The email message below: "Thank you for scheduling your online payment," is a fake and contains a malicious attachment disguised as a Chase Bank credit card statement that the recipients of the email message are asked to open. Attempts to open the malicious attachment will result in the recipients' computers getting infected with a virus, spyware, Trojan horse or other malware. So, the recipients of the same email message are advised not to attempt to open the attachment. They should just delete the email message instead.
The Fake Chase Bank Email Message with a Virus
Subject: Thank you for scheduling your online payment
Attachment: payment-4490-obKn.zip
E-mail Security Information.
Dear
Thank you for scheduling your recent credit card payment as an attachment.
Your payment in the amount of 3898.96 will be credited to your credit card account (CREDIT CARD) ending in 4490 on 04/07/2015.
Now that you're making your payment online, are you aware of all the convenient ways you can manage your account online?
See statements - Choose to stop receiving paper statements, and see up to six years of your statements online.
See automatic payments - Set up monthly payments to be made automatically.
Transfer a balance - Transfer a balance to your credit card account.
Go to Personalized Alerts - Schedule Alerts to remind you of key account activity.
You can also see past payments you've made online by logging on to www.chase.com/creditcards and clicking "See/cancel payments" under "I'd like to ..."
If you have questions, please call the Customer Service number on the back of your credit card.
Thanks again for using online payments.
Sincerely,
Cardmember Services
The email message contains the following zip file:
Note: the file name will change
The zip file contains the file: 'payment.zip', which contains the malicious 'payment.exe' that will infect the victims' computers with a virus, Trojan horse, spyware or other malware, if they attempt to open it.
If the recipients' computers have become infected with a malicious Trojan horse, the cybercriminals behind the email message will be able to access and take control of their computers remotely from anywhere around the world. They may spy on them, use their computers to commit cybercrimes, or steal their personal and financial information.
Now, recipients of the email message who have already opened the malicious attachment, are advised do a full scan of thier computers with the antivirus software installed on them. The name of the attachment may change, so be careful when opening email attachments.
If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.
For a list of other virus email messages, please click here.