Capital One customers who have received email or SMS text messages claiming that their accounts have been logged into from different computers with multiple password failures are asked not to click on the links in them. This is because the messages, like the one below, are being sent by cybercriminals to frighten and trick potential victims into clicking on the links in them, which go to phishing websites that steal online account credentials.
A sample of a "Capital One Account Suspension" Phishing Scam
From: Capital One <contratos.individuales@online-register.teenchallenge.cc>
Date: October 22, 2018 at 2:06:49 PM MST
Subject: Check Your information
Dear valued member,
We recently have determined that different computers have logged onto your Account and multiple password failures were present before the logons.
We now need you to re-confirm your account information to us.
If this is not completed by Octobre 22,2018, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes.
To confirm your records :
Thank you
Capital One customers who have received messages claiming that they need to do some activity on their accounts, such always go directly to https://www.capitalone.com/ and sign into their accounts. Once they have signed in, they will be notified of security updates, notifications and other important notifications. So, there is no need to click on a link in an email message, which may go to a phishing or malicious website.
Also, Capital One customers who have already been tricked by the phishing messages, are asked to change their passwords and contact Capital One immediately, before their accounts are hijacked and used fraudulently by cybercriminals.