Bank Phishing

Add Comment

Today I received and email from what appeared to be J.P. Morgan Chase which if you don’t know is a very well known bank. The email looked official and actually would lead you to believe that it came from Chase.

Have a look at a screenshot of the email (click to enlarge):

Chase Phishing Email

Looks pretty good except for the fact that there is a couple of spelling mistakes like Complate instead of Complete, and why is the C capitalized anyway? The sentence under “Please Note:” If we do no??? Shouldn’t that be NOT???

Well anyway to make a long story short THIS IS A BOGUS FRAUD PHISHING EMAIL!!! Simple as that…

If you click the link that they ask you to you are taken to a login screen that looks just like the official Chase screen, however you can use anything to login. I personally used two bad words for the username and password and amazingly I was allowed access to update my information.

Here is a screenshot of that (click to enlarge):

Chase Phishing Update Screen

Can you believe, I was able to login with two bad words and then I get this screen that is requiring all my information including card number, social security and even my account number. If I just logged in why do I have to enter all that information? Shouldn’t Chase already know me? Well the answer is YES Chase would already know me and they would not ask for all that info.

This my internet friends is a classic Phishing scheme that is trying to collect your info to use for identity theft or worse. I have already forwarded this email to the Chase security department but who knows how many other people have received this email and actually entered in their private information.

Chase has information on their site as well to combat Phishing and Identity theft. You can see other examples of Phishing emails on the Chase website here. Lastly from the Chase website:

It’s not our practice to:

  • Send e-mail that requires you to enter personal information directly into the e-mail
  • Send e-mail threatening to close your account if you do not take the immediate action of providing personal information
  • Send e-mail asking you to reply by sending personal information
  • Share your name with any contacts outside our firm in a manner inconsistent with our Privacy Policy

I am just so fed up with all the SPAM and Phishing emails I receive daily that I just had to rant here. If I can help one person to not open an email like this I will be happy. Remember this is not only confined to Chase all other banks and credit card companies are hit with Phishing schemes all the time. Be very cautious of any emails claiming to be a bank and require you to enter any private information. If you have already entered your information call your bank as soon as possible so they can freeze your account. Remember that if someone gets a hold of your bank information and clears out your account it will be very hard to recoupe your money, this goes for debit cards too. If you use a debit card and someone swipes the information from it you might never get your money back or it could take a long time of bank and forth arguing with your bank. Credit cards (atleast in New York) do not have the same risk as your liability is limited to $50.00 once your report fraud.

Once again, I hope this will be useful information to someone reading my blog and if it has saved one person from the headaches that can occur after a successful phishing scheme than I will be happy.

~ Phil

( If you are reading this anywhere but my blog, you can find the original post here. )