"Capital Your Billing Information Change Notification" Phishing Scam

Comments: 1
Views: 77
Updated: Sep 18, 2017 2017-09-18T09:46:01
Date: Sep 18, 2017 2017-09-18T09:27:46
Save
Online Threat Alerts (OTA)

Capital One customers who have received email or SMS text messages like the one below, which claim their billing records have been updated and they are required to validate their accounts, or else their accounts will be terminated, should delete the messages. They should also not follow the instructions in the messages. This is because the messages are being sent by cyber criminals to frighten and trick potential victims into clicking on the links in them, which go to phishing websites that steal Capital One online account credentials.

The "Capital Your Billing Information Change Notification" Phishing Scam

From: Capital One

Sent: Saturday, September 16, 2017 7:35 PM

To: Recipients

Subject: Your Billing Information Change Notification

Dear Customer,

It has come to our attention that your Billing Information records are recently changed. That requires you to verify your Billing Information. Failure to validate your billing information may result to account termination.

To verify your billing information, Please Download Attachment and open in a browser to Continue. We value your privacy and your preferences...

Failure to abide by these instructions may subject you to Capital One account restrictions or inactivity.

Thanks,

Capital One Customer Support

Capital One customers who have received messages claiming that they need to do some activity on their accounts, such always go directly to https://www.capitalone.com/ and sign into their accounts. Once they have signed in, they will be notified of security updates, notifications and other important notifications. So, there is no need to click on a link in an email message, which may go to phishing or malicious website.

Also, Capital One customers who have already been tricked by the phishing messages, are asked to change their passwords and contact Capital One immediately, before their accounts are hijacked and used fraudulently by cyber criminals.

Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search

engine.

Click here help maintain Online Threat Alerts (OTA).

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Would you share this article with others? +

Yes (0)
No (0)

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

October 10, 2017 at 3:36 PM by an anonymous user from: Seaford, Delaware, United States
Got this email today(10-10-2017):
Luckily, I know HTML code and opened the attachment in a text editor to view the source code.
Hovering over what appears to be the sender will return a valid Capital One domain and email.
VERY convincing as the webpage attachment loads images to Capital One and even has links to valid Capital One webpages.
It does have a nasty javascript and the page will ask you to enter information that the person that will receive what you enter, to have access to your account.
All the questions asked have very simple responses that you almost can't get wrong.
It asks your mother's maiden name and any answer over 3 characters will result in you not being told you're wrong.
Eventually, you have the feeling you are on a legit page for Capital One and then you have to enter information you would NEVER give out freely.
It's a confidence game, and you feel like it is Capital One asking the questions, but it's not.
Delete the email or as Captial One suggests, forward the email to:
abuse@capitalone.com
remove

Show More Comments (0)

Show all Comments

Write Your Comment, Question, Answer, or Review

NB: We will use your IP address to display your approximate location to other users.

Enter comment, review or question.

Your post will be set as an anonymous because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.