access.
Therefore, we are sending you this e-mail as a security precaution to confirm to you the Inability to accurately verify your account information due to an internal error within our servers.
Due to this, we have sent you an attachment which contains the web page in order to confirm your account information. Download the attachment to your desktop and open the file to Get Started
However, Failure to do so may result in temporary account suspension. Please note that this is a security measure intended to help protect you and your account.
Thanks for your co-operation.
Security Center Advisor
Chase Online® Support Team
Let’s not forget the possibility of the file being booby-trapped with malware as well.
How Do I Know This is a Phishing Email?
According to the Security Center FAQ’s on Chase.com, Chase will NOT:
- Send e-mail that requires you to enter personal information directly into the e-mail.
- Send e-mail threatening to close your account if you do not take the immediate action of providing personal information.
- Send e-mail asking you to reply by sending personal information.
- Share your name with any contacts outside our firm in a manner inconsistent with our Privacy Notice.
Additionally, under the Security Center Tips section, Chase warns that you should never respond or reply to an email, phone call or text message that:
- Requires you to supply personal or account information directly into the e-mail.
- Threatens to close or suspend your account if you do not take immediate action and provide personal or account information.
- Solicits your participation in a survey where you are asked to enter personal or account information.
- States that your account has been compromised or that there has been third-party activity on your account and requests you to enter or confirm your personal or account information.
- States that there are unauthorized charges on your account and requests your personal or account information.
- Asks you to enter your User ID, password or account numbers, PIN or card expiration dates into an e-mail, non-secure webpage or text message.
- Asks you to confirm, verify, or refresh your account, credit card, or billing information.
Ok, This is Obviously a Phishing Email... So What Do I Do?
If you receive a Chase phishing email similar to the one above, it is recommended that you:
- Do NOT reply to the email.
- Do NOT download the file attached and definitely do NOT provide any sensitive information.
- Report the email to Chase by forwarding it to firstname.lastname@example.org. (You will get an automated response from Chase letting you know that they’ve successfully received it.)
- Delete the email immediately.
(Tip: If you feel you’ve been a victim to fraud then I suggest checking out the How to Report Fraud page.)
Thank you to our reader for submitting the Chase phishing email to us!
Stay safe, everyone!
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.