If you click on the link in the e-mail message, you will taken to a phishing website looking exactly like the Chase online website (see image below), and ask to login. If you enter your userid and password, it will be stolen and use to gain access to your account.
The e-mail message contains the following:
- Subject: Chase Online Account Re-activation Phishing Scam
- From address(spoofed): Chase (email@example.com)
- Link to the phishing website: http://lauren-elainedesigns.com/access.php
Here is a copy of the phishing e-mail:
Dear Customer, Chase Online is constantly working to increase security for online banking users.to ensure the integrity of our online payment system, we periodically review accounts. Your account have been placed on hold due possible errors dectected with your code card. Restricted accounts will not be able to receive payments, send payments or withdraw funds. All restricted accounts have their billing information unconfirmed, until updated on file.to initiate the update confirmation process, you are now required to follow the link below and fill in the necessary fields. Kindly click on the link below to continue with the verification process and ensure the security of your account. Account Re-activation Important Notice: You are strictly advised to match your information rightly to avoid service suspension. Thank you for your co-operation. Copyright symbol 2012 JPMorgan Chase & Co.
This is how the phishing website looks at http://lauren-elainedesigns.com/access.php.
Firefox, Opera and Google Chrome currently block this phishing website, but Internet Explorer and Safari have not done so yet.
Please delete this e-mail message and do not click on the link within it. If you were fooled by this phishing scam, please contact Chase immediately.