Chase Online Banking Phishing Scams

PLEASE NOTE: JPMorgan Chase & Co. is not responsible for these e-mail scams. Organisations and individuals, pretending to be JPMorgan Chase & Co., initiate them. All trademarks and related logos are either trademarks or registered trademarks of their respective owners, or their licensors. Cyber Top Cops is in no way affiliated with JPMorgan Chase & Co.. The "Received From" e-mail address mentioned for each e-mail on this page, is a spoofed e-mail address and is not the true origin of the scam e-mail.

Date: 11 October 2007
Received from "service@chaseonline.com" <service@chaseonline.com>
Subject: Update Your Chase.com Account Information.
To: undisclosed-recipients

Chase.com | Privacy Policy

		Dear member, You have received this email because we have strong reason to believe that your chase account had been recently compromised. In order to prevent any fraudulent activity from occurring we are required to open an investigation into this matter. If your account informations are not updated within the next 72 hours, then we will assume this account is fraudulent and will be suspended. We apologize for this inconvenience, but the purpose of this verification is to ensure that your chase account has not been fraudulently used and to combat fraud. Please login into your Chase Online account and complete verification process We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter. Note: Chase will never ask your ATM pin number. Regards, Chase Online Personal Banking.
		JPMorgan | JPMorgan Chase

Date: 16 September 2007
Received from Chase <alert@account-updates.com>
Subject: Your Account Was Hijacked

Dear Chase valued customer, We recently noticed one or more attempts to log in your Chase account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization. If you recently accessed your account while traveling, the log in attempts may have initiated by you. However if you are the rightful holder of the account, click on the link below and submit, as we try to verify your account. Log on to Chase Internet Banking and fill in the required informations. This is required for us to continue to offer you a safe and risk free environment. The log in attempt was made from: IP address: 89.30.50.107 ISP host: 89.30.50.107.drmnet.org If you choose to ignore our request, you leave us no choice but to temporally suspend your account. We ask that you allow at least 48hrs for the case to be investigated and we strongly recommend not making any changes to your account in that time. * Please do not respond to this email as your reply will not be received. Thank you for your patience as we work together to protect your account.

Copyright © 2007 JPMorgan Chase & Co. All rights reserved.

The scammers who compiled this e-mail, clearly did not know what they were doing. First of all, what was supposed to be a spoofed chase.com e-mail address, ended up as a spoofed account-updates.com e-mail address. Secondly, the subject line is enough to give any Chase customer a heart attack, do you really think Chase will send e-mails like this to their clients? Finally read the following line again:

"...we have reasons to believe that your account was hijacked by a third party without your authorization"

Can you see how absurd this is? Since when do people authorise a third party to hijack their bank accounts?

"However if you are the rightful holder..."

This is just as absurd as the previous line. Which bank will send someone an e-mail, if they are not even sure whether this intended recipient is the rightful account holder or not? Only a bank run by dumb phishing scammers will do things like this.