A large scale phishing scam is underway that pretends to be a security notice from Chase stating that fraudulent activity has been detected and caused the recipient’s account to be blocked.
Today, numerous people have told BleepingComputer that they received the same fake Chase “Security Notice” scam attempting to steal their banking credentials. One recipient said they fell for the scam after their card was denied in a purchase online and thought the email was a legitimate Chase fraud alert.
These phishing emails state that the recipient’s Chase account was blocked after suspicious activity was detected.
“Recently, there’s been activities in your account that seems unusual compared to your normal account activities, so we’ve taken security steps by blocking access to your account until you validate your information adequately.”
To “unlock” the account, the recipients are prompted to click on the ‘Restore Now’ button in the email, as shown below.
Also Read: How To Prevent WhatsApp Hack: 7 Best Practices
When the ‘Restore Now’ button is clicked, the recipient will be brought to a page asking them to log in to their Chase account. If they enter their login information, it will be sent to the attackers, who will then have access to the account.
The phishing page will further prompt the user to enter additional information about themselves to verify that they are the account owner. This additional information includes their first and last name, date of birth, Social Security Number, address, and phone number.
If a threat actor gets access to this information, they could use it to perform identity theft, gain access to other accounts, or send further targeted phishing emails.
It is important to remember that Chase fraud alerts never prompt you to enter any information or your login credentials. Instead, the legitimate emails only require you to confirm if a transaction was legitimate by clicking a button in the email.
If you are a Chase customer and receive an email asking you to login or enter sensitive information, immediately delete the email and call customer service to confirm if they contacted you.
Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.
