PDA

View Full Version : OT: Phishing scam for CHASE


DannahK
03-16-2006, 03:00 PM
Hi all, in my job, I am the IT Security representitive, and in that capacity I get the... doubious priveledge to warn people of viruses and threats to their Computer Safety and to their Identity as well... That being said...

A phishing scam - which is a ploy to get an unsuspecting person to give critical information regarding themselves or an account - is going around rampant on the internet at this moment. It is in an email form titled Chase - which is a credit card or mortgague company. THIS IS A FALSE EMAIL. Chase would never contact their users with this method, please be aware, and do not open or click on the link contained in the email.

I's just trying to lookout for my fellow knitters!

Jenelle
03-16-2006, 03:03 PM
I've been getting alot of scam's in my junk folder in my email. My mom has been getting them too. It's scary what people can find out about you with your IP address :oo:

DannahK
03-16-2006, 03:05 PM
I could give you horror stories... true tales from a legal hacker... but then you'd have nightmares about ever turning your computer on!

hedgewick
03-16-2006, 03:06 PM
THANK YOU!!! I'm so glad you posted this! My husband is in the same type of work as you so I understand that these things happen all the time. I actually got this email and it is really scary because I can see how someone could easily believe it and answer it. It is especially so for me because we have an Chase credit card so for a minute I thought it was real. This is very serious folks. Be carefull what you respond to.

Jan in CA
03-16-2006, 03:08 PM
I get them all the time including others. Someone must be clicking these to make it worth there time. Ugh.

Jenelle
03-16-2006, 03:15 PM
I could give you horror stories... true tales from a legal hacker... but then you'd have nightmares about ever turning your computer on!

I know quite a few horror stories... Some of them were on the news too. :shock:

ecb
03-16-2006, 08:49 PM
I know people who have worked in BANKS that were conned by these kinds of E-Mails
if you EVER get an E-mail about a problem in your account
and it is a legitimate account you initiated
manually type in the adress
not from the E-Mail, but from the account you initiated yourself
if you actually HAVE a paypalaccount, type in Paypal.com
if you do not, but you do have a CHASE acct, type in Chasefianancial.com or whatever it really is, not the www.fraudprotect.chase.com
the extra . (dot) in the address makes the base server different from the word that you might recognize

they are TRICKY

ecb

HeatherFeather
03-17-2006, 01:59 PM
so that link you supplied IS bogus??? as an example kind of thing???

DannahK
03-17-2006, 03:09 PM
Yes, that is a bogus link, but not all the way true that the link might not take you to a portion of Chase's site...


Small web lesson on links/urls/addresses....

www signifies that it is part of the world wide web and not just hosted off some server somewhere

the content after the www and before the .com/.net/.org etc - such as www.sixrooms.com is the domain (or network space) that the site is on. Now, if you go to http://deek.sixrooms.com - this is a subdomain off the main domain. A way to check if it is a subdomain or an all together different server is to put the items in reverse order... such as http://www.sixrooms.com/deek if that works, then it is on the same space, if it doesn't then it is more than not bogus.

HeatherFeather
03-17-2006, 04:11 PM
good info...and can you belive I had one of those Chase emails in my in box???? geesh....thanks for the heads up...I don't even HAVE an account with them.....that would have been my first clue...

my DH got an email using his email as an ebay name....pure scam...no such account even exsists....

tab
03-17-2006, 05:45 PM
Another tip to watch out for if you're worried you might have a phishing email: Hover your cursor over the link they provide. I've gotten links claiming to point to https://www.paypal.com, but the status bar at the bottom of the page told me that if I clicked the link I was going to go to some crazy .ro website.

tab
03-18-2006, 09:50 AM
Speak of the devil... I got this mail in my spam folder this morning. I don't even have a Skype account. This one was particularly sloppy - I could see all the HTML tags, and it illustrates exactly what I was talking about.
(not to mention the misspellings of "access" and "choice". Official e-mails tend to be thoroughly spell-checked.)



We recently noticed one or more attempts to log in to your Skype


account from a foreign IP address and we have reasons to believe that


your account was hijacked by a third party without your authorization.





If you recently tried to accesse your account while traveling, the unusual log


in attempts may have been initiated by you. However, if you are the


rightful holder of the account, just click on the link below and login using
your most frequently used IP address.


</p>



https://secure.skype.com/store/member/login.html?message=login_required_&_account_hijacked (http://www.bhg-fans.de/musik/images/www.skype.com/)








If you choose to ignore our request, you leave us no choise but to


temporaly suspend your account.





We ask that you allow at least 48 hours for the case to be investigated


and we strongly recommend to verify your account in that time.








Sincerely,


Skype Accounts Department</p>

kitkat
03-19-2006, 09:30 PM
Ok, I got this email today (and I DO have an account with Chase):

Chase Bank OnlineŽ Department Notice


You have received this email because you or someone had used your account from different locations.
For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your banking details.
To help speed up this process, please access the following link so we can complete the verification of
your Chase OnlineŽ Banking Account registration information :
To get started, please click the link below:

https://chaseonline.chase.com/chaseonline/logon/sso_logon.jsp

Please Note:
If we do no receive the appropriate account verification within 48 hours, then we will assume this Chase Bank account is fraudulent and will be suspended. The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community.


Regards,

Chase Bank - Chase OnlineŽ Banking Department

I am assuming that this would be fraudulent?

tab
03-19-2006, 09:58 PM
Most likely. If there really was an important notice regarding your account, they would probably address you by your full name. If you're really concerned, type the link into your address bar yourself instead of clicking it.

HeatherFeather
03-20-2006, 07:38 AM
AND...now that I think about it, call, or send a real letter to you.

Doublereeder2
03-20-2006, 01:03 PM
I got one of those from "Chase" last week and continually get them from Pay Pal and EBay.

Never, never go to those sites and offer you information!!